The Subscription-based Cisco IOS Content Filtering feature interacts with the Trend Micro URL filtering service so that HTTP requests can be allowed or blocked, and logged, based on a content filtering policy. The content filtering policy specifies how to handle items such as web categories, reputations (or security ratings), trusted domains, untrusted domains, and keywords. URLs are cached on the router, so that subsequent requests for the same URL do not require a lookup request, thus improving performance.
On August 17, 2012 the Identity certificate was changed on the Trend Micro server that the Cisco IOS device talks to. Since the new identity certificate is signed by a different Certificate Authority (CA), all users of the Cisco IOS Content Filtering feature must replace the CA certificate installed on the Cisco IOS device with the new CA certificate listed below, for the content filtering feature to continue working after August 17, 2012.
Affected users (which is all users who are using the Cisco IOS Content Filtering Feature), must log into their Cisco IOS device and update the CA Certificate for the Trend Micro server. In the below example, the trustpoint name is trendmicro, however it may be different on your specific device. You may however just copy and paste in the commands below (in configuration mode) to install the new CA certificate.
Step 1 - Remove Existing (old) CA Certificate
Issue the command no crypto pki trustpoint trendmicro (where trendmicro is the current name of your trustpoint). You will be prompted to ensure you want to delete the existing trustpoint, choose Yes.
Hi Guys, just want to double check with you. In FTD, I have 2 subnet and if I need to have intervlan for those 2 VLAN, do I still need to configure an identity NAT or any NAT?My target is doing intervlan routing between the 2 VLAN without any IP change.th...
Hi,I set up DVTI in EVE with 2 routers. HUB------SPOKE.Virtual-template is not showing up/down. Instead of up/up.Checked Phase1 and Phase2 parameters but not sure where I made a mistake.Attached diagram and configuration.Please take a look.
I tested using both Cisco ISE 2.4 (patch 9) and Cisco ISE 2.6 (patch 1). I have a user who successfully authenticated via RADIUS against ISE. Under ISE, Operations > Live Logs (and Live sessions), I see the user authenticated. After the accounting requ...
Hello,I would like to download ESA software for C695. But I cannot find any versions for this model.https://software.cisco.com/download/home/282509130Does anyone know how to find it and download it? Thank you!SH SHAO