Cisco Web Security Appliance Reviews

Our company works solely on government projects. Hyperconverged infrastructure is one portion of our use case for Web Security Appliance because it's a bundled solution that includes cyber security, network, the passive component, storage, and HCI. We are based in India and we have over 10,000 employees. We are a Cisco gold partner and I am deputy general manager of presales.

This solution helps our customers with the challenges their clients face attempting to connect to their network or app. It's very good for large enterprise organizations. 

There are occasional delays in customer support but it's a minor thing. 

I've been using this solution for three years. 

The solution is stable. 

The solution is scalable which is important in our situation because we have a five-year plan to increase users. 

The support is great, almost perfect. We directly communicate with the Cisco India team.

The initial setup is easy and our customers are satisfied with the deployment and the support we provide in that respect. We work with two or three engineers per site and deployment usually takes somewhere between 10 to 15 days.

Licensing is calculated by the number of users and paid on an annual basis. The license includes technical support. The solution is not expensive. 

We were configuring the computers, using it as a proxy. What I did was I configured the different URL categories and custom categories, and assigned them to a specific group of people through their Active Directory group. It was working in conjunction with Active Directory.

We didn't use WSA, it was used only in our customers premises 

It works really well. It operates beautifully once everything is configured. 

It also allows you to decrypt SSL traffic, and that's a really important feature as well, which is something I also configured.

The solution is easy to set up.

The virtual machine is quite scalable.

It's stable. 

I didn't use the full potential of WSA, so I cannot really say what features may be lacking or missing. 

The WSA should have a Firewall like feature built in, that would allow for more control with different ports other than 80, 443 or HTTP and HTTPS.

I've been using the solution for three years. 

The customer prior to where I configured the physical appliance, never complained about it not working. It's been three years or so and it's still operating as smoothly as it operated on the first day. There weren't any breakdowns or lags or anything like that.

I'm not really sure about the scalability. If I could compare, cloud solutions like Umbrella and Zscaler are far better than WSA. Maybe the virtual machine of WSA is more scalable than the physical appliance as the physical appliance is bound to the specification that it has. Whereas you can scale the virtual machine as much as you can and allows you your underlying hypervisor. 

We have about 1,500 people using the solution.

I've never had to use technical support.

The implementation was very straightforward. The interface is really intuitive. I don't know about the new one, however. They released an interface, however, it wasn't fully released. It was a demo. Those interfaces were really good.

Getting up and running from start to finish takes about eight hours. 

The setup was pretty fast as the features that I used were pretty straightforward and all I had to do was handle custom URLs. It wasn't too complex a configuration.

The solution's cost depends on how many users you purchase. It was maybe $3 or $5 per user, which is a bit expensive. Other solutions are expensive, especially the cloud ones. It's still on par with the others, however, lowering the expenses would be also a great thing. It's absolutely worth the cost.

The last version of the solution we used was on a virtual machine. Prior to that, I worked on a physical appliance. It was WSA S190.

The company decided to go with WSA mainly due to the fact that, in one case, financial institutions usually prefer on-prem deployments over the cloud. I also had a good experience with WSA and the customer was okay to have it on on-prem. 

If you're a customer with a lot of sites, then an on-prem solution like WSA is not a good option. For a big customer, you have to purchase one for each site and that's expensive. Going for a cloud solution where you have centralized management of all your policies is the better option. It's also less expensive than an on-prem Solution

As for a small customer with two or three sites in a small region, it would be okay to have one WSA centralized. This was the case with my last customer, which has 1,500 users. Their sites are all close to each other so that wouldn't be a problem. There wouldn't be a problem using one centralized WSA in one site as it wouldn't cause latency or stuff like that. If the sites are scattered all around, I wouldn't recommend WSA as it becomes too expensive. A cloud solution like Umbrella or Zscaler is preferred in this case.

I'd rate the solution nine out of ten. It operates well, however, the on-remises version is limited in terms of scaling.

Cisco Web Security Appliance is used to secure users from malicious threats across the internet and applications they access on different cloud platforms. It is a dedicated solution for protecting users from various internet threats and provides a centralized dashboard for visibility and control over accessed apps.

The solution offers content filtering and micro-content controls, such as regulating the types of images and their resolution. It provides granular controls over media being accessed on social platforms, ensuring that content not in the company's interest is restricted.

