Web Security Essentials

Similar Messages

• Cisco ASA5545-X CX Application Visibility and Control and Web Security Essentials

  Installed Cisco Prime Security Manager 9.3 and recently purchased lic for web security essentials but cannot find good documentation for how to configure (Blocking categories, white listing sites, etc).
   

  You can start with the User-Guide:
  http://www.cisco.com/c/en/us/td/docs/security/asacx/9-3/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_3/prsm-ug-cx-access.html

• ASA5512-K9 CX AVC and Web Security Essentials

  I have purchased the ASA5512-K9 with the CX AVC and Web Security Essentials L-ASA5512-AW1Y as recommended by a Cisco pre-sales representative and my reseller for my environment.  I had previously believed from the documentation on the Cisco site that all X generation models had the CX software included on them in the state that they are sold.  Now in trying to configure the ASA5512, and with further reading of the setup documentation, I have discovered that I do not have the capability to access the CX functionality with this model 'as is', and this combination does not appear to be appropriate.  It appears that the CX software module is not actually included on the ASA5512-K9 model, but rather only on the ASA5512-SSD120-K9 model.  Could someone please verify for me that I have understood this correctly?
  If it is, then please advise if I should exchange the ASA5512-K9 for an ASA5512-SSD120-K9 to get the combination of this subscription license and ASA model working.  Am I correct in that the ASA5512-K9 model does not have a solid state drive on it already and so I can not download and install the CX software on it?   As an alternative, is it possible to purchase a Cisco solid state drive seperately, plug it into the ASA5512-K9, download the CX software, and then install it on this new drive in the ASA5512-K9? 
  I would greatly appreciate guidance from anyone who has experience with the ASA5512 line and CX.  I was unable to find help from Cisco pre-sales and technical support for this question via phone or online chat, and my reseller has been unable to answer this question for me so far.

  Hi!
  According to many documents, i.e. page 3 of http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5709/ps6120/white_paper_c11-727394.pdf
  An SSD is required to run AVC and WSE on ASA 5500-X Series Next-Generation Firewalls. SSD bundles have the ASA CX software image pre-loaded, and customers receive a free 60-day trial of the WSE and AVC subscriptions.
  An SSD bundle is ASA5512-SSD120-K8 (or  ASA5512-SSD120-K9). So If you happened to buy ASA5512-K9 - Then you definitely need this SSD option -  ASA5500X-SSD120=.
  Cheers.

• Access Connection​s Problems With Windows 7 and Microsoft Security Essentials

  There appears to be a conflict with Access Connections and Microsoft Security Essentials which causes Microsoft Security Essentials to generate high page faults and high CPU usage, and prevents normal operation of Access Connections.
  After fresh install and reboot Access Connections would not launch, and when cursor was moved to the taskbar, the cursor pointer changed to a spinning loop.  Clicking on the Access Connections gadget did nothing. Looking at Task Manager, Microsoft Security Essentials program msmpeng.exe was experiencing 5000+ page faults per interval.  Terminating msmpeng.exe immediately caused Access Connections to launch.
  System configuration: Lenovo Thinkpad x200s with Windows 7 Ultimate 64 RTM (installed with a fresh install) with all current updates, and all updates from Leovo including Access Connections V 5,42 Build 6JC725WW,
  Solved!
  Go to Solution.

  Here is a workaround to fix the issue
  1) Launch MS Security Essentials
  2) Click on the "settings" tab
  3) Click on "Excluded files & Locations"
  4) Click "Add"
  5) browse and add the following exceptions
   a) C:\Users\Public\Lenovo\Access connections
   b) C:\Users\Public\Lenovo\Access connections\AccConnAdvanced.html
  6) Click "Save Changes"
  The issue is also resolved in AC 5.5 which is posted to the web
  http://www-307.ibm.com/pc/support/site.wss/documen​t.do?lndocid=MIGR-73682
  Can someone please test both solutions and let me know if the issue is resolved.
  Thanks

• Downloads for different products e.g., Crawler Web Security won't take

  I attempted to download different toolbars and products such as from Crawler's Spyware and Web Security without any luck. It goes through the usual set-up windows and a window opens up to say that the downloads have been successfully completed. I cannot find them!

