cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

8129
Views
7
Helpful
5
Replies
miras
Contributor

OpenDNS vs URL filtering

If you had OpenDNS setup in your environment, would you still have URL filtering on your Sourcefire network device or not?

1 ACCEPTED SOLUTION

Accepted Solutions

Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.

In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.

Which one would do a better job?

Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.


View solution in original post

5 REPLIES 5
miras
Contributor

Anybody!!!???

eduardxhako,

I am moving your post to the NGFW/Firewalls space in the Security community for better visibility and feedback.

Since you are a Cisco Partner, you may want to also post to the Cisco Partner Security Community for additional information.

Security

Kelli Glass

Moderator for Cisco Customer Communities

Oliver Kaiser
Rising star

As always in IT it really depends. What are you trying to achieve by using URL filtering? Do you only want to block malicious traffic or have granular control on which content users can access?

OpenDNS is great to filter out malicious domains before they are even accessed but keep in mind that OpenDNS and FirePOWER do not use the same feeds in regards to domain reputation, since Firepower uses Talos Feeds for Security Intelligence (IP/DNS Reputation) and Brightcloud feeds for URL filtering.

TCO will be higher if you use both solutions, but you will end up with a better security solution.

Let me know if this answers your question.

Thank you for your input Oliver.

I just wanted to know how different these services are from one another, or how similar.

Now, what if i wanted to use both of them for Granular Control and Block Malicious traffic? Which one would do a better job?

The other thing is, what about WSA (or CWS) for web filtering if we add that to the mix?

I know that more is better in this case, but our customer's company sizes differ. We have small ones, medium, and big ones.

What would be a good solution for each one of them? Small companies can't afford to have all of them.

Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.

In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.

Which one would do a better job?

Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.


Create
Recognize Your Peers
Content for Community-Ad