Cisco Cisco Web Security Appliance S360 Troubleshooting Guide

How to block Facebook.com chat and email features?

Environment: Cisco Web Security appliance (WSA) any AsyncOS versions

On AsyncOS version 7.1 & above with AVC enabled

On 7.1 version, WSA introduced a new feature named 'Application Visibility Controls' (AVC) which provides
the ability to automatically detect applications like Facebook. AVC feature requires a license key for "Cisco
Web Usage Controls" and it can be enabled under GUI > Security Services > Acceptable Use Controls

When AVC is enabled, we can use AVC to block the specific features on 'Facebook' like Facebook Messages
and Chat, Facebook Games etc. AVC also provides the ability to detect and control many other applications
like ITunes, Google+ etc.

 Navigate to GUI > Web Security Manager >
Access Policies

1. 

 For any specific access policy or 'Global Policy',
click on the link under "Applications" column

2. 

 Under 'Edit Application settings', click on the "+"
sign next to 'Facebook' to view all available options

3. 

 Configure "Facebook Messages and Chat" to
'Block'

4. 

 If you would like to only block video chat, then
choose 'Monitor' and then check 'Block Video
Chat' option

5. 

On all AsyncOS versions or with version 7.1 & above with AVC disabled

If the AVC feature is not available, then we can also block the chat and email features on facebook by
matching specific URLs.

 Navigate to Security Manager −> Custom URL
Categories −> Add Custom Category

1. 

 Fill out "Category Name" and click on "Advanced"

2. 

 Type in "facebook.*chat" on the 'Regular
Expression' window

3. 

 Navigate to Security Manager −> Access Policies
page

4. 

 Click the link in the policies table under the 'URL
Categories' column for the concerned access policy
you want to edit.

5. 

 In the 'Custom URL Category Filtering' section,
choose the action "Block"

6. 

 Submit and commit your changes.

7.