Integrating Forcepoint URL Filtering with Cisco > Cisco integration configuration procedure
|
3.
|
Enter enable, followed by the enable password to put the security appliance into privileged EXEC mode.
|
4.
|
Enter configure terminal to activate configure mode.
|
For help with individual commands, enter help followed by the command. For example, help filter shows the complete syntax for the filter command and explains each option.
|
5.
|
Use the url-server command to enable URL management by your web protection software.
|
The amount of time, in seconds, that the security appliance waits for a response before switching to the next Filtering Service that you defined as a url-server, or, if specified, going into allow mode and permitting all requests.
|
|
TCP is the recommended and default setting. The recommended protocol version is 4. The default is 1.
|
|
If this parameter is not specified, it defaults to 5, which is the recommended setting.
|
6.
|
Configure the security appliance to filter HTTP requests with the filter url command.
|
|
To review the current URL server rules, enter show running-config url-server.
|
|
To review all the filter rules, enter show running-config filter.
|
7.
|
Configure the security appliance to filter HTTPS requests with the filter https command.
|
|
To review the current URL server rules, enter show run url-server.
|
|
To review all the filter rules, enter show run filter.
|
|
Enter exit to go up a level to run the show command.
|
8.
|
Configure the Cisco security appliance to filter FTP requests with the filter ftp command.
|
|
To review the current URL server rules, enter show run url-server.
|
|
To review all the filter rules, enter show run filter.
|
|
9.
|
After entering commands to define filtering for HTTP, HTTPS, and FTP requests, you can define any required exceptions to these filtering rules by adding the except parameter to the filter command:
|
10.
|
Configure the security appliance to handle long URLs using the url-block url-mempool and url-block url-size commands:
|
11.
|
Configure the URL response block buffer using the url-block block command to prevent replies from the web server from being dropped in high-traffic situations.
|
|
To view the current configuration for all 3 url-block commands, enter show running-config url-block.
|
|
Enter show url-block block statistics to see how the current buffer configuration is functioning. The statistics include the number of pending packets held and the number dropped. The clear url-block block statistics command clears the statistics.
|
12.
|
If you need to discontinue filtering, enter the exact parameters in the original filter command, preceded by the word no.
|
<port>
|
||||||
<local_ip>
|
||||||
<local_mask>
|
Network mask of the local_ip address (the IP address requesting access).
|
|||||
<foreign_ip>
|
||||||
<foreign_mask>
|
Network mask of the foreign_ip address (the IP address to which access is requested).
|
|||||
|
||||||
Integrating Forcepoint URL Filtering with Cisco > Cisco integration configuration procedure
|