In which two customer environments is the Cisco WSAv connector traffic direction method selected? (Choose two.)
In which two customer environments is the Cisco WSAv connector traffic direction method selected? (Choose two.)
In the environments where a customer owns an ASA appliance, the traffic direction method for the Cisco WSAv connector is specifically selected when either a virtual form factor is required or SSL tunneling is required. These situations necessitate particular configurations that align with the traffic direction capabilities of the WSAv connector.
Correct https://www.denaliai.com/media/1182/cisco-cloud-web-security_data-sheet.pdf
diagram in page 2 https://www.denaliai.com/media/1182/cisco-cloud-web-security_data-sheet.pdf
AD the question specifically mentions the Cisco WSA connector and its traffic direction method. The options A and D are related to the WSA connector and its traffic direction method as they mention the use of ASA appliance and the need to support roaming users respectively. While option E is not related to the WSA connector as it is talking about a different method of transparent redirection using WCCP, which is not related to the WSA connector. So the best answer would be A and D, as they are the two environments where the Cisco WSA connector traffic direction method is selected and it is in line with the question.
Cisco WSAv connector traffic direction refers to the method used to redirect web traffic from clients to the Cisco Web Security Appliance (WSA) for inspection and policy enforcement. The WSA is a security device that provides web security features such as malware protection, web filtering, and data loss prevention for web traffic. By redirecting web traffic through the WSA, organizations can ensure that all web traffic is scanned for security threats and that policies are enforced. The WSAv connector is used to enable this traffic redirection, and it can be installed on various Cisco security devices such as ASA or ISR routers, to ensure that all web traffic is directed to the WSA for inspection
I will go B & E. As WSA can handle explicit or transparent (via WCCP) and do a "proxy chain" to Umbrella. As the Question is about virtual WSA, then B & E fit the requirement
B E IS OK
Agree with A. But E no make sense regarding WCCP is Cisco proprietary and it explicitly write "Customer does not own Cisco hardware". So I am going for A & B
Voting B & E here.... According to Cisco: "The first step to planning the Cisco WSA deployment is to determine how to redirect web traffic to the appliance. There are two possible methods to accomplish the redirection of traffic to Cisco WSA: transparent proxy mode and explicit proxy mode. In a transparent proxy deployment, a WCCP v2-capable network device redirects all TCP traffic with a destination of port 80 or 443 to Cisco WSA, without any configuration on the client. In an explicit proxy deployment, a client application, such as a web browser, is configured to use an HTTP proxy, such as Cisco WSA." https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVD-WebSecurityUsingCiscoWSADesignGuide-AUG13.pdf
AE B. Customer does not own Cisco hardware and needs Explicit Proxy. - could be anything you can install McAfee (trellix), BlueCoat, Squid whatever ... but but if WSAv is a requirement "A" makes sense
B and E cover two common scenarios of WSA deployment, and both got the right justification for the virtual instance installation.