Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > ASA 5505

Reply
Thread Tools

ASA 5505

 
 
Supersleuth
Guest
Posts: n/a
 
      12-29-2010
I wasnt to use an ASA 5505 as my office firewall but have also to
consider outgoing traffic


With the AS 5505 can i filter which websites and ports the internal
users are allowed to access per IP address

Different users have different requirements

or do I need somthing else to do that


I am not that concerned about caching web pages the main thing is to
block certain sites from certain users
 
Reply With Quote
 
 
 
 
bod43
Guest
Posts: n/a
 
      01-01-2011
On Dec 29 2010, 10:38*am, Supersleuth <(E-Mail Removed)> wrote:
> I wasnt to use an ASA 5505 as my office firewall but have also to
> consider outgoing traffic
>
> With the AS 5505 can i filter which websites and ports the internal
> users are allowed to access per IP address
>
> Different users have different requirements
>
> or do I need *somthing else to do that
>
> I am not that concerned about caching web pages the main thing is to
> block certain sites from certain users


I am not 100% on this but here goes.

I would doubt that it would be a practical solution.

Some kind of filtering proxy or dedicated web filter box
sounds like a better idea. They can integrate into AD
(Active Directory) user logins.

Bluecoat are one of the market leaders. Of course
they are not at all cheap. Well properly costly I mean really.

If you have a very small number of users and a small
number of concerning sites that do not change often
then you might be able to use an ASA.

There might be a DNS based solution too.

 
Reply With Quote
 
 
 
 
Jean-Francois Dive
Guest
Posts: n/a
 
      02-01-2011
On Dec 29 2010, 11:38*am, Supersleuth <(E-Mail Removed)> wrote:
> I wasnt to use an ASA 5505 as my office firewall but have also to
> consider outgoing traffic
>
> With the AS 5505 can i filter which websites and ports the internal
> users are allowed to access per IP address
>
> Different users have different requirements
>
> or do I need *somthing else to do that
>
> I am not that concerned about caching web pages the main thing is to
> block certain sites from certain users


This is overall very true, the ASA will not be able to filter on a per
user basis, this should be achieved by an external web proxy +filter.
the ASA supports the redirection via WCCP or so. On a per IP basis,
you could achieve this, with url filtering, this can be achieved using
the http regex filtering rules (not really trivial on CLI as you have
to understand the way the MPF cli works, but rather ok from the GUI).

Hope this help,

J.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASA 5550 behind ASA 5505 Dogg Child Cisco 4 06-08-2010 06:56 PM
Re: ASA 5505 behind ASA 5505 Dogg Child Cisco 0 06-07-2010 12:13 PM
ASA 5505 as hardware vpn client to PIX 501 or ASA 5505 with network extension mode activated bjorn@kumlait.se Cisco 1 06-17-2007 12:43 PM
ASA 5505 initiating a tunnel? neicymath Cisco 0 12-15-2006 04:05 PM
Q: ASA 5505 (Home Office) - Dual ISP ? Martin Bilgrav Cisco 3 10-20-2006 11:32 AM



Advertisments