Content filtering IOS / user / HTTPS

Hello!

We are looking for a small client to IOS content filtering and I hope someone can answer a few questions about this quickly.

(1) can you make content by user, strategies... so different filtering for different users by username? I see that you can do by addy/range of IP, it seems

(2) can make HTTPS inspection? It wasn't able to earlier, just to check to see if something has changed!

Thank you!

Ben

(1) No, IOS content with trend filtering cannot do by user content filtering.

(2) it cannot inspect HTTPS too.

If you want to have both the above, you can go with cloud of ScanSafe, URL filtering and Malware/Spyware Windows. It is supported as well by the user content filtering as well as HTTPS inspection.

Here is the guide of IOS on Web Filtering of ScanSafe for your reference:

http://www.Cisco.com/en/us/docs/iOS-XML/iOS/sec_data_zbf/configuration/15-2mt/ScanSafe-Web-sec.html

http://www.Cisco.com/en/us/docs/security/web_security/ISR_SS/ISR_ScanSafe_SolutionGuide.PDF

Hope that answers your questions.

Tags: Cisco Security

Similar Questions

  • IOS CONTENT FILTERING

    Hi all

    Cisco ios content filtering there a cache and a user interface to connect the websites visited and the ip addresses that visit these sites?

    Yes, there is action, you can configure under the plan setting.

    You can also view using the below command

    IOSrouter# sh policy-map type inspect zone-pair urlfilter cache detail
    

    policy exists on zp zp
    

    Zone-pair: zp
    

    Service-policy inspect : trend-global-policy
    

    Class-map: www (match-all)
    

    Match: protocol http
    

    Inspect
    

    Maximum number of bytes in cache: 262144
    

    Time to live for each cache entry (in hrs): 24
    

    Total number of bytes used by cache: 453
    

    Number of bytes used by domain type cache: 353
    

    Number of bytes used by directory type cache: 100
    

    ---------------------------------------------------------------------------------------------
    

    URL                                       Age         Idle time/        Cat::Rep
    

    (Directory cache end with /)  (day:h:m:s) access #
    

    -----------------------------------------------------------------------------------------------
    

    yahoo.com                             0:16:47:30           2           56::1
    

    ad.doubleclick.net                 0:00:00:10           1           72::1
    

    static.eharmony.com/static../ 0:00:00:06  0:00:00:04     12::1

    Unfortunately, you can not see who has accessed to their.

    I hope it helps.

    PK

  • expiry of ios content filtering

    Hello

    now that the IOS using Trend Micro content filtering is EOL and replaced by ScanSafe, can someone tell if ScanSafe is a subscription based and what are the new SKUS of ScanSafe references

    Thank you

    Yes, Scansafe is on subscription and license of user base.

    in regard to SKU, you might want to contact your representative local Cisco.

  • Issue of certificate IOS content filtering

    Hello

    Regarding the configuration of the Cisco IOS content filtering, the certificate that must be downloaded from this page (applicationshttp://cisco.com/en/US/products/ps5854/products_configuration_example09186a0080816c23.shtml the router IP address... What happens if it's not a static public ip address and a dynamic?

    Ill be grateful with any input on this...

    Thank you and best regards,

    The cert install page auto request ip address in order to go to the router and the provision by installing cert on this.

    If the router must have http enabled from this page will give you the ip address and the tool will ask you the credentials of the router and connect and install the necessary certificate.

    If the ip address is dynamic bit is important because you will need to install the cert only once.

    I hope it helps.

    PK

  • Doesn´t 'filter' https content filtering

    I RV082 is running the latest firmware if I try to activate web filerfing under "Content filtering" by web address or keyword ony he works for HTTP sites. Lets say, I try to block www.facebook.com I get ""this URL or the Page has been blocked " "

    If I type https://www.facebook.com facebook without problem. It looks that the HTTP protocol is checked and blocked.

    Also if I try to 'Planning' and apply rule from 08:00 to 13:00 it allows me to access it. Am I missing something?

    Hi Mario, HTTPS can not really be blocked unless the router is able to perform a reverse DNS lookup. If you want to block https flavors of a Web site you need a service that can perform the DNS inverted like OpenDNS.

    -Tom
    Please mark replied messages useful

  • Issue with 890 series SRI URL content filtering

    Hello, I'm wondering if anyone can confirm whether or not the URL content filtering subscription available for these routerts has the abiliuty to selectively apply only to users you want.  Or rather, to computers, perhaps by MAC address.  We seek to implement a configuration of whitelist of URLS, but only for the publick workstations.

