Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA 5515-X Series and Web/URL/content filtering

Hi guys,

I have scoured the cisco data sheets to try and determine whether or not the 5515-x series ASA can handle URL filtering.

According to :

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701659.html

It shows the 5585-X being able to support URL filtering.

But when I drill down to:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701253.html

The 5515-X doesn't even mention URL filtering.

It sounds like the X series can handle IPS and URL filtering all built-in and it is just a software license... but I am having trouble finding documentation.

Any guidance would be appreciated.

Thanks!

V

Everyone's tags (1)
1 REPLY
Hall of Fame Super Silver

Re: Cisco ASA 5515-X Series and Web/URL/content filtering

You can do some basic URL filtering using regex with the base license via the use of service policies. See this article for some examples.

However, that's pretty old school and quite cumbersome. The preferred approaches are either

a. Use the optional CX on-box module (requires adding the SSD and licensing Application Visibility Control (AVC) and/or Web Security Essentials (WSE). See this whitepaper.

b. Redirect web traffic (via WCCP) to an external proxy like a WSA (former IronPort now Cisco product) or cloud scanning service for policy / filtering decisions.

For a CX-WSA comparison, see slides 92-93 in this presentation.

HTH

6922
Views
0
Helpful
1
Replies
CreatePlease login to create content