Cisco Web Security Appliance Reviews

Our company works solely on government projects. Hyperconverged infrastructure is one portion of our use case for Web Security Appliance because it's a bundled solution that includes cyber security, network, the passive component, storage, and HCI. We are based in India and we have over 10,000 employees. We are a Cisco gold partner and I am deputy general manager of presales.

This solution helps our customers with the challenges their clients face attempting to connect to their network or app. It's very good for large enterprise organizations. 

There are occasional delays in customer support but it's a minor thing. 

I've been using this solution for three years. 

The solution is stable. 

The solution is scalable which is important in our situation because we have a five-year plan to increase users. 

The support is great, almost perfect. We directly communicate with the Cisco India team.

Positive

The initial setup is easy and our customers are satisfied with the deployment and the support we provide in that respect. We work with two or three engineers per site and deployment usually takes somewhere between 10 to 15 days.

Licensing is calculated by the number of users and paid on an annual basis. The license includes technical support. The solution is not expensive. 

Cisco Web Security Appliance is used to secure users from malicious threats across the internet and applications they access on different cloud platforms. It is a dedicated solution for protecting users from various internet threats and provides a centralized dashboard for visibility and control over accessed apps.

The solution offers content filtering and micro-content controls, such as regulating the types of images and their resolution. It provides granular controls over media being accessed on social platforms, ensuring that content not in the company's interest is restricted.

The product is great, however, incorporating features offered by competitors would be beneficial. Competitors sometimes highlight features that Cisco products lack. Additional features like improved whitelisting and blacklisting of malicious websites could enhance the product.

I have been using Cisco Web Security Appliance for several years, more than seven or eight, approximately eight or nine years.

The solution is subscription-based, making scaling possible.

Cisco offers intense and comprehensive technical support services, making it a strong selling point.

Positive

The installation requires a skilled resource who understands the product technology and its features. Deployment is not straightforward due to the complexity of the functions and considerations involved.

Cisco provides Mentored Installation Services through specialized service delivery partners to ensure proper deployment.

Pricing is competitive and varies across sectors. Public sector clients receive good pricing, whereas enterprise or commercial clients might not find the pricing as favorable.

I'd rate the solution eight out of ten.

Cisco Web Security Appliance is user-friendly and easy to manage. It protects your environment while accessing the internet. 

The tool needs to improve cloud-based decryption. 

Cisco Web Security Appliance's stability is good. 

The product is scalable. We have 1500 to 2000 users. 

The tool's deployment is very straightforward. The only process that can take time is aligning the policies as per your use case. 

Getting a partner from Cisco to help with the deployment is good. 

You can get a good ROI in the long run. 

The tool's licensing is yearly. 

I rate the product a ten out of ten. 

Cisco Web Security Appliance can be used as a proxy for sending all traffic to the internet. In that case, I can apply security policies and provide anti-malware, protection, and attack prevention with this security appliance. Additionally, there is some advanced functionality, such as security orchestration and security incident management appliance integration. You are able to have full protection and incident management.

This solution can be deployed in the cloud or on-premise.

I am using a virtual infrastructure which is the easiest infrastructure.

The most valuable feature of Cisco Web Security Appliance is the provided anti-malware functionality and URL categorization. I can block access to malicious websites. 99 percent of the cases are related to a malicious website. If I cannot browse those malicious websites, then we are 99 percent protected. 

We have SSL decryption and we receive full visibility of what is happening on the network. With SSL decryption, most of the traffic is encrypted and if I had the traffic recorded, I could see what is happening inside that traffic.

The solution could improve the graphical user interface. It is not up to the regular standard of what we would expect from Cisco. Additionally, they need to improve the categorization when blocking in the settings. The CLI could have a better view than the graphical user interface but I did not investigate further.

I have been using Cisco Web Security Appliance for approximately seven years.

The solution is stable and has high availability.

I rate the stability of Cisco Web Security Appliance a nine out of ten.

The scalability of Cisco Web Security Appliance is high.

I rate the scalability of Cisco Web Security Appliance a ten out of ten.

Cisco is the best support team available on this planet. I am happy with the support I have received.

I have worked with Cisco Firepower and the Cisco DNA Center Platform. It is a stable solution, but they are working on improving it.

The initial setup is complex. The is not much flexibility when creating policies. As per the design guide, they have provided a lot of limitations for creating policies. For example, if I create 30 access policies, 30 customization decryption policies, and 30 custom complex policies, there is a complexity in the qualification. If the policy is complex then CP gets high, which is a problem. 

Following the best practice guide, I have to follow that constraint. However, customers, are not happy with the restriction and policies. They want to create as much policy as possible. 

The implementation took approximately two weeks or ten working days.

I do the implementation of this solution.

There is a subscription-based license needed to use this solution.

I rate Cisco Web Security Appliance a nine out of ten.

We were configuring the computers, using it as a proxy. What I did was I configured the different URL categories and custom categories, and assigned them to a specific group of people through their Active Directory group. It was working in conjunction with Active Directory.

We didn't use WSA, it was used only in our customers premises 

It works really well. It operates beautifully once everything is configured. 

It also allows you to decrypt SSL traffic, and that's a really important feature as well, which is something I also configured.

