Sorry about the title - couldn't think of a clever way of saying this!!
We have recently replaced our outdated proxy and filtering solution with a pair of IronPort appliances and are generally pleased with them.
However, one thing that has come up on a few occassions is that, even though the category Blogs & Forums is blocked for most users, there are still a large number of Blog/Forum sites that people can get to.
I understand that a URL category filter couldn't possibly cover every site, especially given the speed at which new ones appear.
What I'm wondering is if anyone has had any success with blocking these sites using a Custom URL Category with a keyword filter. My idea is that this keyword filter could look for "/blog", "/forum" etc. within a URL and then block it based on the assumption that it is a blog or forum.
If anyone has done something like this and is wiliing to share details of how they did it I would greatly appreciate it! :D
Thanks Josh. We had someone from IronPort on site a few days ago to provide some training. He agreed with what you said, so I may give that a go at some point.
A lot of the sites we've found which contain blogs that aren't being blocked by IronPort do have obvious keywords in the URL somewhere - most commonly www.site.com/blog or blog.site.com - or something along those lines.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...