In-depth introduction to router applications

At present, vrouters are widely used. So I have studied how to filter webpage content in vro applications. Here I will share with you, hoping to help you. Nowadays, filtering network content is not only an optional action for enterprises, but also an action that enterprises must take to prevent employees from making mistakes. In this article, the author David Davis will explain how the Cisco IOS router application uses third-party services to implement Web content filtering. To protect enterprise networks and end users from malicious or undesirable web content intrusion, we can use subscription-based Cisco IOS content filtering. This is the first time Cisco has incorporated the services provided by third-party companies such as SmartFilter (former N2H2 company) and Websense into IOS 12.2 (15) T. In IOS12.4 (15) XZ and 12.4 (20) T this year, Cisco IOS added Trend Micro (Trend) to its URL filtering service. If you want to use the above features, make sure that our router application IOS supports this feature. With Cisco IOS Feature Navigator, we can verify that the software image used supports this Feature.

Of course, in addition to the appropriate IOS images, we must register services with these third-party companies to obtain their URL filtering services. Based on the Trend Micro wizard, we can register a Router application to obtain the Trend Router Provisioning Server (TRPS ).

Why does it rely on URL filtering?

As a network administrator, we certainly do not want to spend a lot of time focusing on the Network Content browsed by users. The Internet filter service is a convenient function for this situation. In the past, when I deployed the Web page filtering service, I always liked to say to users who complained: "This is a Web filtering service, saying that your website is not allowed to be accessed. By deploying URL filtering, we can use the services of third-party companies to filter malicious or inappropriate Internet traffic from end users. In addition to simply enabling or disabling the filter function, we can also open the content or site for specific websites and users.

The end user's URL request is associated with the Trend Router Provisioning Server (TRPS) to allow or deny user access based on our preset policies. When you type a URL, the Service performs a query based on the policy. If the policy permits, the user can continue to access the website. If the policy does not permit, the user will be blocked from accessing the URL.

Cisco filter options

Whitelist: (trust domain name list) to set a specific domain name and allow access through a vro.

Blacklist: (non-trusted domain name list) specifies a specific domain name and cannot pass through the router. The configuration information is cached on the router application for later check.

Blocking Keyword: Set the URL string or keyword used for filtering, such as * www. parrot. * or * rockbaby *. In this way, once "rockbaby," appears in the URL, the router application will block access without passing through the TRPS server.

Cache recent requests: This function saves the processing policies of recent access requests. Therefore, there is no need to let the user pass the TRPS process every time a request is sent.

Group Buffer: This function allows you to store URL information while waiting for the query process to complete. This is a powerful function that can prevent router applications from overload due to excessive HTTP requests. The default Response count is 200, but can be modified. This function is also applicable to third-party filter servers Websense and SmartFilter. It is used to configure the IOS commands and configuration settings required for third-party URL filtering.

Summary

By using the Cisco IOS filter to filter URLs, we can easily block malicious websites out of the enterprise network. For various types of enterprises, in order to protect their network security and maintain their work efficiency, the demand for Web content filtering is growing.