[c-nsp] Cisco ScanSafe, aka Cisco Cloud Web Security

Scott Voll svoll.voip at gmail.com
Fri Dec 6 09:51:20 EST 2013 

Accept the terms of the captive portal, then all your connections go to
CCWS after that.  The anyconnect client is smart enough to not push the
traffic until it has a internet connection.  I guess unless you put it into
a closed state.  we have it open so that when they are out of the office
they can go through the portal, then be proxied.

Hope I understood that correctly.

Scott



On Thu, Dec 5, 2013 at 11:14 PM, Eugeniu Patrascu <eugen at imacandi.net>wrote:

> Hi,
>
> How do you handle captive portals in hotels and other venues where you
> first have to login into the portal and then have Internet access ?
>
> This is my biggest woe right now in this regards with any kind of proxy
> settings I can push to users.
>
> Thanks,
> Eugeniu
>
>
> On Thu, Dec 5, 2013 at 10:05 PM, Scott Voll <svoll.voip at gmail.com> wrote:
>
>> We currently use CCWS (previously ScanSafe) with the Anyconnect client.
>>  Nice solution.  Whether your in the office or remoting from a Starbucks,
>> the traffic is always proxied.  We went with the solution because of a
>> couple reasons:
>>
>> 1. with multiple egress points on the corporate network, we didn't want to
>> be down if we lost a proxy server.
>>
>> 2. corporate laptops whether in the office or at Starbucks would still be
>> proxied.  This helps limit our virus and malware infections.  and provides
>> HR reports.
>>
>> 3 split tunneling would be an option because the traffic doesn't have to
>> come back to your internal proxy.
>>
>> 4. our remote home office bandwidth is very limited, so using the cloud it
>> provided for better use of that bandwidth.
>>
>> all and all it's a good solution.  I'm not going to tell you that we have
>> not had any issues, but with any new solution, there will be a couple
>> bruises along the way.
>>
>> YMMV
>>
>> Scott
>>
>>
>>
>> On Wed, Dec 4, 2013 at 7:53 AM, Herro91 <herro91 at gmail.com> wrote:
>>
>> > Hi,
>> >
>> > I'm doing some research on the Cisco Cloud Web Security offering, also
>> > known as ScanSafe.
>> >
>> > Has anyone on the lists explored Cisco's ScanSafe SaaS offering, now
>> called
>> > Cisco Cloud Web Security - as a means of providing protection in the
>> cloud
>> > that would potentially negate the requirement to have a full tunnel
>> (i.e.
>> > allow split tunneling) for teleworkers?
>> >
>> >
>> > Thanks!
>> >
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
>

More information about the cisco-nsp mailing list