05-09-2012 11:22 AM
We have a need to prevent windows update traffic to flow thru our network on certain dates. Basically this type of traffic will clog our mpls bandwidth preventing other type of traffic to flow. We are using up to some part QoS on out routers but it not working all the time. Eg, we put in ip address of one windows update server but updates are pulled of the other, then you enter second ip and updates are coming from third, etc.
I would like to explore other, a bit more controllable options utilizing Cisco's technology: ASA 8.4, IronPort WSA.
In summary, to create a traffic policy, not specific to IP addresses, that will kick in at certain date/time, be on for certain period of time and turned off after (automatically).
Any ideas, suggestions how to tackle this issues would be greatly appreciated.
Regards,.
Solved! Go to Solution.
05-09-2012 12:10 PM
That is the point of the User Agent setting. (LOOK AT THE FIRST PICTURE, at the bottom and read what I wrote...)
The only application that it blocks is Microsoft's Windows Update. (the stuff in teal is clickable...)
05-09-2012 11:50 AM
In WSA, go to Web Security Manager/Define Custom Time ranges, and create a time range, call it "Workday", set it for the time you want to block.
Create a new Access Policy, set the identies to All Users, click Advanced at the bottom.
Set the time range to the Workday time range.
Set the user agent to the Microsof Windows Updates (Its under Common User Agents/Others)
In the Protocols section of the policy, set it for "Define custom settings", and tell it to http, ftp, etc.
There are other ways to do it, creating an Identity for example, and then creating a policy for that, but this should work...
05-09-2012 11:58 AM
That is my chalenge; i cannot block http or Native FTP because other business applications are using these protocols. I was wonderign to use regex-type of policy that will look for *microsoft.com* and block all related to this. For dates that i need to implement the policy i am not concern about web access to anything microsoft.com. How is regex used within WSA? Sorry i am new to WSA.
05-09-2012 12:10 PM
That is the point of the User Agent setting. (LOOK AT THE FIRST PICTURE, at the bottom and read what I wrote...)
The only application that it blocks is Microsoft's Windows Update. (the stuff in teal is clickable...)
05-09-2012 12:23 PM
Great, thanks for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide