Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

URL Filtering Configuration on vManage

How to configure URL Filtering on a vManage

URL Filtering Configuration on SD-WAN

The URL Filtering feature enables the user to provide controlled access to Internet websites or Intranet sites by configuring URL-based policies and filters on the device. The URL Filtering feature is implemented using the Snort Intrusion Prevention engine.

You can configure URL Filtering with a Security configuration wizard.

URL Filtering Configuration

To configure URL Filtering through Security, use the vManage security configuration wizard:

1.       In Cisco vManage, select the Configuration ► Security tab in the left side panel.

clipboard_ea321f70d28e746208664a0f655af706b.png

2.       Click Add Security Policy. The Add Security Policy wizard appears and various use-case scenarios display.

clipboard_ea416ee829f8b68e7e932f0394285ad10.png

3.       In Add Security Policy, select Direct Internet Access.

4.       Click Proceed to add an Intrusion Prevention policy in the wizard.

5.       In the Add Security Policy wizard, select URL Filtering tab to create a new URL Filtering Policy.

clipboard_e1fb96cc6988a98e580887e21f7546339.png

6.       Click the Add URL Filtering Policy drop-down, select Create New to create a new policy. A URL Filtering - Policy Rule Configuration wizard appears.

clipboard_e4a4d488c1bad4e67cddc346adcac6bb9.png

7.       Enter the policy name in Policy Name field.

8.      Choose one of the following options from the Web Categories drop-down:

  • Block—Block websites that match the categories that you select
  • Allow—Allow websites that match the categories that you select

9.       Select one or more categories to block or allow from the Web Categories list.

10.    Select the Web Reputation from the drop-down. The options are:

  • High Risk
  • Suspicious
  • Moderate Risk
  • Low Risk
  • Trustworthy

11.   From the Advanced tab, choose one or more existing Whitelist URL lists or create new ones as needed from the Whitelist URL List drop-down.

Items on the whitelist are not subject to domain filtering. If the same item is configured under both the whitelist and the blacklist, the traffic is whitelisted.

To create a new URL list, click New Whitelist URL List at the bottom of the drop-down. In the Whitelist URL List Name field, enter a list name consisting of up to 32 characters (letters, numbers, hyphens and underscores only). In the Add Whitelist URL field, enter URLs to include in the list, separated with commas. You also can use the Import button to add whitelists from an accessible storage location. Click Save when you are finished.

  1. From the Advanced tab, choose one or more existing Blacklist URL lists or create new ones as needed from the Blacklist URL List drop-down.

Items on the blacklist are subject to domain filtering. If the same item is configured under both the whitelist and the blacklist, the traffic is whitelisted.

To create a new URL list, click New Blacklist URL List at the bottom of the drop-down. In the Blacklist URL List Name field, enter a list name consisting of up to 32 characters (letters, numbers, hyphens and underscores only). In the Add Blacklist URL field, enter URLs to include in the list, separated with commas. You also can use the Import button to add blacklists from an accessible storage location. Click Save when you are finished.

You also can create or manage blacklist URL lists by selecting the Configuration ► Security tab in the left side panel, choosing Lists from the Custom Options drop-down at the top right of the page, and then selecting Blacklist URLs in the left panel.

To remove a URL list from the Blacklist URL List field, click the “X” next to the list name in the field.

  1. In the Block Page Server pane, choose an option to designate what happens when a user visits a URL that is blocked. Choose Block Page Content to display a message that access to the page has been denied, or choose Redirect URL to display another page.

clipboard_e56103eee876053642b11ec1e831ea67e.png

  1. In the Alerts and Logs pane, select the alert type from the following options:
  • Blacklist—Exports an alert as a Syslog message if a user tries to access a URL that is configure in the Blacklist URL List
  • Whitelist—Exports an alert as a Syslog message if a user tries to access a URL that is configure in the Whitelist URL List
  • Reputation/Category—Exports an alert as a Syslog message if a user tries to access a URL that has a reputation that is configured in the Web Reputation field or that matches a blocked or allowed web category
  1. Click on Target VPNs to add required number of VPNs in Add Target VPNs wizard.

clipboard_e1997f6cf24bbb6cdeb08dc71d5c94519.png

  1. Click Save Changes to add target VPNs.
  2. Click Save URL Filtering Policy to configure URL Filtering.
  3. You can edit the existing URL Filtering policy by clicking on Custom Options in the right-side panel of vManage ► Configuration ► Security wizard.

clipboard_e87225f2b01b71b73b514eacfa295bc88.png

Monitoring URL Filtering Feature

You can monitor the URL Filtering for a device by web categories using the following steps.

To monitor the URLs that are blocked or allowed on an IOS XE SD-WAN device:

1.       From the Monitor ► Network screen, select a device.

2.       In the left panel, under Security Monitoring, select URL Filtering tab. The URL Filtering wizard displays.

3.       Click on Blocked tab, and the session count on a blocked URL appears as shown in the following screenshot.

clipboard_e3d0956eadd1a590d55ccb51441694045.png

4.       Click on Allowed tab, the session count on allowed URLs appear as shown in the following screenshot.

clipboard_e59aaefc4a9b5e3808df6df50576c5fe2.png

 

  • Was this article helpful?