The product is great, however, incorporating features offered by competitors would be beneficial. Competitors sometimes highlight features that Cisco products lack. Additional features like improved whitelisting and blacklisting of malicious websites could enhance the product.

I have been using Cisco Web Security Appliance for several years, more than seven or eight, approximately eight or nine years.

The solution is subscription-based, making scaling possible.

Cisco offers intense and comprehensive technical support services, making it a strong selling point.

Positive

The installation requires a skilled resource who understands the product technology and its features. Deployment is not straightforward due to the complexity of the functions and considerations involved.

Cisco provides Mentored Installation Services through specialized service delivery partners to ensure proper deployment.

Pricing is competitive and varies across sectors. Public sector clients receive good pricing, whereas enterprise or commercial clients might not find the pricing as favorable.

I'd rate the solution eight out of ten.

We primarily use the solution to verify the identity of users that are connecting to the network. It's used to check the compliance of their systems before they are able to connect.

There isn't that much to it. It's not overly complex.

The scalability is good.

The deployment process is very simple.

Technical support is okay.

The stability could be better. 

The solution needs to be more user-friendly and easier to navigate. It's not so easy right now. 

I've been using the solution for five years at this point. I've used it for a while. 

The stability is lacking and is something that should be looked at. We don't find it to be very stable.

The solution offers good scalability. If a company need sot expand it, it can do so. It's not a problem.

We have about 50,000 users on the solution currently.

We've contacted technical support in the past and they have been fine. Cisco has relatively good technical support.

We did not previously use a different solution.

The solution is very easy to implement. It's not overly complex or too difficult. Our deployment took about six months.

We have five team members that can handle setups and maintenance tasks. They are engineers.

While we did do some of the initial setup ourselves, we did also have a consultant come in to assist in certain areas from time to time. 

There is a one-time licensing fee that needs to be paid. 

We are using the latest version of the solution, however, I cannot speak to the exact version number.

I would rate the solution at a seven out of ten. It's an okay solution that needs better stability.

I would recommend the solution to other companies and organizations. 

The tool has good Umbrella DNS security. 

The tool needs to provide logs. They need to improve firewall threat defense. 

I have been working with Cisco products for more than two decades. 

I would rate the tool's scalability a seven out of ten. 

I would rate the product a seven out of ten. 

We use Cisco Web Security Appliance for many things like firewalls, site-to-site VPN, routing, etc. We can use it for remote work. 

Cisco Web Security Appliance can integrate with Active Directory, enabling us to manage all the end-users within AD.  It's helpful for setting rules based on individual users and groups. For example, you can configure policies for inbound and outbound traffic. 

Cisco Web Appliance is highly stable if configured correctly. 

I rate Cisco Web Appliance eight out of 10 for scalability. 

I rate Cisco support nine out of 10. 

Positive

Setting up Cisco Web Security Appliance is highly complex and it takes about a week. We have to connect it to the Active Directory and configure all the policies for end users. It takes a long time to configure rules for our company data like port forwarding and separating the public and local components. 

I rate Cisco Web Security Appliance 10 out of 10. It's a complete security solution.

We use Cisco Web Security Appliance for proxy purposes, for enterprises.

The best feature of Cisco Web Security Appliance is its policy framing. It also has a good UI and it can handle traffic well. Cisco Web Security Appliance is a good product.

As Cisco Web Security Appliance is eight years old, though it's simple to access its UI, the UI needs a little bit of updating. If it could be more interactive similar to the latest gen solutions, that would improve the product. Adding a few more integrations would also make Cisco Web Security Appliance better.

Cisco Web Security Appliance is a web appliance, so I don't see much scope for adding other features to it.

I've been using Cisco Web Security Appliance for one year.

Cisco Web Security Appliance is a stable solution.

As Cisco Web Security Appliance is an appliance, it doesn't scale. You need to size it based on your requirements, so if you're a small-scale customer, you'll size based on that. A large-scale customer gets a larger appliance and would need to size in advance, so you cannot scale that. Instead, you'll have to add boxes to add more load, so you can add to the cluster.

The initial setup for Cisco Web Security Appliance was pretty easy. It usually takes just a day or two to complete the deployment if you have all the information, but it's mostly the customers performing the initial setup because it's all done remotely.

I have no information on the licensing costs for Cisco Web Security Appliance.

I have customers that have thousands of users of Cisco Web Security Appliance, for example, five thousand users. I manage the migration for multiple customers.

