06-24-2008 05:03 AM - edited 02-21-2020 02:53 AM
Hi,
I'm not a networking person at all and don't know where to look. We have an ASA 5510 and I want to see who is streaming video and surfing unmentionable sites. Once I find out who and where they are going, I eventually want to block those sites. We are a small 60 employee company and that T1 is DOG slow at times. Can the ASA 5510 help me with want I want to do? If not, are there any cheap solutions?
Thanks,
Quin
06-24-2008 02:10 PM
You can capture realtime ASDM logs into a syslog server but you will have to go through links where users visit, obiously this could be a long tedious task , you may consider looking into a more inteligent devices to do it for you such as the CSC-SSM add-on module.
http://www.cisco.com/en/US/products/ps6823/index.html
Rgds
-Jorge
06-25-2008 12:06 AM
Yes, you will have to go through the logs and find the IP address/ domain names/url's/ ports where the users are connecting to..
Then you can -
- block the IP's/ports using access-lists
- block the domains/urls with specific expression like "xyz.com" or ".mp3" using regular expressions
06-25-2008 05:41 AM
Isn't there a way to see the NAMES of the domains? I don't want to have to sort through IP addresses to see which ones are legit. If not, is there a software package out there that reads this information and converts the IP addresses into Domain Names?
Thanks,
Quin
10-02-2008 08:40 AM
You might want to consider adding a specific web access tracking product like Websense. It can filter and block sites by category and log access. It is compatible with ASA.
This will save you a lot of log file diving. There are enough inappropriate sites out there that when you block them manually you might never finish.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide