https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683671#M1026730 <P>Sergio,</P> <P>Are you able to redirect the user to a custom webpage if they try to visit a HTTPS site or do they just wait for a timeout message to appear?</P> Fri, 09 Dec 2016 19:41:04 GMT dips00009 2016-12-09T19:41:04Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683664#M1026723 <P>Hi all,</P><P>I have one question about Sourcefire URL Filtering,</P><P>As I know Sourcefire does not support SSL Encryption/decryption,</P><P>My Question is How does it blocks HTTPS&nbsp;&nbsp;Websites ? ,&nbsp;eg: &nbsp;<A href="https://facebook.com" target="_blank">https://facebook.com</A>.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 12 Mar 2019 12:43:37 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683664#M1026723 shubhamkulkarni39 2019-03-12T12:43:37Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683665#M1026724 <P><STRONG><SPAN style="color:#000000;">Hi&nbsp;</SPAN><SPAN class="fullname" itemprop="author" style="padding-right: 0px;"><A about="/users/shubhamkulkarni39" class="username" datatype="" href="https://supportforums.cisco.com/users/shubhamkulkarni39" property="foaf:name" title="View user profile." typeof="sioc:UserAccount" lang=""><SPAN style="color:#000000;">shubhamkulkarni39</SPAN></A></SPAN></STRONG></P><P><FONT color="#000000">We have the same question a year ago.&nbsp;</FONT></P><P><FONT color="#000000">We block HTTPS website using the follow trick:</FONT></P><P><U><STRONG><FONT color="#000000">Step 1:</FONT></STRONG></U></P><P><FONT color="#000000">Go to <STRONG>Object Management -&gt;&nbsp;URL -&gt;&nbsp;Individual Objects -&gt;&nbsp;Add URL</STRONG></FONT></P><P><FONT color="#000000">Set name to the URL object, and type the url, for example, to block</FONT></P><P><FONT color="#000000">Facebook, type "facebook.com" unquoted.</FONT></P><P><U><FONT color="#000000"><B>Step 2:</B></FONT></U></P><P><FONT color="#000000">Go to the rule in Access control policy and associate this object to the rule.</FONT></P><P><U><FONT color="#000000"><B>Step 3:</B></FONT></U></P><P><FONT color="#000000">Apply all changes, wait a litle time until the control policy status go from<B>&nbsp;</B></FONT></P><P><FONT color="#000000"><B>"Appying to device" </B>to<B> "Policy Up-to-date on device"</B></FONT></P><P><U><FONT color="#000000"><B>Step 4:</B></FONT></U></P><P><FONT color="#000000">Try your config.</FONT></P><P>&nbsp;</P><P><FONT color="#000000">I hope help you</FONT></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 29 Jul 2015 21:23:27 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683665#M1026724 Sergio Garrido 2015-07-29T21:23:27Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683666#M1026725 <P>With the 5.4.x version of code you can perform SSL encryption/decryption and apply policy.</P> Fri, 14 Aug 2015 17:51:05 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683666#M1026725 rcmcdermott11 2015-08-14T17:51:05Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683667#M1026726 <P>Are you sure? I thought you couldn't do SSL decryption with SourceFire and that you required separate SSL hardware</P><P>&nbsp;</P><P>Do you have any documentation that shows its possible now?</P> Mon, 17 Aug 2015 20:15:01 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683667#M1026726 mythosmc1 2015-08-17T20:15:01Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683668#M1026727 <P>Certain. See the traffic decryption section of the 5.4.1 user guide: <A href="http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401.html">http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401.html</A></P> Tue, 18 Aug 2015 16:05:31 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683668#M1026727 rcmcdermott11 2015-08-18T16:05:31Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683669#M1026728 <P>To answer your question about how SourceFire filters URL traffic from HTTPS sites. &nbsp;SourceFire&nbsp;uses the Certificate name and SAN names that are sent from the remote end to your PC. &nbsp;Although the packet is sent as DTLS, the SAN names can be read in clear text. &nbsp;I have ran a packet capture to test. &nbsp;</P> Thu, 20 Aug 2015 14:51:21 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683669#M1026728 steveahughes 2015-08-20T14:51:21Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683670#M1026729 <P>Thanks Steve</P><P>&nbsp;</P><P>can you send me the packet capture, it would be useful for me to understand.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P><BR />&nbsp;</P> Fri, 21 Aug 2015 13:54:30 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683670#M1026729 shubhamkulkarni39 2015-08-21T13:54:30Z https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683671#M1026730 <P>Sergio,</P> <P>Are you able to redirect the user to a custom webpage if they try to visit a HTTPS site or do they just wait for a timeout message to appear?</P> Fri, 09 Dec 2016 19:41:04 GMT https://community.cisco.com/t5/network-security/sourcefire-url-filtering/m-p/2683671#M1026730 dips00009 2016-12-09T19:41:04Z