Guest

Cisco Web Security Appliance

Cisco IronPort Web Security Reporting

Analyze and Act Upon Web Traffic Trends in Real Time

Overview

A human resources representative wants to ensure that web users on the company network are following acceptable use policies. A network security administrator wants to examine whether the company network is being exposed to malware threats through employees' smartphones. A network operations manager wants to monitor bandwidth usage, so he can plan capacity and refine bandwidth control policies.

The on-box web reporting capabilities of the Cisco IronPort S-Series can provide accurate, real-time information in all of these cases. Detailedreports give managers visibility and insight into current operational data to help them refine policies, plan infrastructure, and measure productivity. All reports available on the S-Series are also available centrally on the Cisco IronPort Security Management Appliance, aggregated for all managed S-Series appliances.

Download Web Reporting At A Glance

Features and Capabilities

Features

Top to Bottom Visibility into Web Security Status

Easy-to-understand web security reports profile all web transactions, instantly identify top threats, and display an at-a-glance indication of the top threats and top clients by blocked transactions of each Cisco IronPort appliance. Easily demonstrate return on investment (ROI) by reviewing the percentage of transactions handled by Cisco IronPort's Web Reputation and Anti-Malware filters. Click on links in the reports to drill down on specific threats, threat categories, clients, or transactions.

Figure 1Figure 2
Straightforward graphs help you to quickly identify potential threats.

Layer 4 Traffic Monitor information helps you identify compromised network ports and detect malware "phone home" activity that attempts to bypass Port 80.

Figure 3
Top-level graphs highlight important data points, and detailed information is available in tabular format.

End-user reports show users browsing sites with the most malware and also pinpoint potentially infected machines on your network. Use this valuable information to proactively manage risky behavior and plan cleanup activities for infected machines.

Figure 4
Instantly get visibility into blocked malware using the Anti-Malware Risk report.

Detailed, systemwide malware reports identify the top malware categories as well as specific instances of malware detected on your network. Assess the security of your network against high-profile threats and develop policies to manage the top malware risks.

Figure 5

Web Reputation reports show how much web traffic was blocked by reputation and provides valuable insight into web reputation trends. Read more about Cisco IronPort Web Reputation Technology

Powerful Reporting Engine

PDF snapshots allow you to capture the current view of a report you are viewing in an Adobe PDF file. Save or print the file for easy future reference.

Regularly scheduled reports can be configured for delivery over email or archived to the local system in PDF format. All real-time reports are available for periodic scheduled delivery.

Figure 6
Easily schedule reports for delivery on a daily, weekly, or monthly basis.

On-demand report generation provides instant access to reporting data on your appliances. Dig deeper into a particular security incident by viewing all reports for a specific timeframe.

Download reporting data in CSV format for easy integration with existing monitoring solutions. Simply click the “Export” links in the GUI or create automated scripts to export the reporting data from the Cisco IronPort S-Series appliances.

Figure 7
Flexible reporting capabilities allow you to instantly access historical reporting data on your appliance.

Benefits

  • Reduce Administrative Overhead: Simple, easy-to-understand, real-time reports allow you to instantly assess the overall status of your network security. You no longer need to search through and post-process logs from multiple systems on your network.
  • Integrate with Existing Solutions: All reporting data is available in industry-standard CSV format. Protect your investment in enterprise reporting solutions by simply importing web security data from the Cisco IronPort appliances.
  • Enhance Network Security: Cisco IronPortsecurity reports provide top level and detailed visibility into the spyware and other web-based threats in your network, enabling you to make critical security decisions. Protect your users from unwanted threats, and protect your business from critical downtime and lost opportunities.
  • Plan Specific Cleanup Activities: Reports from the Layer 4 Traffic Monitor help you quickly identify potentially compromised hosts on your network. These actionable reports help you to minimize the time wasted on forensics and focus your efforts on cleaning up infected hosts.
  • Measure Your ROI: See exactly how Cisco IronPort leads the industry in providing remarkably effective web security solutions. Information about each element of Cisco IronPort's unique multi-layer, multi-vendor malware protection is readily available. Easily scheduled ROI reports are automatically delivered for management review.

Availability

Cisco IronPort Web Security Monitor is available on all Cisco IronPort S-Series appliances.


Additional Resources