URL Filtering Configuration on SD-WAN
The URL Filtering feature enables the user to provide controlled access to Internet websites or Intranet sites by configuring URL-based policies and filters on the device. The URL Filtering feature is implemented using the Snort Intrusion Prevention engine.
You can configure URL Filtering with a Security configuration wizard.
URL Filtering Configuration
To configure URL Filtering through Security, use the vManage security configuration wizard:
1. In Cisco vManage, select the Configuration ► Security tab in the left side panel.
2. Click Add Security Policy. The Add Security Policy wizard appears and various use-case scenarios display.
3. In Add Security Policy, select Direct Internet Access.
4. Click Proceed to add an Intrusion Prevention policy in the wizard.
5. In the Add Security Policy wizard, select URL Filtering tab to create a new URL Filtering Policy.
6. Click the Add URL Filtering Policy drop-down, select Create New to create a new policy. A URL Filtering - Policy Rule Configuration wizard appears.
7. Enter the policy name in Policy Name field.
8. Choose the category from the Web Categories drop-down. The options are:
9. You can select one or more web categories from the list.
10. Select the Web Reputation from the drop-down. The options are:
- High Risk
- Moderate Risk
- Low Risk
11. In the Advanced tab, select Whitelist URL List and Blacklist URL List from the fields.
12. In the Block Page Server pane, choose Block Page Content or Redirect URL as shown in the following image.
13. In the Alerts and Logs pane, select the alert type from the following options:
14. Click on Target VPNs to add required number of VPNs in Add Target VPNs wizard.
15. Click Save Changes to add target VPNs.
16. Click Save URL Filtering Policy to configure URL Filtering.
17. You can edit the existing URL Filtering policy by clicking on Custom Options in the right-side panel of vManage ► Configuration ► Security wizard.
Monitoring URL Filtering Feature
You can monitor the URL Filtering for a device by web categories using the following steps.
To monitor the URLs that are blocked or allowed on an IOS XE SD-WAN device:
1. From the Monitor ► Network screen, select a device.
2. In the left panel, under Security Monitoring, select URL Filtering tab. The URL Filtering wizard displays.
3. Click on Blocked tab, the session count on a blocked URL appears as shown in the following screenshot.
4. Click on Allowed tab, the session count on allowed URLs appear as shown in the following screenshot.