Cisco Systems and the ASA Services Module Network Router User Manual


 
29-11
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 29 Configuring Filtering Services
Filtering URLs and FTP Requests with an External Server
Caching Server Addresses
After you access a website, the filtering server can allow the ASA to cache the server address for a
certain period of time, as long as each website hosted at the address is in a category that is permitted at
all times. When you access the server again, or if another user accesses the server, the ASA does not
need to consult the filtering server again.
Note Requests for cached IP addresses are not passed to the filtering server and are not logged. As a result,
this activity does not appear in any reports. You can accumulate Websense run logs before using the
url-cache command.
To improve throughput, enter the following command:
Filtering HTTP URLs
This section describes how to configure HTTP filtering with an external filtering server and includes the
following topics:
Enabling HTTP Filtering, page 29-12
Enabling Filtering of Long HTTP URLs, page 29-12
Truncating Long HTTP URLs, page 29-13
Exempting Traffic from Filtering, page 29-13
Command Purpose
url-cache dst | src_dst size
Example:
ciscoasa## url-cache src_dst 100
Replaces size with a value for the cache size within the range from 1 to 128
(KB).
Uses the dst keyword to cache entries based on the URL destination
address. Choose this option if all users share the same URL filtering policy
on the Websense server.
Uses the src_dst keyword to cache entries based on both the source address
initiating the URL request as well as the URL destination address. Choose
this option if users do not share the same URL filtering policy on the
Websense server.