Hi, I am currently filtering users web sites internally via a product called Surf Control (now owed my Websense). The thing is I have now configured the ASA to accept VPN connections from users. They can get access to the internet but it is not monitored. Currently the inside port of the ASA plugs into a Cisco 3750 vlan switch where there is a surfcontrol server too and port mirroring. I think the VPN users bypass this and go through the outside interface instead so they are not filtered.
What do other network guys do to block websites?