The solution is easy to set up.

The virtual machine is quite scalable.

It's stable. 

I didn't use the full potential of WSA, so I cannot really say what features may be lacking or missing. 

The WSA should have a Firewall like feature built in, that would allow for more control with different ports other than 80, 443 or HTTP and HTTPS.

I've been using the solution for three years. 

The customer prior to where I configured the physical appliance, never complained about it not working. It's been three years or so and it's still operating as smoothly as it operated on the first day. There weren't any breakdowns or lags or anything like that.

I'm not really sure about the scalability. If I could compare, cloud solutions like Umbrella and Zscaler are far better than WSA. Maybe the virtual machine of WSA is more scalable than the physical appliance as the physical appliance is bound to the specification that it has. Whereas you can scale the virtual machine as much as you can and allows you your underlying hypervisor. 

We have about 1,500 people using the solution.

I've never had to use technical support.

The implementation was very straightforward. The interface is really intuitive. I don't know about the new one, however. They released an interface, however, it wasn't fully released. It was a demo. Those interfaces were really good.

Getting up and running from start to finish takes about eight hours. 

The setup was pretty fast as the features that I used were pretty straightforward and all I had to do was handle custom URLs. It wasn't too complex a configuration.

The solution's cost depends on how many users you purchase. It was maybe $3 or $5 per user, which is a bit expensive. Other solutions are expensive, especially the cloud ones. It's still on par with the others, however, lowering the expenses would be also a great thing. It's absolutely worth the cost.

The last version of the solution we used was on a virtual machine. Prior to that, I worked on a physical appliance. It was WSA S190.

The company decided to go with WSA mainly due to the fact that, in one case, financial institutions usually prefer on-prem deployments over the cloud. I also had a good experience with WSA and the customer was okay to have it on on-prem. 

If you're a customer with a lot of sites, then an on-prem solution like WSA is not a good option. For a big customer, you have to purchase one for each site and that's expensive. Going for a cloud solution where you have centralized management of all your policies is the better option. It's also less expensive than an on-prem Solution

As for a small customer with two or three sites in a small region, it would be okay to have one WSA centralized. This was the case with my last customer, which has 1,500 users. Their sites are all close to each other so that wouldn't be a problem. There wouldn't be a problem using one centralized WSA in one site as it wouldn't cause latency or stuff like that. If the sites are scattered all around, I wouldn't recommend WSA as it becomes too expensive. A cloud solution like Umbrella or Zscaler is preferred in this case.

I'd rate the solution nine out of ten. It operates well, however, the on-remises version is limited in terms of scaling.

We are just using the solution for internal purposes. When we need to browse the internet, our staff will either be allowed or refused access to the internet. All of the internet is accessed via the server.

The bandwidth limit is useful. The categories are pre-defined by Cisco. 

It's a very user-friendly product and is easy to set up.

The product is stable.

It's a scalable product.

It should have a user-based quota, per-user quota, that can be defined on the appliance. That way, if a user reaches their quota individually, they should be blocked for the next day. 

One major feature that is still not in this product and that should be implemented by Cisco is that it should have a live graph. We'd like to see, for example: What is the user consumption at the right now? What is the bandwidth, when bandwidth is used by the user? There is no current graph of it and I would recommend it should be in the product.

I've been using the solution for five years. 

The product is stable. I have not seen any issues in five years. We have not had any unintentional reboots or downtime. It is very reliable and is a stable product.

We haven't had any issues with scalability.

In my first company, there were 2,000 people on the solution. In my latest organization, we have 15,000 people on it. 

We've reached out to support for day-to-day challenges. They've been very helpful and responsive and we have been happy with their level of service. 

Positive

The solution is very easy to set up. It's user-friendly. The process isn't difficult. It took us about a day to set up.

You do need to pay for a license. It's not cheap or expensive. It's mid-level in terms of price. 

We did look at other solutions. We conducted a comparison of options and did a POC. In the end, we found this product very helpful. We looked at, for example, Fortigate, among others. 

We're a customer and end-user.

I'd advise users to give the solution a try. It's a very easy-to-use product and everything is working without any issue with the appliance. I would recommend others to use it.

I'd rate the solution nine out of ten.

The tool has good Umbrella DNS security. 

The tool needs to provide logs. They need to improve firewall threat defense. 

I have been working with Cisco products for more than two decades. 

I would rate the tool's scalability a seven out of ten. 

I would rate the product a seven out of ten. 

We use Cisco Web Security Appliance for many things like firewalls, site-to-site VPN, routing, etc. We can use it for remote work. 

Cisco Web Security Appliance can integrate with Active Directory, enabling us to manage all the end-users within AD.  It's helpful for setting rules based on individual users and groups. For example, you can configure policies for inbound and outbound traffic. 

Cisco Web Appliance is highly stable if configured correctly. 

I rate Cisco Web Appliance eight out of 10 for scalability. 

I rate Cisco support nine out of 10. 

Positive

Setting up Cisco Web Security Appliance is highly complex and it takes about a week. We have to connect it to the Active Directory and configure all the policies for end users. It takes a long time to configure rules for our company data like port forwarding and separating the public and local components. 

I rate Cisco Web Security Appliance 10 out of 10. It's a complete security solution.