Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

SR520-Integrate Business Hours with Trend Micro

I have an SR520 that is using Trend Micro Content Filtering and I got an unusual request from a client.  Is it possible to have Trend Micro only filter websites during business hours.  I have looked through a lot of documentation regarding the SR520 and Trend Micro but I haven't seen anything about this.

Any help is much appreciated.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: SR520-Integrate Business Hours with Trend Micro

Hmmm, you can use time based ACLs to match traffic that will be filtered. The rest of the time the ACL will not be matched and thus the traffic will not be hitting the Trend policy.


For example look at https://supportforums.cisco.com/docs/DOC-8028#_Filtered_Hosts_ClassMap_

class-map type inspect match-all filtered-hosts

 match protocol http
match access-group 123

access-list 123 is the one that matches the hosts to be filtered according to the Trend policy. If that ACL matches based on time (time based ACL) then you can filter these hosts only during the time the ACL says.

I haven't tested it but it should work.

Please let us know if it solved the issue for future reference.

I hope it helps.

PK

4 REPLIES
Cisco Employee

Re: SR520-Integrate Business Hours with Trend Micro

Hmmm, you can use time based ACLs to match traffic that will be filtered. The rest of the time the ACL will not be matched and thus the traffic will not be hitting the Trend policy.


For example look at https://supportforums.cisco.com/docs/DOC-8028#_Filtered_Hosts_ClassMap_

class-map type inspect match-all filtered-hosts

 match protocol http
match access-group 123

access-list 123 is the one that matches the hosts to be filtered according to the Trend policy. If that ACL matches based on time (time based ACL) then you can filter these hosts only during the time the ACL says.

I haven't tested it but it should work.

Please let us know if it solved the issue for future reference.

I hope it helps.

PK

Community Member

Re: SR520-Integrate Business Hours with Trend Micro

I have tried the configuration you suggested with success.  I tried to post it on the forum but I don't see it anymore.  Was this removed?

Cisco Employee

Re: SR520-Integrate Business Hours with Trend Micro

I am not sure if it was removed..

Please mark the question as answered if you want  so that others can benefit in the future.

Also you might want to avoid posting your address and phone number in forums, for your privacy.

PK

Community Member

Re: SR520-Integrate Business Hours with Trend Micro

My apologies.  I was looking for something else.   Your recommendation did work. Essentially just implemented a time based access list like you suggested.   Here is a sample config that I used to make it work.  Thanks again!

class-map type inspect match-all HTTP

match protocol http

match access-group 160

Extended IP access list 160
    10 permit ip any any time-range business-hours (active) (2643 matches)
time-range entry: business-hours (active)
   periodic weekdays 7:00 to 17:00
   used in: IP ACL entry

333
Views
0
Helpful
4
Replies
CreatePlease to create content