Cisco uses routers for url filtering

Cisco uses routers to filter Cisco IOS Content Filtering Modes submodules-based Cisco IOS content filtering operates in one of threemodes: local filtering mode, url database filtering mode, and allowmode. www.2cto.com Local Filtering Mode In this mode, the Cisco IOS contentfiltering service first tries to match the requested URL with the locallists of trusted domains (white list), untrusted domains (black l Ist), and blocked keywords. if a match is not found, the Cisco IOS contentfiltering service forwards the lookup request to the URL filteringserver as specified in the policy. if the Cisco IOS content filteringservice cannot establish communication with the URL filtering server, the system enters allow mode. the system is in local filtering modewhen a URL filtering policy for a URL filtering server h As not beenspecified and when the system cannot establish a connection with theURL filtering server. URL Database Filtering Mode In this mode, the Cisco IOS contentfiltering service has connectivity with the URL filtering server; itcan send URL lookup requests to and receive URL lookup responses fromthe URL filtering server. in the case of a TRPS, the Cisco IOScontent filtering service sends a URL Category lookup request to theTRPS and the TRPS responds with the URL category and the URLreputation. based on the policy set for the URL category andreputation, the HTTP request is allowed, denied, or logged. if a policyhas not been configured for the URL category or reputation, the defaultis to permit the HTTP response. in the case of SmartFilter and Websenseservers, the Cisco IOS content filte Ring service sends a URL lookuprequest to the URL database server and the server responds with eithera permit or deny message. URL filtering policies for SmartFilter andWebsense servers specify a server-based action. allow Mode When the Cisco IOS content filteringservice is unable to communicate with the URL filtering server, thesystem enters allow mode. the default setting for allow mode is off, Nd all HTTP requests that pass through local filtering mode areblocked. when allow mode is on, all HTTP requests that passed throughlocal filtering mode are allowed. when both local filtering and URLdatabase filtering modes fail, the system goes into allow mode. if theallow mode action is set to on, all URL requests are allowed. otherwise, all HTTP requests are blocked. the default ip urlfilter allow-mode is o Ff. After url filtering is enabled, all URLs are blocked. 1. Create a whitelist ip inspect name web http java-list 5 urlfilter enable inspect http and filter url ip urlfilter exclusive-domain permit. sohu. comip urlfilter exclusive-domain permit .cisco.com add allowed condition interface FastEthernet0/1 Intranet interface call ip inspect web in 2. Create blacklist ip inspect name web http java-list 5 urlfilter enable inspect http, the default value of url ip urlfilter allow-mode on is off, which is changed to on. When the web page is opened by default, the ip urlfilter exclusive-domain deny is allowed. sohu. comip urlfilter exclusive-domain deny .cisco.com add denial condition interface FastEthernet0/1 Intranet interface call ip inspect web in