Cisco Secure Web Appliance (formerly Cisco Web Security Appliance [WSA]), powered by Cisco Talos, protects by automatically blocking risky sites and testing unknown sites before allowing users to link to them, helping with compliance. It is available models S690, S390, and S190.
N/A
Symantec Intelligence Services
Score 8.0 out of 10
N/A
Symantec WebFilter / Intelligence Services (formerly Blue Coat WebFilter) is a web application protection and web content filtering solution, designed to allow users to control access to web content and block web threats with advanced threat defense and real-time global threat intelligence.
We previously used BlueCoat ProxySG appliances. The system worked well overall, but the hardware, licensing, and support costs were just too high to continue using the product. The hardware costs, in particular, were unacceptable. It was relatively easy to convert our …
We have both scenarios where we can describe that. For example, in the HQ, where we have about 3,000 users, Cisco IronPort Web Security Appliance is the ideal solution, because we can consolidate all the Internet access, policies, rules, etc. in the same box. However, if you have small offices with a few users, it's hard to justify one big and expensive box that could cost more than the whole office infrastructure.
In a large environment, this is the perfect system. If you do not have constant changes, it easily becomes a system you drop in place and rarely have to think about. Our units have been rock solid and have never experienced any unexpected downtime, and upgrades are just a couple button clicks to deploy, or roll back. For small offices, with minimal traffic this may be using a sledgehammer to put in a push pin. It will work great, but the devices is likely over engineered for small offices (<50 people). That being said, price-wise it's still a great solution when compared to competing products and being from Symantec, you know it's going to be around and support for the long term.
I think that the interface could need updates to adapt it to a much more current system, achieve quick access to necessary tools and adapt the platform to a much more customizable and comfortable system to work with.
It is undoubtedly a platform that is worth having, however, the license costs could be better adjusted to small businesses so that it can be accessed more easily.
It could be a bit complex to use, the use of codes is quite extensive, it could be adjusted to something much more practical but just as efficient.
Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.
I really like the system, it's easy to use and mostly intuitive. I would have gone 10/10, but the management interface uses Java, and that seems to always make things a bit harder to start. Once everything is loaded and running, it's great - but it does require me to maintain a compatible version of Java on the machine I use to access the system, I'd be much happier with some kind of HTML5 interface. I also deducted 1 point for the functionality of the refer filter - it works as expected, but if the site isn't coded with the correct refer header, like Microsoft's site - then some page elements get stripped and pages only render about 98% correctly. I know that's not in Symantec's list of responsibilities, but having a filter that doesn't fully understand CDNs is worth the 1 point ding.
Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.
I've had exactly 1 problem in 8 years, I contacted support via the customer portal, less than an hour later I found myself in a screen share with a support tech who not only fixed my configuration error, but also took the time to ask about my usage and offered some great tips on changes. It was just one support incident, but I was impressed by the speed of response to a non-critical issue as well as the depth of product knowledge the support engineer had.
At home I have a McAfee service that does similar tasks and helps manage the users of my internet. McAfee seems more user friendly and easier to set exceptions.
Symantec WebFilter / Intelligence Services solution was a simple 1U appliance that does everything we need, compared to the Forcepoint solution which required a virtual appliance, a database server, a log server, and a management server - the licensing costs alone make the Symantec WebFilter / Intelligence Services solution a clear winner. The Forcepoint solution is really good, it just requires such a big footprint without delivering much beyond what the Symantec WebFilter / Intelligence Services solution does with a single unit.
Security! Security! Security! We are financial company that work with very sensitive information. A lot of unsafe traffic was blocked on the Cisco IronPort WSA over years of using it. We did not earn on it but absolutely sure that we did not lose 'gazillion' of dollars being infected or scammed.
Easy to configure and use, no need to teach new personnel how work with this product (hopefully saving time = saving money).
Unfortunately the price of license subscription made financial managers push IT dept. to look for something cheaper.
Boosts business productivity with having secured systems
Globally available threat protection adhering to our own security policies
User may sometime find it difficult to deal with - so there can be a feature to make it more user friendly in terms of user experience. That is a bit of negative we have seen.