  Does the ext directory have the php_oci8.dll? In the original steps the PHP dir is renamed. In the given php.in the extension_dir looks like it has been updated correctly. Since PHP distributes php_oci8.dll by default I reckon there would be a very good chance that the problem was somewhere else. Since this is an old thread I don't think we'll get much value from speculation.
  -- cj

• ITunes still doesn't recognize iPod Touch with Microsoft Security Essentials Installed

  Just updated iTunes to v. 10.3.1.55 and still have the same problem with iTunes freezing when connecting my iTouch.  It will eventually respond but never recognizes my ipod.  Un-install Microsoft Security Essentials and it works fine.  I have 2 other computers with the same setup (software wise) and neither of those have this issue.
  Here's a thread with more details I've posted trying to find an answer to this...
  http://www.sevenforums.com/system-security/161085-security-essentials-itunes.htm l#post1439068
  Any help would be appreciated...
  Thanks,
  Mike

  Thanks for the suggestions, however I have already tried that and it had no effect.  I've put in exclusions, and even went so far as to disable the MSE service and still have the issue.  The only thing that corrects it is uninstalling MSE completely.
  This USED to work fine until I updated to iTunes 10.2.2 a couple of months ago...that release seems to be when it broke.
  I've even went so far as to completely reload my PC and it will work perfectly until MSE is installed....then no luck.

• I kept a dual boot of windows 7 and mac os x lion in macbook pro. so, should i keep antivirus for windows 7? which is prescribable between bit defender(bd) and microsoft security essentials(mse)?does bd and mse un-installs easily?

  i kept a dual boot of windows 7 and mac os x lion in macbook pro. so, should i keep antivirus for windows 7? which is prescribable between bit defender(bd) and microsoft security essentials(mse)?does bd and mse un-installs easily?

  lower your font size unless you have difficulty
  MS Security Essentials is excellent
  Then again maybe time to investigate Windows 8 RP (which uses Defender)

• Warning System spameater Unable to connect to Cisco Web Security Service.; URL Filter...

  My C670 ESA's have been throwing these alerts intermittently for the past few days, anyone else seeing them?
  The Warning message is:
  Unable to connect to Cisco Web Security Service.
  URL Filtering will not work correctly.
  Please verify all network, proxy and firewall settings.
  Connection to "v2.sds.cisco.com" failed.
  The last error seen on this connection: "Request failed with code: 28 (Connection time-out)"
  Version: 8.5.6-092
  Looks like it is open on port 443 and currently up.  Hitting it with a browser gives me:
  https://v2.sds.cisco.com/
  After an error or two they go away and appear OK.   
  Checking the logs I don't see a way to verify URL lookups are working, is there a way?
  Also, I setup URL filtering six months ago and had it set to only trigger on (-10)-(-9.5) and saw about an 80% false positive.  It has improved over the past six months drastically but still catching mostly advertising URLs and allowing all phishing URLs right through.  I've yet to see it block a phishing URL.
  Jason

