Diego Armando C... Wed, 02/10/2010 - 13:43

Unfortunatelly you cannot block the sites per user. You can block it based in the access-list  that you apply to the Class-map but not based in the username of a user in a domain controller for example.

Kureli Sankar Wed, 02/10/2010 - 18:22


The CSC module can do this based on active directory user accounts.  It goes in the slot on the back of the ASA.  Besides that you need to specify IP address and not username to block it.

You can read about the CSC module here: http://www.ciscosystems.co.ck/en/US/docs/security/csc/csc62/administration/guide/csc8.html

Another alternative is to use websense or N2H2 server on the inside to do content filtering.



This Discussion