I'm looking for a content filtering/antivirus/antispyware appliance for my company. Right now we have an ASA 5505 at the edge. We have several outside employees connecting via Cisco VPN clients to the ASA. I need an appliance that can do content filtering for my inside network, guest network, and VPN users. That's two local VLANs and a VPN pool which are all terminated at the ASA.
I've had good luck with Cymphonix in the past, but their boxes are a bit steep for the amount of throughput I need. We'll probably be moving from a 15/15 fiber connection to 80/10 cable soon since our provider can't seem to keep us online; even with an alleged "100%" SLA. They just don't have a network capable of anything close to 100% uptime, plain and simple.
I'd like to keep the ASA running as our firewall and VPN server, so the device needs to be able to do content filtering/av/as in a transparent mode.
I have a Cisco SR-520 router which I am trying to configure and install the IOS content filter. I have read many of the documents on this but some of the lines do not work, from using the pages belowURL you are supposed to enter parameter maps as follows:-
parameter-map type trend-global global-param-map server trps.trendmicro.com cache-size maximum-memory 256 cache-entry-lifetime 1
The router has 12.4 (20) T4, which is supposed to be supported, the only other way of configuring is using CCP which is not compatible with SR-520's you recieve hardware not supported message's.
I know the 5510 & 5520s support the CSC-SSM module for Content Filtering (Anti-Phishing, Anti Spam, URL filtering, Anti-Spyware & Antivirus), but what about content filtering for the ASA5525-K9.The problem that I have is that I need a firewall that supports up to 1 Gbps Maximum Firewall Throughput and to support 250 users with Content Filtering described above.I'm using the following doc for sizing and came across the ASA5525-K9 for 1 Gbps, but not sure about the Content filtering: url...
We have just buy a Cisco Small Business Router, model RV082. I need to enable the content filtering, but we just realized that this equipment does not filter HTTPS urls, even with the solution "Cisco ProtectLink Web" the equipment does not filter HTTPS urls.
For example, if I type on my browser just [URL], the access blocked, but if I type HTTPS:[URL], the access is allowed!Is there any way to block urls with HTTPS?
I have IOS content filtering using the Trend Micro subscription service working on a 2911 running 15.1.(3)T3 with the security license option and a 30 day demo Trend subscription. Once I figured out that the content filtering for Trend appears to be completely broken in 15.2 (even using docs for 15.2) I went back to 15.1 and it works great.
Everything seems great so far except I would like to have a more 'fancy' or custom blocked page where a user can have a couple links to either go to the trend micro reporting page [URL] or some other page, and maybe some branding so they know the page is coming from our network and is not some fake security thing or phishing attempt or whatever.
I know I can use the 'parameter-map type urlf policy trend ' section to do a tiny bit of customization of the text that appears on the default blocked page display and there is an option for it to go to a simple redirect instead ('block-page redirect -url') but how to do more with either the built in page or the redirect- url to keep the information of what page the user was trying to access and why it was blocked (category etc.) while adding more features.
Oh, one last thing, this doesn't support any kind of 'user override' or anything like that does it? So that a network can have a filter applied but an admin could override the filtering to allow temporary access to something?
I face a strange bahavior with my rv220w router : I set up access rules to deny all outbound trafic for a particular IP range. It seems to work fine .... but when I enable content filtering, HTTP access on port 80 works again (and other ports are denied). It seems that activating content filtering makes the router ignore firewall rule.
I'm working withbusiness set up a remote office, currently with about 45 PC's that could grow in the future. They are looking at a RV042G or (for long term future growth) a ISA570.They want to be able to do content filtering by category, ie restrict gambling, drugs, etc. sites rather than by URL or addresses.Is either the RV042G or the ISA570 capable of doing this?Are both routers to be available long term? ie, they are not on any end-of lists? I've looked and did not see them on any.Is the RV042G capable of handling an office even starting with 45 PC's? If not, is the 570 a good fit?
I found an interesting manual at this forum for blocking websites whits local content filtering. After I've modified the variables to get more details, I stopped at on question. My current Problem is "zone-pair.
zone security Z-SECRUTIY-SOURCE zone security Z-SECRUTIY-DESTINATION zone-pair security ZP-SECURITY source Z-SECRUTIY-SOURCE destination Z-SECRUTIY-DESTINATION service-policy type inspect CM-INSPECT-TRAFFIC
I have two devices: One is a Linksys WRG54G router. The other is a PC running the Smoothwall router software with URL filtering. Either would work fine on its own as a router. I'm wanting to use them both, though, because each offers different features.Right now, the Linksys router is connected to the WAN and is my DHCP server. Its IP is 192.168.0.1. The Smoothwall box has a static IP of 192.168.0.2. I want all web traffic to go through Smoothwall (192.168.0.2) because it offers good web filtering.
I know I could use Smoothwall as my router and rid of the Linksys, but the whole idea behind this is to use the QoS and other features that Linksys firmwares offer (such as Tomato or DD-WRT), but still keep the ability to filter URLs.
