Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
3
Helpful
5
Replies

Security Intelligence license and URL license comparison

Ditter
Level 4
Level 4

‎01-07-2024 03:17 AM

 

Hi to all,

I am trying to understand the difference between the threat defense license and the URL licence.

As SI is actually threat defense i suppose that you also get "bad" URLs as part of Security Intelligence and threat defense.

What extra do you get when you also purchase the URL filtering?   The ability to filter based on categories of URLs?

Probably simple question, just wanted to clarify this.

Thanks 

 

Ditter

0 Helpful
5 Replies 5

tvotna
Spotlight
Spotlight

‎01-07-2024 11:28 AM

Yes, URL filtering allows filtering by URL category and reputation (5 levels) while SI filters traffic to malicious sites (1 level if you will) and the quality/completeness of Cisco-DNS-and-URL-Intelligence-Feed is highly questionable.

 

 

 

 

MHM Cisco World
VIP
VIP

‎01-07-2024 11:56 AM

I will share some note tomorrow 

MHM

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-07-2024 07:22 PM

As @tvotna mentioned, URL filtering license allows to to select based on categories (around 90 of them if I recall correctly). You can also combine the URL filtering rule with other conditions such as identity to include usernames and AD groups if you want a more granular and context-based URL filtering policy. SI URL filtering is a common setting for a given ACP and will be applied to all identities, zones, networks etc.

Ditter
Level 4
Level 4

‎01-09-2024 02:17 AM

Thanks for the clarification, the DNS Policy is part of SI or URL license subscription?

That is if i purchase the ThreatDefence license i also get the DNS Policy categories (such as those in the pic i attached) or have i to purchase the URL filtering license also.  I suppose it is part of SI and that is the reason i see it as part of SI configuration.  Correct?

As far as granularity is concerned i suppose that SI is also granural because you can also activate which categories you desire to filter upon.  Off course as you mentioned if you have purchased the URL filtering you can do it per vlan, per indentity etc which you can not do if you purchase SI license because it is applied before the ACP itself and not per ACP rule.

Correct? 

Please refer to the attachments.

Thanks again,

Ditter

Preview file
75 KB
Preview file
65 KB
Preview file
69 KB
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ditter

‎01-09-2024 04:36 AM

@Ditter your summary and understanding is correct.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card