We use filter rules on an ASA5510 firewall to direct clients to a web filtering server which generally works very well.
However lately we're finding that despite having more web filtering licenses than users, the web filtering licenses are being consumed up, mainly because of a recent increase in the rollout of ipads, iphones, androids etc.
We could deploy a proxy server in the wireless DMZ to make all the wireless devices appear to web filter as a single IP, and apply a single policy,
but that brings it's own problems.
My question is: Is there a way to hide them all behind the interface IP instead, so that all wireless devices appear to the web filter on the LAN as the wireless dmz interface IP rather than the wireless device IP?
I know this means we can only apply one web filter policy but this is an acceptable solution.
I would say, "It depends". Some proxies use a license by username rather than IP address. If yours does use license by IP, you could NAT before hitting the firewall. I think you would have to NAT it before hitting your ASA and not on the DMZ interface.
Hello All, We are using appliance SNS-3495 with 184.108.40.2060 version patch 15. As per the notification pop, Flash player support to end on December 2020 and we are unable to login to CIMC Console for a re-imaging activity. My query1. Can...
Which Cisco Secure products include access to SecureX?
Eventually, all will. At the current time, a license to any of the Cisco products listed here grants immediate rights to use the SecureX platform:https://www.cisco.com/c/en/us/product...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
ISE Node Terminology
Policy Administration Node
Monitoring & Troubleshooting Node
Policy Services Node
Platform Exchange Grid Node
The single plane of glass for ISE administration and configuration operatio...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...