8/6/2019 web_sec_mgmt_ds

1/5

Scurity brachs causd by malwar intrusions hav mad oranizations worldwid into

inadvrtnt nwsmakrs. Companis ar also xposd to complianc and productivity risks

associatd with inappropriat wb usa. To protct thmslvs aainst intrnal and xtrnal

thrats that affct th bottom-lin, oranizations invst in th industrys ladin wb scurityapplianc. Cisco IronPort S-Sris wb scurity appliancs nforc accptabl us and

scurity policis to rduc non-complianc and rulatory risk and protct aainst wb-basd

malwar.

To handl ntwork complxity and hih trafc volums, oranizations typically dploy multipl

Cisco IronPort S-Sris appliancs. This crats a critical nd to cntrally mana policis and

provid consolidatd rportin data. Cisco IronPort M-Sris scurity manamnt appliancs

provid a platform to cntrally mana policis for multipl Cisco IronPort wb scurity appli-

ancs. Additionally, rportin capabilitis on th Cisco IronPort S-Sris provid insiht into

th oranization. For furthr analysis, Sawmill for Cisco IronPort wb scurity a customizdthird-party analytics tool allows oranizations to cntrally analyz and monitor malwar thrats

and wb usa. Ths manamnt faturs nabl oranizations to prform complx tasks

intuitivly and xtract th most valu out of thir wb scurity invstmnt.

C o m p l e t e v i s i b i l i t y a n d C o n t r o l

a C r o s s t h e e n t i r e o r g a n i z at i o n

Cisco IronPort mail and wb scurity products ar

hih-prformanc, asy-to-us and tchnically-innovativ

solutions, dsind to scur oranizations of all sizs.

Purpos built for scurity and dployd at th atway to

protct th worlds most important ntworks, ths products

nabl a powrful primtr dfns.

Lvrain th Cisco Scurity Intllinc Oprations cn-

tr and lobal thrat corrlation maks th Cisco IronPort

lin of appliancs smartr and fastr. This advancd tch-

noloy nabls oranizations to improv thir scurity and

transparntly protct usrs from th latst Intrnt thrats.

Cisco IronPort Wb ScurityApplianc Manamnt

t h e C i s C o i r o n p o r t d i f f e r e n C e

8/6/2019 web_sec_mgmt_ds

2/5

P A g e 2Cisco IronPort Wb Scurity Applianc Manamnt

C c c on th Cisco IronPort

M-Sris appliancs is providd by Ciscos powrful IronPort

Cntralizd Conuration Manar (ICCM). Usin Cisco

ICCM, administrators can cntrally dn all of thir wbscurity policis from a sinl Cisco IronPort scurity man-

amnt applianc and apply thm to multipl Cisco IronPort

S-Sris appliancs. Ths policis can b pushd to all,

or a subst of, Cisco IronPort wb scurity appliancs and

monitor th dployd policis from a sinl pa viw. Cisco

ICCM nsurs that accptabl us and scurity policis ar

nforcd uniformly across th oranization, prvntin any

brachs.

To simplify scurity administration, Cisco ICCM also of-

frs rol-basd accss control nablin administrators

to dlat policy administration to othr rols within th

oranization. Administrators can backup thir wb scurity

policis usin th Cisco IronPort M-Sris to safuard

aainst dvic, systm or ntwork failurs. Th nw Conu-

ration History Lo fatur nrats los whnvr a chan

is committd. This allows oranizations to know who mad

a conuration chan in ordr to satisfy complianc and

ovrnanc rquirmnts.

Cisco ICCM offrs th followin faturs for cntralizd

policy manamnt:

gUI-basd policy dnition and dploymnt simplis th

task of cratin wb scurity policis and liminats th

complxity of writin scripts. Th gUI is vr y similar to th

Cisco IronPort wb scurity applianc mnu (includin

Idntitis, Accss Policis, Dcr yption Policis and Custom

URL catoris), which allows a Cisco IronPort S-Sris ad-

ministrator to asily mirat to th Cisco IronPort M-Sris

applianc for cntralizd policy manamnt.

Rol-basd accss control offrs xibl pr-built

administrator rols includin wb administrator, wb policy

administrator, URL ltrin administrator and administrator

rol. Should ths rols not fulll an oranizations nds,th administrator can also crat custom usr rols for

ratr xibility.

Dlatd administration nabls th manamnt of a

subst of policis by othr administrators who hav rad-

writ accss to spcic policis. This provids an xtra lvl

of ranularity in policy dnition and dploymnt.