    Thank you.

    It's been a while but I think that content filtering is done through the MQC (style class-map/policy-map). You could just create a class map for guests you care and then put them through the policy of inspecting it.

  • iCloud, sharing photos for Non - iOS users

    So, I use iCloud for about two years now, and it does for the most part, what I want and need to. However, whenever my family and I go camping during the weekend, take a vacation or just to Barbecue a Sunday afternoon, we have a ton of photos on a large number of devices. For the wife and children, this isn't a problem since we have all of the iPhones and use iCloud. But, it seems that we are facing a problem whenever someone on an Android phone has a few pictures they want help or like to download some pictures that we have added.

    Y at - it an easy way for non - iOS users view and/or edit albums shared iCloud without going through a several-step process (transfer of office, download third party app, etc..)? It is my understanding that an Android user should be able to display/change via a web browser, but don't seems to work. I looked at other cloud services and apps, and major issues, in that I continue to run are:

    1: having to pay another Cloud Computing service, when I already pay for iCloud is not economic.

    2: I find a lot of the photo-sharing applications and services give a lot of storage, but at a cost to the quality of the photos. My wife and her friends are always doing something creative with your impressions so even some 'high quality' compression can degrade enough make it unusable.

    3: I have a hard time to ask someone to download an application, not to mention of asking them to pay for one. Nor am I comfortable someone jump through hoops, just so that I can watch through a batch of photos in the hope of finding one or two which are useful.

    So, is there an easy way to do it, or I'm stuck or wait for Apple to understand a feature like this would be useful or leave iCloud for a solution amicably more cross-platform? I do not understand that Apple needs to focus on the development and support of applications and services for its ecosystem and customer, but would it not make sense to make it convenient for outside users to have a great experience too?

    I don't know what problems you encountered but the sharing Web site works fine for me.

  • Download Firefox for Mobile is inhibited because "your content filtering level you cannot download this point." How can I fix my level of content filtering?

    I have a Samsung Galaxy SII with T-Mobile. Model SGH-T989, version 2.3.6 Android #is

    "Content filtering" is the Android Market to limit some applications that can be accessed in "mature" content. You can disable content filtering in the settings of the application market on your phone.

    -Michelle

  • Can I move the contents of "C:\Users\myname\AppData\Local" to another drive in my computer?

    Can I move the contents of "C:\Users\myname\AppData\Local" to another drive in my computer? I have a 64 GB SSD and these files decrease the size of my disk. I know that I can delete them manually. I move the 'temp' and 'tmp' on another disk. Can I move the other too?

    C:\>set
    ALLUSERSPROFILE = C:\programdata
    AppData=C:\Users\Mr.Daza\AppData\Roaming
    CommonProgramFiles = c: files
    COMPUTERNAME = MRDAZA1
    ComSpec=C:\Windows\system32\cmd.exe
    DFSTRACINGON = FALSE
    FP_NO_HOST_CHECK = NO
    HOMEDRIVE = C:
    HOMEPATH=\Users\Mr.Daza
    LocalAppData=C:\Users\Mr.Daza\AppData\Local
    LOGONSERVER = \\MRDAZA1
    NUMBER_OF_PROCESSORS = 4
    OS = Windows_NT
    Path = c: Files\Microsoft Shared live; C:\Windows\syst
    em32; C:\Windows; C:\Windows\System32\Wbem; C:\Windows\System32\WindowsPowerShell\v
    1.0\; C:\Program Files\Windows Live\Shared
    PATHEXT = .COM; EXE;. BEATS;. CMD;. VBS;. VBE;. JS;. JSE;. WSF;. WSH;. MSC
    PROCESSOR_ARCHITECTURE = x 86
    PROCESSOR_IDENTIFIER = x 86 family 16 model 2 Stepping 3, AuthenticAMD
    PROCESSOR_LEVEL = 16
    PROCESSOR_REVISION = 0203
    ProgramData = ProgramData
    ProgramFiles = c: Program Files
    PROMPT = $P$ G
    PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
    PUBLIC = C:\Users\Public
    SESSION = Console
    SystemDrive = C:
    SystemRoot = C:\Windows
    TEMP = E:\TEMPOR~1\Perfil\Temp
    TMP = E:\TEMPOR~1\Perfil\TMP
    TP_ApisHookObjectsRoot_PID3548 = 65FD78
    TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.Corp.Microsoft.com\4F18C3A5-CA09-4DBD-
    B6FC-219FDD4C6BE0\TraceFormat
    USERDOMAIN = MrDaza1
    USERNAME = Mr.Daza
    UserProfile=C:\Users\Mr.Daza
    windir = C:\Windows

    Hi Mr.Daza,

    It is not possible to move the content. This can cause applications to malfunction. However the next time you install a program, you can choose where you want to install it.

