URL Filtering test Destinations - FTD/FMC

Fantas · ‎12-05-2019

Hi,

we have enabled URL filtering to block access all dodgy sites for internal employees but how to make sure if all this working. I can test with few sites but is there any Cisco recommended test destinations to make sure All Good.

I have tried to visit some adult sites and its blocking but when test with many more sites.

we also wana test IPS and File/Malware polcies if its functioning.

So needs to know Cisco test destinations to test URL, IPS and File/malware functions configured on FTD/FMC.

nspasov · ‎12-05-2019

For URL testing

I always use the following test URLs from Cisco Umbrella:

Phishing	http://www.internetbadguys.com
Malware	http://www.examplemalwaredomain.com
Malware	http://malware.opendns.com/
C&C - Botnet	http://www.examplebotnetdomain.com

In addition, you can always refer to TALOS Intelligence to check the reputation and category of particular URL:

https://talosintelligence.com/

For Malware Testing

I always use the EICAR test malware file that can be found in the link below. There are options to download the file via HTTP and HTTPS which would allow you to test your TLS/SSL policies and your endpoint client.
There are other ways to test this but you have to be careful not to end up with real malware files in your environment
https://www.eicar.org/?page_id=3950

For IPS Testing

I am a huge fan of Qualys as they offer a community edition which is 100% free and a paid version for those that like the product and want to expand its use:
https://www.qualys.com/community-edition/

I hope this helps!

Thank you for rating helpful posts!