  After lots of trial and error, I was able to eliminate this problem.  What I wound up doing is defining the XE service again in the listener.ora file:
  SID_LIST_LISTENER =
    (SID_LIST =
      (SID_DESC =
        (SID_NAME = XE)
        (ORACLE_HOME = C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server)
  I know that typically you should not have to do this, especially since I already had defined DEFAULT_SERIVCE_LISTENER = (XE) at the bottom of the listener.ora file.  Explicitly defining the XE service in the listener.ora file allows the listener to find it while the system is running under the Cisco AnyConnect VPN.  The only hiccup I found by doing this is that the XE service is discovered twice by the listener when the system is NOT running under the Cisco AnyConnect VPN.  It still works OK.  The listener just seems to ignore the repeated definition of the XE service (see output below):
  C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server\bin>lsnrctl service
  LSNRCTL for 32-bit Windows: Version 11.2.0.2.0 - Production on 13-JUN-2013 10:03:15
  .......(omitted output).......
  Service "XE" has 2 instance(s).
    Instance "XE", status UNKNOWN, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0
           LOCAL SERVER
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0 state:ready
           LOCAL SERVER
  Service "XEXDB" has 1 instance(s).
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "D000" established:0 refused:0 current:0 max:1022 state:ready
           DISPATCHER <machine: DEV-M-137GF, pid: 5544>
  (ADDRESS=(PROTOCOL=tcp)(HOST=DEV-M-137GF.paychex.com)(PORT=58257))
  The command completed successfully
  If anyone has a cleaner solution for this problem, please let me know.  Otherwise, I am moving forward with what I did.
  Thanks.....Paul

• SAP.Web.Security.TicketException: MYSAP_INVALID

  We recently updated our portal to the following:
  J2EE Engine 6.40 PatchLevel 108290.313
  Portal 6.0.20.0.0
  Previously sap.web.security dll worked fine but now I get this exception
  SAP.Web.Security.TicketException: MYSAP_INVALID
  I have tried all the suggestions in this forum and nothing works.  Does anyone have the orginal source code for this dll or a working solution ?
  the following code does get the ticket if I remove the handler from the web.config.....
              Dim cookieString As String = HttpUtility.UrlDecode((Request.Cookies("MYSAPSSO2").Value).Replace("!", "%2B"))
              Dim ticket As SAP.Web.Security.MySapSso2Ticket = New SAP.Web.Security.MySapSso2Ticket("verify.pse", cookieString)
              Dim objUsr As SAP.Web.Security.MySAPSso2Identity = New SAP.Web.Security.MySAPSso2Identity(ticket, cookieString)
  so why does the handler fail ?  driving me crazy.

  Ok so I added the code to the wiki in the attachment area. Hopefully Wiki mods don't delete it.  This works perfectly for our purposes and config.
  https://www.sdn.sap.com/irj/sdn/wiki?path=/display/snippets/home&
  SSOTest.rar.jpg
  PortalSecurity.rar.jpg
  Right Click and save the files then remove the .jpg extension.  Open with WinRAR or Winzip.
  You will have to generate your own public key so take a look at the assemblyinfo.vb file.
  Steps to create your own public key
  C:DevelopmentPortalSecurityKeyFile>sn -k keyfile.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Key pair written to keyfile.snk
  C:DevelopmentPortalSecurityKeyFile>sn -p keyfile.snk publickey.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Public key written to publickey.snk
  C:DevelopmentPortalSecurityKeyFile>sn -t publickey.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Public key token is [should display your Public Key Token]
  Other config...May not be necessary as you can change the code to do whatever you want.
  - Note 442401 - Web server filter for SSO to third-party systems
    (https://service.sap.com/sap/support/notes/442401)
  Extract the zip file attached to this SAP Note.  Follow the instructions in the SAP Note and the instructions in the "filterdocs" directory of the unzipped files. 
  For our environment, I copied the iss6_sso.dll (for IIS 6) and the verify.properties files into the "inetpubscripts" directory.  (There is a "verify.properties" file attached tot the source for your reference).  Note the reference to a verify.pse file in the 'verify.properties' file.  It should point to wherever the verify.pse file is, which in our case is "c:secverify.pse".   I also copied the WPSSO_V3.DLL file from the "C in
  ti386" directory to the system32 directory. 
  - Note 304450 - Single-Sign-On with SAP logon tickets in non-SAP systems
    (https://service.sap.com/sap/support/notes/304450)
  This SAP Note points the developer to SAPSSOEXT in SAP's software download area.  Use SAPCAR to unzip the downloaded file and follow the instructions in this SAP Note and the instructions in the DOCS directory (a PDF and a README.TXT file). 
  PDF Note:  The comments portion of the MySapEvalLogonTicketEx function declaration (Section 3.2 of the PDF) indicates that an environment variable named SSF_LIB must be created/exist.  It should point to the location of the SSF-compliant security library (ie: SAPSECU.DLL in the system32 directory).

