Categorized URL filtering

bcho · ‎02-25-2013

Hi,

I have recently installed S370 AsyncOS 7.5.0-833 release at a customer site. With URL filtering enabled, I noticed a strange behaviour when attempting to block Web-Based Email category. If I attempt to browse www.gmail.com, URL gets redirected to

https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2

and it certainly gets blocked as displayed by the end-user notification pages about access policy being violated, etc. However, if I browse to www.google.com and click on the Gmail icon, URL gets redirected to

https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?tab%3Dwm&scc=1&ltmpl=default&ltmplcache=2

and the page doesn't get blocked. However, the pictures on this page do get blocked (strangely).

What can be done to ensure that the latter URL is blocked also?

Much appreciate your attention on this.

Regards,

Byung

Jennifer Halim · ‎02-26-2013

Hi Byung,

First URL gets blocked because it's HTTP traffic, while the later is HTTPS.

WIth HTTPS, you would need to configure HTTP Decrypt so it can be blocked accordingly.

Here is the steps for your reference (example uses youtube):

https://ironport.custhelp.com/app/answers/detail/a_id/1739/related/1

Hope that helps

ashaw216 · ‎04-04-2013

URL no longer works, do you have an updated one?

Christian Rahl · ‎04-04-2013

Try this.

https://ironport.custhelp.com/app/answers/detail/a_id/1739/

You can always go here https://ironport.custhelp.com/ and type in the article id.

Christian Rahl

Customer Support Engineer

Cisco Web Content Security Appliance

Cisco Technical Assistance Center RTP

ashaw216 · ‎04-04-2013

This is where I land when I clikc that link:

Cisco IronPort ScanSafe Customer Support

The new pages for IronPort and ScanSafe support are listed below. Please update your bookmarks.

When I got o the ironport Service and Support page and type in 1739 in the search bar I'm taken to a listing of network devices.

ashaw216 · ‎04-08-2013

So what am I doing wrong? How can it be this hard to find a KB article?

kerryjudy · ‎04-08-2013

I also landed on the same page from the links above but I was not logged in to the support portal. I think the old links will redirect you correctly there but also present the login page as a step.

Once I logged in I couldn't get it to duplicate the same (ScanSafe) page again... even though I closed all browers and logged out of the portal. Maybe it caches something (cookie) once you've gone there successfully once.

Try logging in to your portal and see if that resolves your issue.

This is the abbreviated link (same as above really) that I tried:

https://ironport.custhelp.com/app/answers/list

The old link I still have was thus:

http://www.cisco.com/en/US/products/ps11169/serv_group_home.html#~Overview

once on that page goto:

additional resources, communities, Cisco Email and Web Security Knowledge Base

Hope it helps....

ashaw216 · ‎04-08-2013

Hooray! Thanks for getting me to the KB... one would think that a link to it would be prominent once you get to the Web Security page, but then again this is Cisco...