Cisco Systems ASA 5585-X Webcam User Manual


 
CHAPTER
29-1
Cisco ASA Series Firewall ASDM Configuration Guide
29
Configuring Filtering Services
This chapter describes how to use filtering services to provide greater control over traffic passing
through the ASA and includes the following sections:
Information About Web Traffic Filtering, page 29-1
Configuring Filtering Rules, page 29-6
Filtering the Rule Table, page 29-11
Defining Queries, page 29-12
Filtering URLs and FTP Requests with an External Server, page 29-2
Information About Web Traffic Filtering
You can use web traffic filtering in two distinct ways:
Filtering ActiveX objects or Java applets
Filtering with an external filtering server
Instead of blocking access altogether, you can remove specific undesirable objects from web traffic, such
as ActiveX objects or Java applets, that may pose a security threat in certain situations.
You can use web traffic filtering to direct specific traffic to an external filtering server, such an Secure
Computing SmartFilter (formerly N2H2) or the Websense filtering server. You can enable long URL,
HTTPS, and FTP filtering using either Websense or Secure Computing SmartFilter for web traffic
filtering. Filtering servers can block traffic to specific sites or types of sites, as specified by the security
policy.
Note URL caching will only work if the version of the URL server software from the URL server vendor
supports it.
Because web traffic filtering is CPU-intensive, using an external filtering server ensures that the
throughput of other traffic is not affected. However, depending on the speed of your network and the
capacity of your web traffic filtering server, the time required for the initial connection may be
noticeably slower when filtering traffic with an external filtering server.
Model License Requirement
All models Base License.