Advanced Web Security Deployment with WSA and ASA-CX
This session is an about advanced deployment of the WSA and how it compares to ASA-CX for Web Security. It is strongly recommended to follow BRKSEC-2024 "Deploying Context Aware Security (CX) on the ASA" as a pre-requesite to this session. We will first take a deep look at some of the deployment methods, especially at transparent deployment using WCCP for WSA. We will discuss best practices and how to troubleshoot WCCP. Second part will be about the new usage of TUI (Transparent User Identification) which will leverage the Context Directory Agent (CDA). In the third section we will cover some methods to troubleshoot performance issues and how to find out the root cause of such issues. And we will take an interesting approach how to display and visualise those performance data using SPLUNK as a third party reporting solution. At the End of the Session we will compare the WSA to the new ASA-CX and discuss which are the differences and when to use which Web Security Solution. This Session is targeted at Network Administrators and Security Administrators dealing with the WSA and ASA-CX Firewalls who want to learn more about the underlying technology and deployment methods.