Content Filters in PIX

We are thinking of deploying ten pix 501s to branch offices. We would really like to have some form of content filtering/web logging so that we can centrally control what sites these users can reach. We have worked with SonicWall models that do this, but are there any Cisco models? Does anyone know if this can be done?

Thanks!

-Douglas

Reply to
Douglas McIver
Loading thread data ...

In article , Douglas McIver wrote: :We are thinking of deploying ten pix 501s to branch offices. We would :really like to have some form of content filtering/web logging so that we :can centrally control what sites these users can reach. We have worked with :SonicWall models that do this, but are there any Cisco models? Does anyone :know if this can be done?

With the PIX 501 (i.e., PIX 6.x software release), your choices for content filtering both involve third-party software, namely WebSense or N2H2. I have heard that WebSense is not exactly bargin priced; I haven't heard anything about the N2H2 pricing.

If your needs can be met by site-level controls rather than by content controls (i.e., users are allowed to access whatever is available at sites you have selected, as compared to users being blocked from (say) downloading *.mp3 files but being allowed to go to a wider range of places), then you can centralize those site-level controls by using a RADIUS server and downloadable access lists; or by using something like CiscoWorks VMS (VPN Management Solution) or Solsoft to push new configs. Or you could keep the ACLs in a text file and tftp those to each of the PIX's [be very careful if you are changing the ACL that controls the VPN tunnels!]

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.