Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IOS Trend Content Filtering - Blacklist

Is it possible with IOS Trend Content filtering to block all websites from specific users except only from 2-3 sites?

3 REPLIES
Cisco Employee

Re: IOS Trend Content Filtering - Blacklist

I believe so.  I haven't tried it but you

can follow the example here:

https://supportforums.cisco.com/docs/DOC-8028#_Filtered_Hosts_ClassMap_

You can allow only the 3 sites (by destination IP address from these source computers IP add) so, it won't filter those.

-KS

Cisco Employee

Re: IOS Trend Content Filtering - Blacklist

I do not think you can achieve this with IOS content filtering as there is no option of blocking web access based on User policies.

- AD

Community Member

Re: IOS Trend Content Filtering - Blacklist

Based on document (DOC-8028) there is an option to filter specific hosts based on ACL.Therefore you can specify the users based on their IP address.

https://supportforums.cisco.com/docs/DOC-8028

Filtered Hosts Class-Map

This class map is where the traffic to be filtered is matched. It can be based on protocols and ip addresses defined in ACLs.

class-map type inspect match-all filtered-hosts
match protocol http
match access-group 123

What I am thinking is how can I block all websites? Does the below command can block everything?

parameter-map type urlf-glob url-blacklist
pattern *
369
Views
0
Helpful
3
Replies
CreatePlease to create content