  • Customize the Web content filtering block Page

    Does anyone how and where I can customize the block page on a SonicWall NSA 240 of web content filtering? Also, I can't using the details I thought I configured, what do you advise for this problem also?

    Kind regards

    RocknRollTim

    You can customize the block page CFS in respect of Security Services > Content Filter > scroll down to bottom & customize it under 'block the Web page to display when '.

  • images of the SSL vpn-html-content filtering

    Hello

    I'm trying to do content filtering via ssl VPN (clientless) on ASA 5505

    Above command is supposed to block anything with the html img tag, but it seems not to do.

    # sh run Group Policy

    Group without internal customer-grp-policy policy

    attributes without customer-grp-policy-group policy

    value of server DNS 8.8.8.8

    VPN-tunnel-Protocol webvpn

    Split-tunnel-policy tunnelall

    WebVPN

    bookmark URL-list value

    filtering the content-HTML-java images cookies

    SVC request to enable default webvpn

    #sh run tunnel-group

    Remote clientless-tunnel tunnel-group type

    attributes global-tunnel-group clientless-tunnel

    without client group policy - by default-grp-policy

    tunnel-group clientless-tunnel webvpn-attributes

    Group-alias clientless-alias enable

    What I'm missing here? or am I just misunderstood how it works?

    Thank you!

    Hello

    How it works for you?

    HTML-content-filter

    Thank you.

    Portu.

  • Content interface user (ADF) gives an error (Content coding error) via HTTPS front-end. HTTP works?

    We have implemented the WCC 11.1.1.8 (with last MLR) and WCC ADF - UI (with last MLR). It is asymmetric in front with OSH (we use 12.1.3 for her) and a load balancer. Load Balancing ends HTTPS.

    Now the WCC ADF - UI works fine if connecting directly with HTTP to through the OHS, but fails to display the content of docx and pptx documents (it displays 'Content encoding error' in the document display panel) to go with HTTPS through the load balancer.

    Links to download and links to both PDF and HTML of the working paper (so the BOVINE infectious rhinotraecheitis and dynamic converter do their job Amora), it's just presentation in the user interface that does not work.

    Does anyone know the solution fo this?

    The SSL is terminated to the load balancer.

    We have solved the problem already. At the level of the managed server weblogic plugin active flag was not set. Although this flag is set on the domain level, it seems necessary to put it on the server managed by level as well to the content of the iframe (usually the defaulting of the page).

    In just this indicator time and restarting the managed server, it works. @

  • Website content filtering / Virus detection device

    Hi all

    I'm in the market for a content / url / device for our network of virus scanning. We currently use the Web MXLogic defence service, and while it is very cheap it is not suited to our needs. What I want is a device that will do filtering of content, but also viruses / malware / spyware scan on web traffic. I would also need to be able to setup policies / groups different set of users. For example the people who buy the products we sell must be able to see our content of multimedia (streaming) video sellers so that our sales people don't. I can't currently do with MXLogic, it's all or nothing.

    Our firewall is an ASA5510 and I looked at the module Content Security SSM-10 with the greater license and while the price is really attractive I have a few questions about it. It integrates with MS Active Directory? In other words, and it filters based on policies and groups or more IP / ACL based? Also does perform well?

    I have looked also sell IronPort product cisco and have similar questions about it especially which people experience with it, it's something that you would recommend?

    Hi Allen,.

    To answer your questions related to the CSC module:

    1. No, the CSC module does not fit with Active Directory. It's something that Trend Micro has in the works, but right now, there is no ETA for this feature.

    2. the module CSC happen enough well if used in the environment it was designed for. I recommend watching CSC sizing guide to see if the CSC-SSM-10 would be something that is scalable enough for your network:

    http://www.Cisco.com/en/us/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html

    I can't speak to the performance/features of IronPort like I the have not used personally, but I've heard good things. Also, external devices of Websense seem to be a popular choice when you need a product that is a little more scalable or granular than can provide the CSC module.