My advice to anyone who wants to use Cisco Web Security Appliance is that it's a product that's easy to grasp if you know about proxy or any other firewall solution because it's pretty similar to other network security products in the market. If you have zero knowledge of network and security, it'll be difficult for you to understand Cisco Web Security Appliance.

My rating for Cisco Web Security Appliance is seven out of ten. It's a stable solution. It's not the best product, but it's a good product, and because it's on-premise and its visibility or availability on the cloud is minimal, many customers or companies prefer using it.

We primarily use the solution for security and controlled internet access. We just finished deploying one for one of our clients that actually bought both devices. That was just before COVID that we implemented it, so we just finished it now.

There are different types of groups with different types of access depending on the policies for those departments or users. We've got the administrator, the normal users, and then the management. We allow certain users to have access to all of the sites as they do research as well as marketing. We also use those features to actually define the policies so that they can have access to those sites for advertising as well.

Most of the features are great. They've got great filtering. That's what the client was looking at in terms of users when they go out to the internet, to make sure that when they access, they access the sites that actually have been filtered by Cisco to make sure that those sites are secure and they don't have malware that they can download from those sites.

The stability is good.

It's a scalable product.

Technical support has been helpful.

The pricing is reasonable.

We just deployed it. I would just like to have more filters. However, I need more time to give a report to see what limitations may exist. 

During the setup, we had issues with updating the rules.

I would like more automation. When it's on a failover, everyone will think that they'll filter nicely.

We've been using the solution for almost four years now.  

We've been running the latest solution for eight months now and it is totally stable. There are no bugs or glitches and it doesn't crash or freeze. It's reliable. 

It is scalable. The clients that we have sold a few of those boxes to, did find integrating with AV software a bit expensive. However, it is possible to expand it.

Technical support is great. They're always on par. They're fine. So far, from what we've seen, they've always managed to respond.

It's a bit on the expensive side, I must say, however, when you look at the trends of the market, if you look where other services are going, the pricing is very close.

While the first assumption from clients is "Oh, Cisco devices are expensive," when you compare it with other devices, it's almost a tie. In general, the pricing of Cisco devices is not that bad.

We are a Cisco partner and a reseller.

We're integrating with the Cisco ISE as well. We bought the licenses for malware as well and then integrated them with the AD. That's been the new authentication for the users when they go into the internet with a specified group. 

I’d recommend the solution. The support from Cisco is excellent. Through my years working with Cisco, I would always recommend Cisco, any product that they provide, thanks to my years of experience.

I have, for the past six or seven years, deployed different types of deployments and I would say Cisco support is excellent. I have met a lot of good, skilled people in terms of support along the way. Especially on ISE as that's one of the more difficult products.

It works very well for what the client actually wants to achieve. You have put the policies in place according to the client’s needs. ISE helps ensure the policies are in place and working. We have logs, we have evidence.

As long as you put ISE in, it's going to tell you all the issues that you're having with your AD. If it's not configured properly, even if you’ve been running it for 15 years, you'll know. We can show how things may not be configured properly and how to fix them.

I'd rate the solution eight out of ten.

We use this solution as our web security gateway and as an additional proxy.

The support for the solution could be improved as there are issues with SMARTnet support.

I have used this solution for three years. 

We have 500 users using this solution. 

The support for this solution could be improved. We have experienced issues with their SMARTnet support system. 

The initial setup is straightforward. 

This is an expensive solution.

We have compared other solutions for security such as Forcepoint, Barracuda Networks, Symantec as we are considering moving away from using this solution. 

I would rate this solution a seven out of ten. 

We use this solution to restrict prohibited websites and applications. It's a good solution.

Within our organization, there are roughly 400 people using this solution.

We plan to continue using this solution. 

This solution could be more secure.

Purpose-wise, I don't necessarily see the point of this solution. Users can gain access to restricted content easily with a simple VPN. It just seems like a waste of money to me.

In my opinion, this kind of technology should be available in a bundle. If internet security and web security were bundled together, that would be great.

I have been using Cisco Web Security Appliance for two years. 

Sometimes support takes a while to respond to us. Honestly, I have had better support from other vendors in the past. 

Deployment and maintenance require two to three technicians. 

We typically purchase either a one-year, three-year, or five-year license.

I would recommend this solution to others. Overall, on a scale from one to ten, I would give this solution a rating of six.