• Windows 7 crashes when scanning with security essentials in bootcamp

  Hi
  Hope someone can help.
  I believe all my software is up to date.
  When I run a complete scan using W7 security essentials in boot camp I get a Blue Screen.
  Any suggestions?
  Thanks
  Barry

  OK
  I ran a scan disk on the partition and it ran cleanly to completion.
  I then scanned only the bootcamp partition with security essentials. it ran cleanly.
  I then selected my LaCie USB3 disk which is formatted in OSX mode. not NTFS. The scan failed with the BSOD stating that there was a Bad_Pool_Call.
  So I'm happy to scan only the Bootcamp partition.
  I'll raise this in the Windows support group, but I suspect they will say its a deficiency in the bootcamp interface modules. I can't help but agree. 
  Thanks to all for your constructive comments.
  Barry

• Ask the Expert:Cisco Web Security

  With Ryan Wager
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn about design, configuration and troubleshooting of the Cisco Web Security Solutions including Cisco Ironport WSA and Cisco ScanSafe with Cisco experts Kiran Sirupa and Ryan Wager. Kiran Sirupa is a technical marketing engineer in the product marketing team for the Cisco IronPort Web Security Appliance product line. He also works on documentation, partner ,and system engineering training. Kiran has been working in the Cisco Security Technologies group for more than six years. Ryan Wager is a technical marketing engineer at Cisco in the product management team for the ScanSafe Web Security platform. He is heavily involved with the product's integration with the Cisco Integrated Services Router Generation 2 platform, along with documentation, training, and testing of all new products and features. Before joining the product management team, Wagner spent two years as an implementation engineer helping ScanSafe's largest customers implement the platform into their networks.
  Remember to use the rating system to let Kiran and Ryan know if you have received an adequate response.  
  They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Security sub-community, discussion forum shortly after the event. This event lasts through October 7, 2011.. Visit this forum often to view responses to your questions and the questions of other community members.

  Yes, the IronPort WSA will support all the security functions including Anti-Virus, Anti-Malware, Anti-Spyware, Web Reputation when working in conjunction with an existing proxy.
  There are two conditions:
  1. WSA acts as an upstream proxy - In this case, the authentication will be handled by your existing proxy, but the WSA is the first layer of defense. The WSA will perform a lookup in its web reputation database based on the destination. Also, The WSA can scan the http response with Anti-Virus, Anti-SpyWare and Anti-Malware software. However, since the WSA doesn't have user authentication information, you can only apply global controls for Acceptable Use.
  2. WSA has to go through an existing upstream proxy - In this case, the WSA has all the security functionality. In addition, it also handles the authentication. Hence, you can apply role based controls.
  You may refer to the following links for more information:
  WSA Product Literature: http://www.cisco.com/en/US/products/ps10164/prod_literature.html
  Cisco Security Reports: http://www.cisco.com/en/US/prod/vpndevc/annual_security_report.html
  Cisco Security Intelligence Operations: http://tools.cisco.com/security/center/home.x

• Cisco ISE or NAC Guest with web security (IronPort) integration

  All,
  We have a scenario where guests will be authenticated against the ISE or NAC Guest server, and customer will place an IronPort to provide web security, however, we can not find referentes whether IronPort can or cannot integrate with Guest Server, so that guests are not requested to be authenticated twice, one by the Guest Server, a one by the proxy. The idea is to keep it transparent for the guests with a single authentication.
  Has anyone there implemented such scenario?
  Thank you!