1. I'm interested if it's possible to block certain contetn only at certain time ? e.g. We would like to block facebook from 7:00 to 10:00 and from 11:00 to 15:00. I was going through cisco manuals but can't find the right answer to this.
2. Cisco 871 has 4 LAN interfaces and one WAN interface. Currently WAN interface is connected to adsl modem in bridge mode and LAN 0 interface is connected to switch.
I'm interested if I could use remaining 3 LAN interfaces for adsl connections same as I'm using WAN interface. Then I would create vlans that would use LAN interface 0. Each of those VLAN's would use different adsl connection.I would assign different IP to each VLAN's so users would be able to change their gateway and use different ADSL connection.
I have come across articles mentioning that URL Filtering can be implemented by using ASA 5505 with URL Filtering Servers. But Websense and other Web Filtering Servers are paid ones ? Are there any free solutions available ? What exactly is N2H2 ? The reason is I don 't want to increase the CPU utilization of ASA by implementing URL filtering within the device. If I have around 30 nodes which connects to the internet via a 2Mbps line through ASA 5505 and if I want to block around say 10 or 15 URLs , will it increase CU utilization beyond permissible limits ? Currently the CPU Utilization is around 10 - 15 . Here's the infrastructure setup .
Could URL FIltering be implemented on Cisco ASA 5505-BUN-k9?i mean to block certain websites, like facebook, youtube, to block certain download files like .exe, .com .bat etc....Is there any extra license needed for this, or it could be done with the simple IOS ASA5505-bun-k9?
I have a problem configuring url filtering on ASA 5505 rel 8.3.1: I have to block the web navigation to facebook and, with my configuration, it works fine.The problem is when I try to access on other sites where there are a links to facebook, I cannot see that site and not only the button of facebook.
Im trying to configure HTTP Inpsection with regex matching on a ASA 5505 (8.2) so that I can deny all websites apart from google and yahoo. And also enclude host 192.168.1.2 from this inspection. I have been through a number of examples and the syntax below appears correct but appears not to work. The logs report only that traffic has been dropped by the inspection policy.
We want to have a ASA5510 with both IPS function and Content Security feature, while I checked on Cisco website, looks like ASA5510 or 5520 only have one SSM slot, so I can only use either AIP module or CSC module, does it mean I can not get both features at the same time.
Right now I want to have IPS function and anti-spam, anti-virus, antiphishing, content filtering, URL blocking such feature, so what do I need to buy to have all of these function in one device?
We're seeing issues with loading some of the AJAX content we use on our websites when using the Clientless SSLVPN Portal on an ASA5510. We recently upgraded from 8.4.5 to the 9.1.2 code hoping that would resolve our issues but it didn't change anything.
We use the ASP.net builtin AJAX handler scriptresource.axd and when looking at the files that are causing issues through the Chrome web browser developer tools we can see that it says that the files were fetched ok with "200 OK" messages but when you look at the content of the file it just shows rubbish characters like in the screenshot below.
I'm getting a content encoding error whenever I try to go to any site. Sometimes i dont get the error instead it's just code or all the images are scrambled or saturated in red or just random colors. I can access secure (https) sites without any problem at all. I attempted to try again after disabling my firewall but still get the same problems. I tried using Internet explorer and firefox and the problem is identical for both. I am runnin this on a desktop with xp.
I have tried using my laptop running vista and connected wirelessly and get the same issue. I attempted to watch a movie on netflex instant watch through my playstation 3 Netflix app and the picture is distorted and oddly color and will not play the movie.
I reset my router and called my ISP. They are having techs do maintainance in my area but I am not sure if that is what's causing the issue. I spoke with a tech who told me that my modem was in time out and he could not reset it. When untold him I'm not having connectivity problems he said he would notify someone in another department and send a tech out.
Also to add the last time my internet worked I saw that there was windows updates ready for install. I shut down my computer and went to work came back and the issue started as soon as I turned on my pc. Also the basic windows malware scan picked up a virus (win32. Alureon(sp?)) I used the malware removal tool to partially remove it and attempted to run malware bytes to check for it again. I updated the definition then received an error when I tried to run it. I attempted to reinstall malware bytes and receive an error everytime I open the installer. I had full scanned my computer with malware bytes and spybot about a week ago and it was clean.
I had meeting with security auditor for a customer, he told me that i need to enable SSL3 on content switch as his scanning found that all network is working on SSL2.I could not understand his view and then when i found the content switch documentation, it is mentioned that SSL3 is default enable on content switch."By default, the SSL version is SSL version 3 and TLS version 1. The SSL module sends a ClientHello that has an SSL version 3 header with the ClientHello message set to TLS version 1." Do i have to do some kind of configuration to enable SSL3 or its enable by default ?
I managed to block as much of the streaming video (using URL Blocks of .flv, .wmv, etc...) how do I block YouTube.com for 23 hours of the day (or allow access for 1 hour a day)...but maintaining all the other blocks intact 24 hours a day?
