Today, Web content filtering companies have not only optional, but the law has become necessary, and corporate staff in order to prevent the actions that must be taken wrong.In this article, David Davis will explain the importance of the Cisco IOS router how to achieve Web content filtering third-party services.
In order to protect corporate networks and end-user from malicious Web content, or the invasion of undesirable, we can use subscription-based Cisco IOS Content Filtering.This is the first time third-party companies such as Cisco's SmartFilter (N2H2 before the company) and the services provided by Websense into IOS 12.2 (15) T.This year, IOS12.4 (15) XZ and 12.4 (20) T, Cisco IOS has joined the Trend Micro (Trend) the company's URL filtering service.
If you want to use these functions, you should first ensure that our router IOS supports this feature.Through the Cisco IOS Feature Navigator, we can verify whether the software used to support the characteristics of the image.
Of course, in addition to the appropriate IOS image, we have carried out services in these third-party companies registered in order to get their URL filtering service.According to Trend Micro's guide, we can register a router to get the Trend Router Provisioning Server (TRPS).More information can refer to the Prerequisites for Cisco Subscription-based IOS Content Filtering.
Why should we rely on URL filtering?
As a network administrator, we certainly do not want to focus a lot of time for users to browse the Web content.The Internet filtering service that is provided for the convenience of this feature.Ago when I deploy Web filtering service, I always like to complain about the users of said: "This is the Web filtering service, that you are not allowed to visit certain sites."
Through the deployment of URL filtering, we can use third-party companies from the end user to filter out malicious or inappropriate Internet traffic.In addition to simple on or off filtering, we can also open a specific web site and the content users or sites.
End-user URL requests and Trend Router Provisioning Server (TRPS) association, according to our strategy of pre-set to allow or deny user access.When the user types a URL, the service will carry out strategies to execute the query.If the policy allows, the user can continue to access the website, if policy prohibits, then the user is prevented access to this URL address.
Cisco filtering options
White List: (trust name one) to set a specific domain name, allowing the router, such as setting www.techrepublic.com
Blacklist: (non-trusted domain list) to set a specific domain name, not through a router.Settings in the Road
Cache on the router to the late check.For example www.badsite.com
Stop keyword: set the string used to filter the URL or keyword, such as * www.parrot .* or * rockbaby *.In this case, once the URL appears in "rockbaby,", the router will block access to the
Does not require TRPS server.
Cache recent requests: This feature can save a recent visit to the request processing strategy.So for every request after the user no need to let them through TRPS process.
Packet Buffer: This feature allows you to complete the process of waiting for the query process to store website information.This is a powerful feature that can prevent excessive HTTP requests the router overload.The default response number is 200, but can be modified.This feature also applies to third-party server, Websense filters and SmartFilter.
How to configure Cisco IOS URL Filtering?
To configure the Cisco IOS URL filtering, we need a deep understanding of firewall rules, and URL filtering principle.When we Trend Micro filtration system for registration, the Cisco IOS in on the Trend Micro URL filtering services set to follow the following steps:
URL filtering configuration for the local Class Maps
Trend Micro URL filtering configuration for the Class Maps
For the Trend Micro URL filtering configuration Parameter Maps
Configuring URL filtering policy
Add URL filtering policy
For information about configuring third-party URL filtering needed IOS commands and configuration examples, refer to Cisco's Subscription-based IOS Content Filtering page.
Summary
Filters by using the Cisco IOS URL filtering capabilities, we can easily mask a malicious Web site outside the corporate network.For all types of enterprises, in order to protect the enterprise network security and maintain employee productivity, the demand for Web content filtering is increasingly strengthened.