ASA URL filtering with MPF

Problem: “I want to block facebook.com and myspace.com but I don’t have a Websense server.”

regex domlist1 "facebook.com"
regex domlist2 "myspace.com"
!
class-map type regex match-any DomainBlockList
  match regex domlist1
  match regex domlist2
!
class-map type inspect http match-all BlockDomainsClass
  match request header host regex class DomainBlockList
!
policy-map type inspect http http_inspection_policy
  class BlockDomainsClass
  reset log
!
policy-map global_policy
  class inspection_default
  inspect http http_inspection_policy
!
service-policy global_policy global
wr mem

Posted in ASA, CCIE, CCIE Security.

Tagged with ASA, CCIE, filtering, MPF.

1 comment

By blanders – October 21, 2009

One Response

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Kirbini says

Better have a lot of spare CPU or low HTTP traffic levels when implementing HTTP inspect with regex or you could wind up in quite the pickle.

October 27, 2009, 10:38 am

« BGP Through an ASA with Authentication BGP Route Manipulation »

Cisco Catalyst 6500 Architecture White Paper
The official source for Cat6k architecture and design questions.
Notes on Cisco Catalyst 6500 architecture
High-level overview of the various backplane and fabric options in the Cat6k.
Extracting a 3DES key from an IBM 4758
Software-based attack for stealing the crypto keys from a tamper-resistant IBM crypto processor.
PowerCLI: Changing a VM IP Address with Invoke-VMScript
How to update the IP address of a Windows VM programatically using the PowerShell-based PowerCLI.
Auto-configure Linux vmware-tools at Boot time
Bash initscript to ensure your vmware tools get reconfigured when the kernel is upgraded. Could use a tweak to not run on a non-VM host.
Upgrade SQL Express to Standard or Enterprise
This will come in handy if you start out with vCenter running on the included SQL Express server and later outgrow it.
VMware Virtual Center Attributes – It’s all about the details
Covers a lesser-known but VERY useful feature in vCenter for adding metadata to virtual machines.
VMFS or NFS
Performance and other considerations when choosing a storage architecture for vSphere. Also touches on FC vs. iSCSI/NFS.
Designing Secure Multi-Tenancy into Virtualized Data Centers
Cisco Validated Design for the just-announced VMware/NetApp reference architecture.
Cisco Internal WAAS Implementation
High-level overview of Cisco IT's WAAS rollout to 200+ remote offices. The resulting CIFS optimization lead them to massivly consolidate file services to regional hubs.
The Great vSwitch Debate
Outstanding 8-part coverage of vSwitches and potential VMware network designs.
Cisco Data Center Interconnect Design and Implementation Guide
(PDF) Describes a portion of Cisco’s system for interconnecting multiple data centers for Layer 2-based business applications. Covers VSS and vPC.
Linux performance basics
Good, quick introduction to vmstat, iostat, and top for checking Linux performance stats.
vSphere 4.0 Hardening Guide Public Draft Released
Multi-PDF guide/checklist for securing vSphere in enterprise, DMZ, and special-access environments.
vSphere Host Died Abandon Ship!
Adding vSphere vCenter Alarms & Actions. How to automatically move your VMs off a dying host.

Proudly powered by WordPress and Carrington.

ASA URL filtering with MPF

One Response

About Packetslave Industries

Archives

Meta

Delicious Bookmarks