The Cisco Web Security Appliance (WSA) has a lot of options for scanning “content” (whatever that means, I think it’s a fancy way of saying Web pages) to make sure it doesn’t contain any malware. No viruses, no pop-up ad machines, things like that. And on the surface, that’s all well and good. Defense in depth, because you should also have some sort of anti-malware on your workstation too (as soon as you take your machine home with you for the evening, you’re probably no longer protected by the proxy).
At work, I’ve spent much of the last several weeks working on deploying a proxy service. A proxy is a service that can retrieve and cache Web pages on behalf of a large number of users.
In theory, you can use it to save bandwidth and protect your users by stopping viruses and such before they reach the users’ desktops. In practice, it’s mostly used to make sure your employees aren’t screwing around on Facebook at work.
A while back, I picked up a Cisco ASA 5505 for cheap on eBay. This is where I’ll be putting my notes on configuring, updating, et cetera…
Over the next few days at least, I’ll probably be updating this entry frequently, as I continue to experiment with the 5505, and learn what I need to do and how to do it. Continue reading “Cisco ASA 5505 Notes”→