jgrammer42
asked on
Third party content filtering software integration with Cisco ASA
I have several locations with Cisco ASA 5540's. I want to install a 3rd party content filtering software, (or if there is a cloud-based solution I am fine with that also), to provide web content filtering and management. (Something like Websense-Triton, but not quite as expensive, and something I can deploy in a centralized location).
I want to be able to have the SAME kind of functionality for my Cisco ASA's as Sonicwall does for their NSA line of products. (I know that Sonicwall's have internal content filtering).
Can someone provide me a list of options for this?
Thank you,
Jeff
I want to be able to have the SAME kind of functionality for my Cisco ASA's as Sonicwall does for their NSA line of products. (I know that Sonicwall's have internal content filtering).
Can someone provide me a list of options for this?
Thank you,
Jeff
there are many ways to implement a content filtering solution. usually online is always an option and is independent of the ASA. there is usually also the option of WCCP redirection from the ASA to the filter. I have used ASA with websense, smoothwall, ironport, and used WCCP.
*inline not online. on my phone. :)
ASKER
NinjaStyle82
I very much like the idea of a cloud-based web content filter. That way I can have centralized management for the various branch locations.
Can you provide me with a few possible solutions that would work for ASA's that have various IOS versions from 8.2 and up?
Thank you,
Jeff
I very much like the idea of a cloud-based web content filter. That way I can have centralized management for the various branch locations.
Can you provide me with a few possible solutions that would work for ASA's that have various IOS versions from 8.2 and up?
Thank you,
Jeff
if you want to go entirely cloud based you will likely need to do a client side proxy/pac configuration. it should work independently of the ASA. I would talk with a vendor to get options. Websense offers cloud only and hybrid solutions, as does smoothwall and many others. they should give you a good idea of how the implementation will work, most likely the ASA will not be an obstacle.
i should be more clear. proxy/pac on the client as opposed to if it was an on premises solution, you could transparently proxy clients.
ASKER
NinjaStyle82,
Please forgive me for being dense. I am having a hard time visualizing what you are referring to. Are you saying that I should look at a solution where there is a client software installed on the PC and that then talks to a cloud based content filtering service? (Essentially then the ASA is not doing anything than acting as a router for HTTP:80 traffic.
Thank you,
Jeff
Please forgive me for being dense. I am having a hard time visualizing what you are referring to. Are you saying that I should look at a solution where there is a client software installed on the PC and that then talks to a cloud based content filtering service? (Essentially then the ASA is not doing anything than acting as a router for HTTP:80 traffic.
Thank you,
Jeff
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent help and information. thank you very much!