×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Content Filtering Policies Settings on the ISA500 Series Integrated Security Appliances

Document

Sat, 07/09/2016 - 08:40
Apr 26th, 2016
User Badges:

Cisco Support Community

Article ID: 3522

Objective

Content filtering policies block and permit specified websites on different zones. Content filtering policies can be used to keep employees on work-related sites only, or just to keep them off select sites.

This article explains how to configure content filtering policies and policy to zone mapping on ISA500 Series Integrated Security Appliances.

Applicable Devices

• ISA500 Series Integrated Security Appliances

Software Version

• v1.1.14

Content Filtering Policies Settings

Content Filtering Policy Creation

This procedure shows how to create a content filtering policy for the ISA500 Series Integrated Security Appliance to use to permit or deny sites.

Step 1. Log in to the ISA500 Series Configuration Utility and choose Firewall > Content Filtering > Content Filtering Policies. The Content Filtering page opens:

Step 2. In the Content Filtering Policies table, click Add. The Content Filtering Policies - Add/Edit window appears.

Step 3. In the Policy Profile field, enter a name for the policy.

Step 4. In the Description field, enter a short description for the policy.

Step 5. In the Website Access Control List table, click Add. The Website Access Control List - Add/Edit window appears:

Step 6. In the Enable content filter url field, click an appropriate radio button.
The options are described as follows:

• On — This option creates and enables the URL filter for the policy.

• Off — This option creates but does not enable the URL filter for the policy.

Step 7. In the URL field, enter a domain name or URL keyword for the website to permit or deny access.

Step 8. From the Match Type drop-down list, choose an option.

The options are described as follows:

• Domain — This option indicates that a domain name was entered in the URL field.

• URL Keyword — This option indicates that an URL keyword was entered in the URL field.

Step 9. From the Action drop-down list, choose an option.

The options are described as follows:

• Deny — This option blocks websites that match the domain name or URL keyword specified.

• Permit — This option permits websites that match the domain name or URL keyword specified.

Step 10. Click OK. The Content Filtering Policies - Add/Edit window re-appears.

Step 11. In the For URLs not specified above field, select a radio button.

The options are described as follows:

• Permit them — This option grants access to websites that are not listed in the table.

• Deny them — This option denies websites that are not listed in the table.

Step 12. Click OK. The Content Filtering Policies window re-appears.

Step 13. Click Save to save the settings.

Policy to Zone Mapping

This procedure shows how to map a content filtering policy to a zone. Policy to zone mapping can be used to block different sites for different users such as employees and guests.

Step 1. Use the ISA500 Series Configuration Utility to choose Firewall > Content Filtering > Policy to Zone Mapping from the left side navigation menu. The Policy to Zone Mapping page opens:

Step 2. In the Content Filtering field, click an appropriate radio button.

The options are described as follows:

• On — This option turns on content filtering.

• Off — This option turns off content filtering.

Step 3. For each zone listed in the Zone Policy table, choose a content filtering policy to apply from Content Filtering Policy drop-down list.

Step 4. Click Save to save the settings.

Loading.

Actions

This Document