  I see. So, lets say we disable proxy authentication for the guest segment, can I still provide content filter for the segment, even though there is no proxy authentication? I assume customer will lose the reportinga and tracking granularity, but the scenario will work withou proxy authentication. This may be some sort of "man in the middle" only, but with content filter. Does it make sense?
  Thank you!

• Ask the Expert: Service Delivery Manager for Cloud Web Security with Alex Chan

  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about the recommended practices for Cisco Cloud Web Security (CWS).  Cisco Cloud Web Security (CWS) provides industry-leading security and control for the distributed enterprise, with Cisco expert Alex Chan.
  October 27, 2014 through November 7, 2014.
  Learn how users are protected everywhere and anytime, when using CWS through Cisco worldwide threat intelligence, advanced threat defense capabilities, and roaming user protection. Create a virtual space to learn and ask questions about best practice when implementing Cloud Web Security offerings for various customer requirements and environments. Alex will also answer questions about Easy ID, CWS as SAML Service Provider, Deployment Options (such as ASA, ISR, WSA, Workgroup based Connector and AnyConnect Web Security agent.
  Remember to use the rating system to let Alex know if you have received an adequate response.
  Because of the volume expected during this event, Ali might not be able to answer each question. Remember that you can continue the conversation on the Security community, sub-community shortly after the event. This event lasts through November 7, 2014. Visit this forum often to view responses to your questions and the questions of other community members.

  Cisco CWS platform is one of the Cisco products that maintain collaboration with Cisco PSIRT, and there are few security vulnerabilities related to CWS were being monitored by PSIRT, which you can find out more about in: http://tools.cisco.com/security/center/home.x#~blog.
  Another Cisco entity known as "SenderBase" that is powered by Cisco Security Intelligence Operations (SIO) will provides a view into virus threat intelligence collected from CWS cloud traffics. For more information about "SenderBase", please visit this web site: http://www.senderbase.org

• Adding SAN through web-security and Creating CSR for Tomcat (CUCM 10.5) to be signed by Third Party CA

  Hi Guys,
  Wondering if Any one has done this or could suggest the needful,
  We are running CUCM 10.5 cluster and currently using self-signed certificate for Tomcat. Now, we would like to get it signed by Third party CA.
  Just to be clear that we are doing this for Jabber clients so they should not get prompted for certificate Invalid.
  Now the issue; The CUCM is using IP address as hostname and for that reason we had to add the desired IP address under SAN (alternate name) through set web-security command. We did that successfully and restarted the Tomcat service and when we run the Show web-security command, it does show the added SAN;
   altNames: 2 names
            1) UCS-CUCM-UB.domain (dNSName)
            2) 10.x.x.x (dNSName)
  But when we try to generate the new CSR, it didn't contain the modified SAN, just the first one i.e only 1) UCS-CUCM-UB.domain (dNSName)
  Is there anything we missed here to get the added SAN being populated in the new CSR ?
  Regards
  M

  Hi Gordon,
  Thank you for your prompt response. For recommendation, you are right but we don't want to initiate that change for now unless, there is no other option left.
  While Generating new CSR, under SAN, there is only Parent Domain field which is populated with our domain name. How should I add the IP address there ?
  Regards

• Cannot download adobe flash even after i disable microsoft security essentials. what do you suggest???

  i just got an hp p7 q7 quad desktop. i'm having great difficulty downloading adobe flash player apparently because i'm using firefox as my browser. i disabled microsoft security essentials as instructed, but i'm still unable to download.
  any suggestions???

  I suggest that you download and run the Acrobat Cleaner Tool http://labs.adobe.com/downloads/acrobatcleaner.html
  Next download and run the offline installer from http://get.adobe.com/reader/enterprise/ - all availabel Reader versions 9.5, 10.1, and 11.0 should run fine on Windows XP.
  [topic moved to Adobe Reader forum]