Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
726
Views
0
Helpful
3
Replies

Cisco ASA + AIP SSM url https filtering

superlubis
Level 1
Level 1

‎11-29-2012 03:50 PM - edited ‎03-11-2019 05:30 PM

Can cisco block/filter https url such a https://www.cisco.com with inspect map or AP-SSM?

From Whaat i know is asa need third party like websense, to block. https url.

Thx

Labels:
0 Helpful
3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

‎11-29-2012 05:12 PM

Hello,

It can be done locally using the MPF ( with the use of regex and a layer 7 http inspection policy)

The AIP-SSM provides security to your network by using different mechanism like signature checks, global correlation,  anomaly detection,etc.

Now what you might want to use is the CSC-SSM module that provides you web filtering ( trend-micro)

Finally an external websense or any other kind of http url filtering device will do it.

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

superlubis
Level 1
Level 1
In response to Julio Carvajal

‎11-29-2012 05:24 PM

if user browse https sites thats mean he/she use port https right, i dont see https inspection in cisco asa. I only see http, ftp, dns, etc. so we cant use MPF because its only support http. correct me if im wrong

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to superlubis

‎11-29-2012 07:33 PM

Hello Ibrahim, You will need to use the CSC-SSM module on the ASA or an external server for filter HTTPS..

Exactly

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card