Websense URL filtering(Cisco Security Manager) - ASA

 

Introduction

We will set up the same what we already set using CLI(see details)

 

Configuration

Web Filter Policy

  • Go to policy view - Firewall - Settings - Web Filter and create new policy

websense-csm1.png

Click "New Web Filter Policy,name it "Websense-ASA" and click OK.

 websense-csm2.png

 

  •  Choose Websense in "Web Filter Server Type"

websense-csm3.png

 

  •  Click "YES" on warning

websense-csm4.pngIf you have different type of servers please remove it before continoue

  • Add new Websense filter("plus button"),set version of Websense server,ip,timeout,number of connections and interface which Asa will use to connect to server

websense-csm5.png

 

  •  Set block-buffer, url-mempool,url-cache, url-size

 websense-csm6.png

  • Check again settings

websense-csm6a.png

  •  Save settings and assign our policy to firewall or group of firewalls

 

 Web Filter Rules

  • Go to policy view - Firewall - Web Filter Rules and create new policy

websense-csm7.png

 Name it "Websense-rules-ASA"

 websense-csm8.png

  •  Add rules

websense-csm9.png

websense-csm10a.png

 

websense-csm10b.png

 

websense-csm10c.png

 

in example above we set filter rule for http, https and ftp traffic originated from 192.168.1.0/24 network and going to Internet

If you configure "longurl-truncate" or "cgi-truncate" and you are running at least v6.3.0 of Websense, then as best practice, consider removing them.(source Websense site)

  •  Set rule "except" to not check traffic coming to destination 200.10.10.2/32 from network 192.168.1.0/24

websense-csm11.png 

websense-csm12.png

  •  Save policy and assign to firewall or group of firewalls.
  • Deploy our new policy
  • Check policy in reality

 

 

dzbanek 2012-10-28

 

This site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.