Filter
Top Products
21-44
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 21 Managing Zone-based Firewall Rules
Configuring Content Filtering Maps for Zone-based Firewall Policies
Add or Edit URL Domain Name Dialog Box for URL Filter Parameters
Use the Add URL Domain Name dialog box to add web site domain names to the whitelisted (allowed)
or blacklisted (not allowed) lists.
Domain names can be complete (including the host name, such as www.cisco.com), or partial (such as
cisco.com). For partial names, all web site hosts on that domain are either permitted or denied. You can
also enter host IP addresses.
Navigation Path
From the Add or Edit URL Filter Parameter Map dialog boxes, click the Add button beneath the whitelist
or blacklist tables, or select a name and click the Edit button. See Configuring URL Filter Parameter
Maps, page 21-42.
Configuring URLF Glob Parameter Maps
Use the Add and Edit URLF Glob Parameter Map dialog boxes to define a parameter map for the
inspection of URLs in a Local web filter class map.
A single URLF Glob should contain only segments of URLs that you want to block or allow. Your goal
is to create class maps of white listed (allowed) or blacklisted (blocked) URLs. You can then define
Local web filter policy maps to allow or block the identified URLs.
Truncate Hostname
Truncate Script Parameters
Whether to truncate the URLs:
• If you do not select an option, URLs are not truncated.
• If you select Hostname, URLs are truncated at the end of the
domain name.
• If you select Script Parameters, URLs are truncated at the left-most
question mark in the URL.
Do not select any truncate options for devices running software releases
lower than 12.4(15)T or you will receive a validation error.
Tip Although you can select both options, it is illogical to do so.
Enable Server Log Whether to send information about HTTP requests to the URL filtering
server’s log server. The information includes the URL, the hostname,
the source IP address, and the destination IP address.
Additional Fields
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Allow Value Override per
Device
Overrides
Edit button
Whether to allow the object definition to be changed at the device level.
For more information, see Allowing a Policy Object to Be Overridden,
page 6-18 and Understanding Policy Object Overrides for Individual
Devices, page 6-17.
If you allow device overrides, you can click the Edit button to create,
edit, and view the overrides. The Overrides field indicates the number
of devices that have overrides for this object.
Table 21-17 Add or Edit URL Filter Parameter Map Dialog Boxes (Continued)
Element Description