Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

18-4

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 18 Managing Firewall Web Filter Rules

Configuring Web Filter Rules for ASA, PIX, and FWSM Devices

Tip Rules cannot overlap. For example, if you create two rules with the same, or overlapping, source,

destination, and service, you cannot deploy them. Also, you should order any filter-except rules below

the filter rule to which they are creating an exemption.

Navigation Path

To access the Web Filter Rules page for ASA, PIX, and FWSM devices, do one of the following:

• (Device view) Select an ASA, PIX, or FWSM device, then select Firewall > Web Filter Rules from

the Policy selector.

• (Policy view) Select Firewall > Web Filter Rules (PIX/FWSM/ASA) from the Policy Type

selector. Create a new policy or select an existing one.

• (Map view) Right-click an ASA, PIX, or FWSM device and select Edit Firewall Policies > Web

Filter Rules.

Related Topics

• Understanding Web Filter Rules, page 18-1

• Configuring Web Filter Rules for ASA, PIX, and FWSM Devices, page 18-2

• Configuring Settings for Web Filter Servers, page 18-15

• Adding and Removing Rules, page 12-9

• Editing Rules, page 12-9

• Using Sections to Organize Rules Tables, page 12-20

• Enabling and Disabling Rules, page 12-20

• Moving Rules and the Importance of Rule Order, page 12-19

• Filtering Tables, page 1-45

Field Reference

Table 18-1 Web Filter Rules Page (ASA, PIX, FWSM)

Element Description

No. The ordered rule number.

Source

Destination

The source and destination addresses for the rule. The “any” address

does not restrict the rule to specific hosts, networks, or interfaces.

These addresses are IP addresses for hosts or networks, network/host

objects, interfaces, or interface roles. Multiple entries are displayed as

separate subfields within the table cell. See Understanding

Networks/Hosts Objects, page 6-74.

Service The services or service objects that specify the protocol and port of the

traffic to which the rule applies. Multiple entries are displayed as

separate subfields within the table cell. See Understanding and

Specifying Services and Service and Port List Objects, page 6-86.

Type The type of filtering action for the rule, either filtering the identified

traffic, or exempting the identified traffic from filtering (Filter Except).

For a full explanation, see Edit Web Filter Type Dialog Box, page 18-8.

previous next