Nowadays, filtering network content is not only an optional action for enterprises, but also an action that enterprises must take to prevent employees from making mistakes. In this article, the author David Davis will explain how the Cisco IOS router uses third-party services to implement Web content filtering.
To protect enterprise networks and end users from malicious or undesirable web content intrusion, we can use subscription-based Cisco IOS content filtering. This is the first time Cisco has incorporated the services provided by third-party companies such as SmartFilter (former N2H2 company) and Websense into IOS 12.2 (15) T. In IOS12.4 (15) XZ and 12.4 (20) T this year, Cisco IOS added Trend Micro (Trend) to its URL filtering service.
If you want to use the above features, make sure that our router IOS supports this feature. With Cisco IOS Feature Navigator, we can verify that the software image used supports this Feature.
Of course, in addition to the appropriate IOS images, we must register services with these third-party companies to obtain their URL filtering services. Based on the Trend Micro wizard, we can register a Router to obtain the Trend Router Provisioning Server (TRPS ). For more information, see Prerequisites for Cisco subscribe-based IOS Content Filtering.
Why does it rely on URL filtering?
As a network administrator, we certainly do not want to spend a lot of time focusing on the Network Content browsed by users. The Internet filter service is a convenient function for this situation. In the past, when I deployed the Web page filtering service, I always liked to say to users who complained: "This is a Web filtering service, saying that your website is not allowed to be accessed. "
By deploying URL filtering, we can use services of third-party companies to filter malicious or inappropriate Internet traffic from end users. In addition to simply enabling or disabling the filter function, we can also open the content or site for specific websites and users.
The end user's URL request is associated with the Trend Router Provisioning Server (TRPS) to allow or deny user access based on our preset policies. When you type a URL, the Service performs a query based on the policy. If the policy permits, the user can continue to access the website. If the policy does not permit, the user will be blocked from accessing the URL.
Cisco filter options
Whitelist: (trust domain name list) allows you to set a specific domain name through a vro, such as www.techrepublic.com
Blacklist: (non-trusted domain name list) specifies a specific domain name and cannot pass through the router. The setting information is displayed
By the server for later check. For example, www.badsite.com
Blocking Keyword: Set the URL string or keyword used for filtering, such as * www. parrot. * or * rockbaby *. In this way, once "rockbaby," appears in the URL, the router will block access
You do not need to go through the TRPS server.
Cache recent requests: This function saves the processing policies of recent access requests. Therefore, there is no need to let the user pass the TRPS process every time a request is sent.
Group Buffer: This function allows you to store URL information while waiting for the query process to complete. This is a powerful function that can prevent router overload caused by excessive HTTP requests. The default Response count is 200, but can be modified. This function also applies to third-party filter servers Websense and SmartFilter.
How do I configure Cisco IOS URL filtering?
To configure Cisco ios url filtering, we need to have a deep understanding of firewall rules and URL filtering principles. After we register with Trend Micro's filter system, follow these steps to set the Trend Micro URL filter service in Cisco IOS:
Configure Class Maps for local URL filtering
Configure Class Maps for Trend Micro URL filtering
Configure Parameter Maps for Trend Micro URL filtering
Configure a URL Filter Policy
Additional URL Filter Policy
For the IOS commands and configuration examples required to configure third-party URL Filtering, refer to the Cisco's subscribe-based IOS Content Filtering webpage.
By using the Cisco IOS filter to filter URLs, we can easily block malicious websites out of the enterprise network. For various types of enterprises, in order to protect their network security and maintain their work efficiency, the demand for Web content filtering is growing.