Skip to main content
TrustRadius
Cisco Secure Web Appliance

Cisco Secure Web Appliance

Overview

What is Cisco Secure Web Appliance?

Cisco Secure Web Appliance (formerly Cisco Web Security Appliance [WSA]), powered by Cisco Talos, protects by automatically blocking risky sites and testing unknown sites before allowing users to link to them, helping with compliance. It is available models S690, S390,…

Read more
Recent Reviews
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Cisco Secure Web Appliance?

Cisco Secure Web Appliance (formerly Cisco Web Security Appliance [WSA]), powered by Cisco Talos, protects by automatically blocking risky sites and testing unknown sites before allowing users to link to them, helping with compliance. It is available models S690, S390, and S190.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

5 people also want pricing

Alternatives Pricing

What is DNSFilter?

DNSFilter headquartered in Waltham offers DNS-Based Content Filtering & Threat Protection.

What is WebTitan?

WebTitan is the web security gateway and content filtering solution offered by TitanHQ.

Return to navigation

Product Details

What is Cisco Secure Web Appliance?

Cisco Secure Web Appliance Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(28)

Attribute Ratings

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
Kuntal Das | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Cisco Web Security Appliance (WSA) or Ironport is our primary email security tool. All emails that are sent to our users pass through a server running Cisco Web Security Appliance (WSA) or Ironport. The security team uses this tool in accordance with the email management team. However, we serve all the departments of our organization. The main objective of this software is to drop emails with malicious attachments, low reputation IP, banned senders, globally blacklisted emails based on their signatures, etc. Although it doesn't ensure flawless detection, it does a great job at the initial phase of narrowing down our hunt for malicious emails. It led to almost a 60% reduction of attachments containing malware, thereby helping us in securing our assets.
  • It does a great job of filtering emails based on IP reputation. This feature works particularly very well. Cisco has a vast database of IP reputation scores and therefore offers very few false positives and negatives.
  • It checks each email thoroughly without any compromise of privacy. Any malicious link present in the body of the email makes its way to the quarantine. The IP reputation scores also help in this case.
  • The default metrics on the dashboard visualization are not that useful. It is not much customizable too. Some of the dashboard features like load, volume, etc. can have a hide option.
  • The false negatives are more than false positives. A lot of the times, it verdicts the same email as malicious and non-malicious. This can be reduced.
Cisco Web Security Appliance (WSA) or Ironport is well suited for large organizations with a high volume of email flow and a high budget. For low or mid-scale industries, it is not that useful as the email client's own security solution like Office 365 or Gmail can do the job. Although quite accurate, email security needs to be flawless as it marks the beginning of every cyber attack. Cisco Web Security Appliance (WSA) or Ironport does narrow down the search space by dropping emails. But, skillful workers are still needed to ensure the verdict. In the case of spam, it is often not detected. An organization with a high budget, that can afford several employees too along with the tool is a good fit for it
  • The machine infection rate by downloading malicious attachments went down by 60%.
  • Phishing went down by 25%. This directly reduced user account compromise by 30%.
Cisco Web Security Appliance (WSA) is a potent tool. When it comes to handling emails and links from blacklisted IP, Cisco Web Security Appliance (WSA) does a better job. However, considering the price to performance ratio, Mimecast is way ahead of Cisco Web Security Appliance (WSA). Mimecast has an excellent spam filter, unlike the Cisco Web Security Appliance (WSA). However, as said, Cisco Web Security Appliance (WSA) or Ironport has been chosen for our organization due to its tenacity and the power to handle a very high volume of email.
Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Our corporation has relied on Cisco IronPort Web Security appliances for the last 9 years. We use it across the whole organization, in the headquarters and also in the remote offices. It helped us to solve one of the most challenging problems since the invention of the commercial Internet: be productive and navigate safely. Once we started to provide Internet access to the whole corporation, we were faced with some critical problems, like how to protect the company from unsafe websites that could harm our own network, like trojans, etc., how to be productive avoiding all the distractions the Internet provides, how to segment who could navigate and see what content on the Internet, how to save bandwidth due to the cache mechanism WSA uses and much more.
  • Content classification is one of the key features of the Cisco IronPort Web Security Appliance. Because they use the former Senderbase, now integrated to the Talos Intelligence, they can be very efficient classifying the websites on the exact content group they belong. With that, we can effectively configure and feel safe that the users will have access to the content they must have access.
  • The robustness of the Cisco IronPort Web Security Appliance is another key point of the solutions. Both the hardware and the software are very well integrated and provide peace of mind of the administrations, because it's very stable. Also, the appliance is very well tuned; we are be able to keep the same hardware for 3 years without any performance problems.
  • As I described before, we've been using Cisco IronPort Web Security appliances for the last 9 years and since we started, the product kept evolving year after year and continues to add new features to this day. To give an example, the recent versions added the possibility of updating the exception list automatically, using API, etc. Also, the product continues to add features to protect from malware and other virtual plagues, inspecting URLs for malicious content. The value of this kind of solution, if you put it on the scale of a big corporation, is invaluable.
  • One area that the product could be improved is the reporting features. Although we can query a lot of information, sometimes we miss a tool that could provide more executive insights, or even a tool that could report Internet usage considering productivity aspects. That's something our HR department is always asking for.
  • As IT administrators, we recognize the value of the product and what we get with it, but sometime it's hard to justify the cost of the license. I'm not sure if it's the way we sell it or if it's expensive, but that's something that always bothers us when we talk about these kinds of products.
We have both scenarios where we can describe that. For example, in the HQ, where we have about 3,000 users, Cisco IronPort Web Security Appliance is the ideal solution, because we can consolidate all the Internet access, policies, rules, etc. in the same box. However, if you have small offices with a few users, it's hard to justify one big and expensive box that could cost more than the whole office infrastructure.
  • Considering we've being using it for the last 9 years, if we just consider how many times we avoided to be contamitated by malwares coming from the Internet, just for that reason, we paid the solution 3 times.
  • Productivity improvement is something hard to prove, but we're a 100% sure we avoided some many hours of 'not interesting subjects' nativagation on the Internet, specialy in the early days, where people didn't have smartphones and used to browse the Internet for personal reasons on the corporate network.
  • Also, a little hard to prove, but we can trust that we saved a lot of bandwidth and, consequently, Internet circuit investments because of the cache mechanism.
Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.
Every time we needed support (luckily, there were only a few times) from Cisco, they were very efficient. There's a way to setup and create a internal VPN connection inside the appliance just for support purposes and once you close the session, that connection is destroyed. With that, the support engineer can go into the appliance and do all the necessary troubleshooting tasks he needs. That's a great feature that help a lot during these times.
Considering we're with Cisco IronPort Web Security Appliances for the last 9 years, as I stated, we don't have too much experience with other producs. What I can say is that in the past, we evaluated Websense before it became Forcepoint and we also used MS ISA Server for webfilter. As you may imagine, IronPort is a very very superior product.
Return to navigation