ASA 5505

Discussion in 'Cisco' started by Supersleuth, Dec 29, 2010.

  1. Supersleuth

    Supersleuth Guest

    I wasnt to use an ASA 5505 as my office firewall but have also to
    consider outgoing traffic


    With the AS 5505 can i filter which websites and ports the internal
    users are allowed to access per IP address

    Different users have different requirements

    or do I need somthing else to do that


    I am not that concerned about caching web pages the main thing is to
    block certain sites from certain users
    Supersleuth, Dec 29, 2010
    #1
    1. Advertising

  2. Supersleuth

    bod43 Guest

    On Dec 29 2010, 10:38 am, Supersleuth <> wrote:
    > I wasnt to use an ASA 5505 as my office firewall but have also to
    > consider outgoing traffic
    >
    > With the AS 5505 can i filter which websites and ports the internal
    > users are allowed to access per IP address
    >
    > Different users have different requirements
    >
    > or do I need  somthing else to do that
    >
    > I am not that concerned about caching web pages the main thing is to
    > block certain sites from certain users


    I am not 100% on this but here goes.

    I would doubt that it would be a practical solution.

    Some kind of filtering proxy or dedicated web filter box
    sounds like a better idea. They can integrate into AD
    (Active Directory) user logins.

    Bluecoat are one of the market leaders. Of course
    they are not at all cheap. Well properly costly I mean really.

    If you have a very small number of users and a small
    number of concerning sites that do not change often
    then you might be able to use an ASA.

    There might be a DNS based solution too.
    bod43, Jan 1, 2011
    #2
    1. Advertising

  3. On Dec 29 2010, 11:38 am, Supersleuth <> wrote:
    > I wasnt to use an ASA 5505 as my office firewall but have also to
    > consider outgoing traffic
    >
    > With the AS 5505 can i filter which websites and ports the internal
    > users are allowed to access per IP address
    >
    > Different users have different requirements
    >
    > or do I need  somthing else to do that
    >
    > I am not that concerned about caching web pages the main thing is to
    > block certain sites from certain users


    This is overall very true, the ASA will not be able to filter on a per
    user basis, this should be achieved by an external web proxy +filter.
    the ASA supports the redirection via WCCP or so. On a per IP basis,
    you could achieve this, with url filtering, this can be achieved using
    the http regex filtering rules (not really trivial on CLI as you have
    to understand the way the MPF cli works, but rather ok from the GUI).

    Hope this help,

    J.
    Jean-Francois Dive, Feb 1, 2011
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Martin Bilgrav

    Q: ASA 5505 (Home Office) - Dual ISP ?

    Martin Bilgrav, Oct 19, 2006, in forum: Cisco
    Replies:
    3
    Views:
    3,266
    Martin Bilgrav
    Oct 20, 2006
  2. neicymath

    ASA 5505 initiating a tunnel?

    neicymath, Dec 15, 2006, in forum: Cisco
    Replies:
    0
    Views:
    434
    neicymath
    Dec 15, 2006
  3. Replies:
    1
    Views:
    3,343
  4. Dogg Child

    Re: ASA 5505 behind ASA 5505

    Dogg Child, Jun 7, 2010, in forum: Cisco
    Replies:
    0
    Views:
    633
    Dogg Child
    Jun 7, 2010
  5. Dogg Child

    ASA 5550 behind ASA 5505

    Dogg Child, Jun 7, 2010, in forum: Cisco
    Replies:
    4
    Views:
    1,058
    Morph
    Jun 8, 2010
Loading...

Share This Page