Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Query regarding Auditing

What is the best way to keep an audit of users http/web access through a pix onto the internet. Is it by use of aaa?

Thanks

1 REPLY
New Member

Re: Query regarding Auditing

AAA is one way to go, but it will only allow you to track source and destination ip addresses. You can also use AAA to restrict http on a source/destination ip basis, but the PIX does not "see" URL's in this fashion.

So I would recommend using WebSense. This product provides an effective front-end for exactly this kind of restriction, and it actually does "see" URL's. It is the standard implementation for this type of security on the PIX - you reference it right from the PIX config. There is a little more info here:

http://www.cisco.com/warp/public/cc/so/neso/sqso/csap/wbsn_rg.htm

But I would recommend talking to Cisco pre-sales about this. It's a free call, and they can provide more specific information on how this would work.

Good luck!

95
Views
0
Helpful
1
Replies