cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1993
Views
0
Helpful
6
Replies

FirePOWER URL Filtering Capability

Ji-Won Park
Level 1
Level 1

Hi all,

 

Can I actually do time based (quota) web access to users? For example, I want group A to access Marketing sites for 1 hour a day. Is this something possible in FirePOWER?

 

Thanks

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

You can't do that with the current (5.4) FirePOWER modules and FireSIGHT Management Center.

I've heard rumor it may be possible in 6.0 (later this year) but we will have to wait and see if that feature makes the cut.

View solution in original post

6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

You can't do that with the current (5.4) FirePOWER modules and FireSIGHT Management Center.

I've heard rumor it may be possible in 6.0 (later this year) but we will have to wait and see if that feature makes the cut.

Hello,

may I know if it's possible to exempt a URL from IPS inspection? If yes can it be done without url filtering license?

regards,

Akhtar 

Hi Akhtar,

I believe it is possible. You have to build a ACL for sourcefire redirection anyways to redirect the traffic, and you can deny particular fqdn using the ACL.

You will be matching that ACL in your class-map and apply the necessary policy.

Hope it helps.

The basic requirement for URL filtering to work is to have a URL filtering license. If you have a url filtering license you can block or allow the URLS based on the cateogarization under which those URL 's falls.You can create access control policies based on those cateogarizations and you can mention the required actions . Its always better to upgrade the devices in a timely fashion according to the updated releases. Time based access control policy management is not yet started to support in firepower devices.

Hello, I had the same question, since version 6.0.1 is out, is it possible to do time based (quota) web access to users?

Thanks,

Hi Hector

The URL filtering in Firepower does not support time-based quota, even in 6.0.1.

That feature exists on the Web Security Appliance (WSA).

Paul

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: