Hi startx001,

Please see inline comment:

QUESTION: I know that i can do URL filtering on it using ASDM , right ?
ANSWER: Yes. You can apply filtering to connection requests originating from a more secure network to a less secure network. Although you can use ACLs to prevent outbound access to specific content servers, managing usage this way is difficult because of the size and dynamic nature of the Internet. You can simplify configuration and improve security appliance performance by using a separate server running one of the following Internet filtering products:

•Websense Enterprise for filtering HTTP, HTTPS, and FTP.

•Secure Computing SmartFilter for filtering HTTP only. (Although some versions of Sentian support HTTPS, the security appliance only supports filtering HTTP with Sentian.)

For more information, please check the link below:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/asdm60/user/guide/usrguide/fltrrule.html

QUESTION: But can i and what bennefit i would have with WSE on it and can i put WSE ? maybe PID for WSE .
ANSWER: Cisco WSE, which enables reputation-based web application security policies. In addition, Cisco WSE enables robust content-based URL filtering with differentiated access policies based on user, group, device, and role.

WSE, IPS on NGFW, and CWS use threat intelligence feeds from Cisco Security Intelligence Operations (SIO) for advanced web reputation analysis and near-real-time protection from zero-day threats. For more information on how SIO helps the Cisco IPS control threats in real-life production environments, visit: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps12156/white_paper_c11-715386.html.

The subscriptions terms are 1 year, 3 years and 5 years. It is also possible to purchase both the services together using the AVC + WSE bundle license. With a built-in discount, the bundle price is less than the price of buying these services a la carte.

ASA5515-AW3Y-PR= (ASA 5515-X CX AVC and Web Security Essentials 3Year (Promo) - USD 3,450.00 regular price is USD 5,150

or

ASA5515-WS1Y= (ASA 5515-X CX Web Security Essentials only 1Year) - USD 1,900

just add "L-" to the part numbers above to get the eDelivery version.

Please check the links below for your reference(s):

Cisco Application Visibility and Control
http://www.cisco.com/en/US/solutions/collateral/ns1015/ns483/ns780/at_a_glance_c45-649117.pdf

Cisco ASA CX Context-Aware Security Data Sheet
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701659.html

QUESTION: I was reading that i can put SSD in ASA  ( please PID if know ) and can i ? and then i can  put WSE ( it is license or part of software and get some robust url filtering .
ANSWER: If you purchase the regular ASA 5500-X without the SSD, the Web Security Essentials (WSE) that deploys the web filtering may not work or function as per the Release Notes for the Cisco ASA Series, Version 9.1(x) http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.pdf 

Since Solid state drive (SSD) is required in order to run the Application Visibility and Control (AVC) and Web Security Essentials (WSE) next-generation firewall services on the Cisco ASA 5500-X Series.

ASA5500X-SSD120= (ASA 5512-X through 5555-X 120 GB MLC SED SSD (Spare) - USD 800.00

The purpose of the SSD stores logs and any reports for traffic that is processed by these services, in addition to application signatures and a web security database that are part of these subscriptions.

QUESTION: Can someone explain me diffrenece with regular url filtering and with WSE , and  process how to put SSD in asa  and WSE  .
ANSWER: Please check the document link below:
http://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5500xguide/5500xhw/asa_procs.html#wp1097873

         "niLz"

Nilo Noguera Jr. 

| Specialist, Virtual Engineering - Partner Helpline Organization 

together we are the human network