Conuration History Los allow oranizations to comply

with ovrnanc rquirmnts by kpin track of who

mad policy and conuration chans via a lo l that is

nratd whnvr a chan is committd. each lo l

contains a snapshot of th conuration which can b usd

to rstor policy and othr conuration sttins in cas of

an unxpctd failur.

r allows scurity oprations, ntwork oprations,

f e a t u r e s

Consistent policy application across geographic boundaries

Custom user roles based on LDAP

Policis NOT

editabl by Dlatd

Administrator

Policis editabl byDlatd Administra

Delegated administration simplies policy management

Cisco IronPortS-Sris

Cisco IronPort

S-Sris

Cisco IronPortS-Sris

Cisco IronPortM-Sris

8/6/2019 web_sec_mgmt_ds

3/5

P A g e 3Cisco IronPort Wb Scurity Applianc Manamnt

f e a t u r e s ( C o n t i n u e d )

human rsourcs and complianc staff to ain dp undr-

standin of th scurity and complianc thrats facin

thir oranizations. Actionabl and insihtful rports allow

oranizations to prform trndin, trackin, thrat analysisand troublshootin tasks. Cisco IronPort tchnoloy offrs a

complt rportin solution, startin with th Cisco IronPort

S-Sris wb scurity appliancs.

Cisco IronPort S-Sris appliancs fatur a rich st of

rports that allow oranizations to visualiz scurity and wb

usa trnds on th applianc itslf. Top N rports summa-

riz information on th wb trafc and scurity thrats sn

on th applianc. In addition, powrful drilldown rports as

wll as th ability to sarch for a spcic clint allow ora-

nizations to s spcic thrats on spcic clints as wll as

associatd wb usa activity.

Sawmill for Cisco IronPort, a customizd third-party analyt-ics tool, provids a rich st of pr-built rports for in-dpth

wb usa and scurity thrat analysis across all Cisco

IronPort S-Sris appliancs in th oranization. Powr-

ful drilldown capabilitis nabl scurity oprators to track

which machins ar pron to malwar attacks. Companis

can vn idntify risk y usr bhavior, which may rsult in

attacks. Similarly, any accptabl us policy violations can

b trackd down to an individual IP or authnticatd usr.

Powrful filtrs allow oranizations to focus on th subjct of

intrst. This allows oranizations to monitor situations that

would xpos thm to liabilitis, and rfin thir accptabl

us and scurity policis.

Sawmill for Cisco IronPort, hlps oranizations answr

important qustions such as:

Who visitd unaccptabl URL catoris?

Within ach URL catory, which spcic wbsits wr

visitd and whn?

Why is a particular usrs bandwidth usa soarin and

which wbsits is that individual visitin?

Is th oranization in complianc with various rulatory

rquirmnts?

This valuabl insiht limits th liabilitis of an oranization and

kps costs associatd with workr productivity and malwar

thrats in chck.

a w , basd on Ciscos industry-

ladin IronPort AsyncOS opratin systm, hlps powr th

Cisco IronPort M-Sris applianc. Cisco IronPort AsyncOS

dlivrs prformanc, robustnss and scalability capabl of

handlin th nds of all ntrpriss..

Security report for a specic Cisco IronPort S-Series appliance

Cisco IronPort S-Series Security and WebActivity Summary report

8/6/2019 web_sec_mgmt_ds

4/5

P A g e 4Cisco IronPort Wb Scurity Applianc Manamnt

s a Cisco IronPort scurity

manamnt appliancs simplify ovrall dploymnt of

Cisco IronPort wb scurity appliancs. To rduc

administrativ ovrhad, administrators can us th Cisco

IronPort M-Sris for cntralizd policy manamnt and

conuration updats for a roup of Cisco IronPort S-Sris

appliancs. Th nwly-introducd, rol-basd accss control

and dlatd administration faturs incras xibility and

ranularity for policy dnition and dploymnt.

g o i Powrful rportin ivs CXOs

visibility into wb usa includin URL browsin history,

businss usa mtrics, productivity loss mtrics and wb

usa trnds. This powrful tool assists with businss pro-

ductivity optimization by n tunin wb usa policis.

r gc Cc rq

Th cntralizd rportin and trackin faturs allow ora-

nizations to kp tiht control of accptabl us policis.

Th Confiuration History Lo fatur on th Cisco IronPort

M-Sris can b usd to crat a trail of all confiuration

chans. This not only rducs liability, but also hlps

oranizations rspond to ovrnanc and complianc

rquirmnts.

b e n e f i t s

Feature Available On

Intractiv Drill-Down Rportin Cisco IronPort S-Sris*

Accptabl Us Policy and Malwar Rportin Cisco IronPort S-Sris*

Cntralizd Policy Administration Cisco IronPort M-Sris

Rol-Basd Accss Control Cisco IronPort M-Sris

Dlatd Administration Cisco IronPort M-Sris

Policy Conuration Backup and Rstor Cisco IronPort M-Sris

f e a t u r e av a i l a b i l i t y m a t r i x

p r o d u C t l i n e

Cc ip m1060 Consolidatd manamnt applianc dsind to mt th nds of th most dmandin

ntworks in th world.

Cc ip m660 Sustd for oranizations with multipl atway scurity appliancs and thousands of usrs.

Cc ip m160 Dsind for oranizations with multipl atway scurity appliancs and lss than 2,000 usrs.

