URL Filtering

The internet has been a unified place to access almost any information needed. But, some internet contents are not appropriate to be seen at work, it's just at the wrong time and at the wrong place. Gambling and adult sites are examples of this. But there are some sites that fall into "gray area". Sports leagues, auction, and social networking sites can reduce employees productivity. The first step of URL Filtering is to make a policy of which sites are allowed and which are denied. The policy must also put a decision to the "gray area" site.

How URL Filtering works?

URL Filtering works by making a list of restricted sites. After it is created, all HTTP request will be checked against the list. If the URL is in the list, the request is blocked and typically the employee will be given a warning screen that he/she is trying to access a restricted site. Maintaining the list can be done manually by the network administrator (this way is called black/white list), but the job can be given to a third party server. The company may subscript for the service and the list of restricted sites is maintain in a database on a third-party filtering server.

The advantages of the black/white list are:

  • It provides a basic solution if a few specific URLs need to be exempted.

  • It allows the company to directly manage the URLs it considers to be out of policy.

  • Existing network equipment can be leveraged.

While the advantages of using the third-parti filtering server are:

  • It provides a comprehensive, scalable solution.

  • Companies that specialize in appropriate web content manage the URL lists and provide updates.

  • Existing network equipment can be leveraged.

  • It covers millions of URLs (for the high-end services).

With Cisco, you can use subscription-based Cisco IOS content filtering. This feature is first integrated in IOS 12.2(15)T and offered through third-party companies, Websense, SmartFilter (N2H2), and also Trend Micro (since IOS 12.4(15)XZ and 12.4(20)T). To configure Cisco URL Filtering, first you have to register at one of those companies.The summary steps of configuring URL Filtering with Trend Micro are:

  • Configure Class Maps for Local URL Filtering

  • Configure Class Maps for Trend Micro URL Filtering

  • Configure Parameter Maps for Trend Micro URL Filtering

  • Configure URL Filtering Policies

  • Attach a URL Filtering Policy

You can see Cisco documentation to get examples.