Cisco Systems ASA 5580 Manual De Usuario

This chapter describes how to use filtering services to provide greater control over traffic passing 
through the ASA and includes the following sections:

 

You can use web traffic filtering in two distinct ways:

Filtering ActiveX objects or Java applets

Filtering with an external filtering server

Instead of blocking access altogether, you can remove specific undesirable objects from web traffic, such 
as ActiveX objects or Java applets, that may pose a security threat in certain situations. 

You can use web traffic filtering to direct specific traffic to an external filtering server, such an Secure 
Computing SmartFilter (formerly N2H2) or the Websense filtering server. You can enable long URL, 
HTTPS, and FTP filtering using either Websense or Secure Computing SmartFilter for web traffic 
filtering. Filtering servers can block traffic to specific sites or types of sites, as specified by the security 
policy.

URL caching will only work if the version of the URL server software from the URL server vendor 
supports it.

Because web traffic filtering is CPU-intensive, using an external filtering server ensures that the 
throughput of other traffic is not affected. However, depending on the speed of your network and the 
capacity of your web traffic filtering server, the time required for the initial connection may be 
noticeably slower when filtering traffic with an external filtering server.