Th Cisco IronPort mail scurity, wb scurity and scurity manamnt product lins addrss issus facd by

oranizations ranin from small businsss to th global 2000.

* Fine-grained analysis and centralized reporting available via Sawmill for Cisco IronPort.

8/6/2019 web_sec_mgmt_ds

5/5

P A g e 5Cisco IronPort Wb Scurity Applianc Manamnt

s u m m a r y

C o n t a C t u s

Th bst plac to control and protct aainst th risks pos d by wb trafc is riht at th atway. Cisco IronPort S-Sris

appliancs ar th industrys most comprhnsiv scur wb atway providin bst-in-class protction aainst wb-

born malwar thrats such as viruss, spywar, Trojans and botnts, whil also nsurin ntrpris-class pr formanc. Th

Cisco IronPort M-Sris scurity manamnt applianc, combind with Sawmill for Cisco IronPort, provids a comprhn-

siv platform for cntralizd manamnt, cntralizd rportin and cntralizd trackin. Offrin th bnts of Ciscos

industry-ladin IronPort AsyncOS platform, ths appliancs simplify administrativ ovrhad and allow oranizations to

rspond to ovrnanc and complianc rquirmnts.

Throuh a lobal sals forc and rsllr ntwork, Cisco offrs a fr Try Bfor You Buy valuation of th Cisco

IronPort M-Sris scurity manamnt applianc. For additional information, call 650-989-6530 or visit us on th wb

at www.ironport.com/try.

P/N 435-0250 -1 5 /09

Cc ip m1060 Cc ip m660 Cc ip m160ChassisForm Factor 19 Rack-Mountabl, 19 Rack-Mountabl, 19 Rack-Mountabl,

2U rack hiht 2U rack hiht 1U rack hiht

Dimns ions 3.5 (h) x 17.5 (w) x 29.5 (d) 3.5 (h) x 17.5 (w) x 29.5 (d) 1.75 (h) x 17.5 (w) x 21.5 (d)

Powr Supplis 750 watts, 100/240 volts 750 watts, 100/240 volts 345 watts, 100/240 volts

Procssor, Mmory, and Disks

CPUs 2x4 (Quad Cors) Intl Xon 2x4 (Quad Cors) Intl Xon 1x2 Dual Cor Intl Xon

Disk Spac 3 TB 1.8 TB 500 gB

RAID RAID 10, battry-backd RAID 10, battry-backd RAID 1, battry-backd

256MB cach 256MB cach 256MB cach

Intrfacs

ethrnt 3xgiabit NICs, RJ-45 3xgiabit NICs, RJ-45 2xgiabit NICs, RJ-45

Fibr Ys No No

Wb Intrfac gUI-basd (HTTP or HTTPS) gUI-basd (HTTP or HTTPS) gUI-basd (HTTP or HTTPS)

Compatibility: Interfaces with all Cisco IronPort gateway security appliances.

t e C h n i C a l s p e C i f i C a t i o n s

ac hqCisco Systms, Inc.San Jos, CA

a pcc hqCisco Systms (USA) Pt. Ltd.Sinapor

e hqCisco Systms Intrnational BVAmstrdam, Th Nthrlands

Cisco has mor than 200 ofcs worldwid. Addrsss, phon numbrs, and fax numbrs ar listd on th Cisco wbsit at www.cc.c//c.

CCDe, CCeNT, Cisco eos, Cisco Lumin, Cisco Nxus, Cisco StadiumVision, Cisco TlPrsnc, Cisco Wbex, th Cisco loo, DCe, and Wlcom to th Human Ntwork ar tradmarks; Chanin th Way W Work,

Liv, Play, and Larn and Cisco Stor ar srvic marks; and Accss Ristrar, Airont, AsyncOS, Brinin th Mtin To You, Catalyst, CCDA, CCDP, CCIe, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, th Cisco Crtid

Intrntwork exprt loo, Cisco IOS, Cisco Prss, Cisco Systms, Cisco Systms Capital, th Cisco Systms loo, Cisco Unity, Collaboration Without Limitation, ethrFast, ethrSwitch, evnt Cntr, Fast Stp, Follow

M Browsin, FormShar, giaDriv, HomLink, Intrnt Quotint, IOS, iPhon, iQuick Study, IronPort, th IronPort loo, LihtStram, Linksys, MdiaTon, MtinPlac, MtinPlac Chim Sound, MgX, Ntworkrs,

Ntworkin Acadmy, Ntwork Ristrar, PCNow, PIX, PowrPanls, ProConnct, S criptShar, SndrBas, SMARTnt, Spctrum exprt, StackWis, Th Fastst Way to Incras Your Intrnt Quotint, TransPath, Wbex

and th Wbex loo ar ristrd tradmarks of Cisco Systms, Inc. and/or its afliats in th Unitd Stats and crtain othr countris.

All othr tradmarks mntiond in this documnt or wbsit ar th proprty of thir rspctiv ownrs. Th us of th word partnr dos not imply a partnrship rlationship btwn Cisco and any othr company.

(0809R)