Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
680
Views
14
Helpful
5
Replies

URL based filtering

shashank.sau1
Level 1
Level 1

‎07-23-2015 09:57 AM

Can we do URL name based filtering in any Cisco device ? if yes, please help me with few options .

Thanks-

Shashank

Labels:
0 Helpful
5 Replies 5

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎07-23-2015 05:59 PM

Here is a document that you can refer for URL filtering on ASA's:-

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html

Hope this helps.
Regards,
Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-23-2015 07:41 PM

While Dinesh is technically correct, I almost never see a customer using the ASA regex filtering. (And i have seen several hundred installations.) 

Web filtering using Cisco products is most often done with the Web Security Appliance (WSA). the other two common ways are with the FirePOWER URL filtering feature or the (now end of sales) CX NGFW,

Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Marvin Rhoads

‎07-23-2015 07:55 PM

Thanks for additional information , Marvin :)

Regards,
Dinesh Moudgil

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

shashank.sau1
Level 1
Level 1
In response to Marvin Rhoads

‎07-24-2015 07:39 AM

Hello Marvin

Thanks for your information .

Can you please explain me more about FirePOWER URL filtering feature ? Is it a ASA inbuilt feature or I will have to go for a dedicated device for this setup ?

Currently I have a Cisco ASA 5515X with iOS 9.2 firewall which is used to control access for inside network . Can the firepower device integrated with Cisco ASA 5515X with iOS 9.2 ? IF yes ..how to do so ?

 

Regards-

Shashank

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to shashank.sau1

‎07-24-2015 07:54 AM

URL filtering is one of the license types available for the ASA with FirePOWER services module. See this data sheet for an overview.

ASA 5500X series have an optional solid state drive (SSD) and a software module type that they can run. You can check what yours has with:

show inventory

show module

The FirePOWER module is the "sfr" type which was introduced as of AS version 9.2(2) in Fall 2014. The other two type are the classic IPS and CX NGFW modules ("ips" and "cxsc") - both now end of sales but sill in use in many networks.

If you have a 5515X without the SSD or FirePOWER module, you can upgrade to add it.

You also need to manage the module with an external FireSIGHT Management Center. That runs as a VM in your VMware ESXi environment. It is required for all but the new entry level platforms (5506, 5508 and 5516 appliances).

0 Helpful
Customers Also Viewed These Support Documents