Also is there a way to block p2p file sharing (BitTorrent)?
content My_Group add service blade1 add service blade2 add service blade3 vip address 18.104.22.168 advanced-balance arrowpoint-cookie
So I have 3 blades which are proxy servers and user go first to an MS ISA server then the VIP of the CSS and then the rules processes them give them a blade and chuck them out onto the Internet.
I want to leave the above rule, but remove one blade create an additional content group with that blade and have it process requests for a particular site so, I would create the following
content My_Group2 add service blade3 vip address 22.214.171.124 advanced-balance arrowpoint-cookie
So my question is can I do that having the same VIP's etc so if a request comes in and it matches www.thewebsite.com that the second content rule matches it 'better' and therefore processes it or would it still be caught by the "/*" content group. I don't want to create more VIPS as I have a real ache getting firewall rules done.
Is it possible have Content Security and Control Security in a ASA 5585-X? I´m asking because the CSC-SSM is only supported in ASA 5540, 5520 and 5510 and I dont know how it feature ca be supported on a new ASA 5585-X.
I have a HP laptop which is shared on my network using the Windows 7 Homegroup settings. I have set up the homegroup to share the media files.
HP DV7TSE/Core i7/8 GB/2x320GB HDDs Wirelessly connected to my home network
Network streaming devices:
Sony BDP-S570 Blu Ray Player WDTV Live Both connected through LAN to the router
In my Laptop homegroup & sharing options I have only shared the music, video, & pictures folders. I have set the D drive (separate HDD) as not to be shared.However, when I am browsing the folders on the streaming devices it shows some folders of my D drive which don't even exist anymore. Initially when I set up the drive D drive was visible. However I later changed the settings to unshare the D Drive.
Connected via wireless. All ok and says have Internet connection, but cannot access any video content' I.e. iplayer, etc. when check via refresh internet content (as Sony recommend) says "configuration failed while connecting. The system has encountered an error. If problem persists contact Sony (5006)". Sony say wireless strength insufficient, but when tried wired set up be relocating NETGEAR router gives same error message. Have NETGEAR wireless extender good signal with full connectivity via laptop, iPad and iPhone. Also when try server display settings says servers cannot be recognised. When go to options and select update list repeats "servers cannot be recognised. Have checked all IP etc and same as on laptop:
IP Address:192.168.0.11 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.0.1?
In my office there is 2 desktops which is networked. one is in the office and the other in my room. internet connection is also there, the modem is kept in my room. but one of my cousin is there in my house and he has a laptop, the internet for his lap is taken from my modem. and now i have noticed that my cousin is visiting adult content sites and i want to block him ? is there any way. why the history he uses is being shown in my browsers history ?
I have a ton of 720p/1080p content I would like to stream to my main HD TV. Connected to the TV is a PS3 and an Xbox 360. I understand that both of these devices have a DLNA client. My question is what hardware should I use to stream the content, and where should the hardware be connected.I have considered the following options.
* HDD with built in DLNA such as: WD My Book Live 3TB Personal Cloud Storage(direct connection to the game console or plugged into my Linksys E4200 via its USB port) * NAS server with built in DLNA such as: D-Link DNS-320 ShareCenter 2-Bay Network Storage device(connected to my Linksys E4200 via ethernet port)
If I went with a HDD solution, could it be connected directly to the PS3 or Xbox rather than using the wifi? If I decided to go wireless, & use the PS3 which is 802.11G only, I might be concerned about whether it can handle 1080p content. The Xbox is 802.11N which may handle it better, but that's just a guess. I have no hardwired network connections to my TV area.
Bottom line, whether it be wireless, or connecting a HDD directly to a device (which i'm not certain if that's even possible) I need to be able to play 720p/1080p content reliably.I value the input of HF users and would like to hear some recommendations on hardware and setup that would work for me.
Our requirement with that appliance is to do URL blocking and filtering.Are there any other options we can consider or is it SaaS only. Would have preferred Trend Micro, but don't this is possible with this appliance.Will content security be offered on the Cisco ASA 5500-X Series?At this time, content security services are not supported on the Cisco ASA 5500-X Series appliances. However, the ASA 5500-X Series Cisco Cloud Web Security ready. Cisco Cloud Web Security provides content security as a cloud-based software as a service (SaaS).
I want to make a question about RV042. I used RV042 router in my office. I used content filter feature in router.Althought this have not been apply the rules. I think I made wrong rules.I enabled the block enable forbbiden domain .And then added the websites that I want block.However, these websites are still browsing in local computer.
### Cisco Adaptive Security Appliance Software Version 8.0(3)6 Device Manager Version 6.0(2) Compiled on Thu 17-Jan-08 17:42 by builders System image file is "disk0:/asa803-6-k8.bin" Hardware: ASA5510, 202 MB RAM, CPU Pentium 4 Celeron 1600 MHz Internal ATA Compact Flash, 256MB BIOS Flash M50FW080 @ 0xffe00000, 1024KB ###
The question is what i need to add the CSC10 SSM with content filtering and url filtering to this version of ASA? Do I need more ram? Do I need more flash? Is this version compatible with the CSCSSM hardware? What licenses i need for 100 users?