    Hope that helps.

    -Mike

  • Firefox not to honor the "Offline Web content and data user" settings

    Firefox still accept web content offline and the user data, I have never any notification regardless of the 'tell me when a website asks to store data for use in offline mode' parameter (in preferences > advanced > network).

    I also completely erased all: permissions tab regardless of the "all sites > offline storage" storage offline implementation is always allowed.

    Here is one - step by step to reproduce my problem.
    1. make sure all: permissions is clear
    2 make sure that the list to: Preferences > network > "the following Web sites are..." "is that clear
    3. close the preferences window
    4 go to go to http://appcachefacts.info/demo/ ... No notification about the offline cache will appear.
    5. open the preferences, the list of preferences > network > "the following Web sites are..." »
    Will fill up now with http://appcachefacts.info (1.1 MB)

    This article list persists even after closing the browser window and re - open.
    This happens with a total disregard for the settings described in the first paragraph.

    I found a related question, but it's old and archived:
    https://support.Mozilla.org/he/questions/981189

    Firefox will store small amounts (less than 50 MB) of data without asking permission.

    • offline - apps.allow_by_default; true
    • offline - apps.quota.warn; 51200

    You can switch the pref in offline mode - apps.allow_by_default to false to make Firefox ask.

  • DataBind method call returns null in the WebCenter content filtering

    Hello

    I got code that has a problem and I am new to the WebCenter content and filters that can be added. We have a FileNameFilter class that begins with the code

    / public class CWEFileNameFilter implements FilterImplementor {}

    public CWEFileNameFilter() {}

    Super();

    }

    public int doFilter (workspace workspace, DataBinder dataBinder,

    ExecutionContext executionContext) throw {DataException

    Service string = dataBinder.getLocal ("IdcService");

    ....

    }

    }

    However, service is sometimes return null and then filter throws a NPE.

    My questions are:

    (1) can we explain what dataBinder.getLocal ("IdcService"); is done and why it might come back as null

    (2) anyone can provide links to documentation that explains the filters and a little more on the object DataBinder as the JavaDoc is not much help.

    Thank you
    Marc

    Hi Marc,

    Below the code will give the name of the service for which the filter is implemented LocalData

    Service string = dataBinder.getLocal ("IdcService");

    for example below

    http://localhost:16200/cs/idcplg? IdcService = DOC_INFO_BY_NAME & dDocName = 1111111 & IsJava

    This example displays the entire response including localdata data and results that are created in the execution of the service. Here is the code snippet

    LocalData @Properties

    DocUrl =https://localhost:16200/cs/weblayout/groups/secure/documents/test/mhdk/mjg1/1111111.pdf

    IdcService = DOC_INFO_BY_NAME

    If String = dataBinder.getLocal ("IdcService") service; Service = "DOC_INFO_BY_NAME."

    Under blog will give an idea about the filter but the best place to learn or start is "The Definitive Guide to Stellent Content Server Development" by Brian Huff

    http://www.redstonecontentsolutions.com/technical-blog/UCM-service-handlers-and-javafilters

    Also, I recommend reading ' WebCenter Content Services Reference Guide '

    http://docs.Oracle.com/CD/E23943_01/doc.1111/e11011/TOC.htm

    Kind regards

    Amol Germain.

Maybe you are looking for

  • No mails a file with header showing the number of unread emails!

    My Mozilla Thunderbird works very well for several of my Gmail, Hotmail and Yahoo email accounts. However, for one of my Yahoo accounts, I have several records that show the number of unread in this folder but no mail mails that can be downloaded or

  • Problem with USB stick 32 GB

    Just bought a SanDisk Cruzer 32 GB USB drive and I cannot make it work all the... I Plug and it appears normal, try copying something for him and he gives everything just delayed write messages failed because it is copying. Either he stops on the cop

  • Xperia XA in Zoom camera problem

    Recently, I'm fast covering an event at our place by using my device to send it quickly to the telegram. I take expanded shots but apparently when it is saved, she saves the entire image, not the picture zoomed in. When you record a video, zoom works

  • I got sms API related in bbndk

    In the reference Document I've seen as associated SMS APIs such as SmsTransport etc... with the bb directory structure:im::message:msTransport. In the dirctory real sdk installed these sms API does not exist I will know what is the reason for this.

  • PIX 515 pending

    Where can I find instructions step by step the procedure copy config tftp saved from a production to a hot spare 515 515E? Thank you.