Botnet Traffic Filtering option in CSM 4.0 evaluation

Similar Messages

• Global Web Filtering Options

  I am looking for a global web filtering solution for our business but am having trouble finding a solution that will work acceptably for us globally.
  The problem is that our campany has hundreds of very small offices (mostly only 2-3 users with the odd larger office) located in remote locations all around the world where WAN links are very expensive and slow.
  We use all small office type cisco routers in our remote offices of various types (such as 800 series) and are rolling out WAAS/WAVE solutions to optimise our slow WAN links as much as possible, and all sites have site-to-site VPNs from the routers to our UK-based data centres.
  Currently we use Websense configured on the local routers at a few of our offices with a regional server in places such as the UK for most of Europe, and Mobile for most of the US for example.
  We could expand this to all locations, including Australasia, Middle East, Far East and Africa etc. but due to the remote locations we would need many local servers in many countries as the infrastructure to have just one regional Websense server isn't good enough in these areas and web performance would be too slow to be useable due to the latency to the Websense server location. It simply isn't financially feasible to put in hundreds of servers at lots of 2-3 man offices in the middle of no-where so I've been looking at other options.
  I was hoping a hosted solution would be the answer, but I've looked at WebSense's hosted service and it doen't appear to cover all regions (just has server farms in US/Europe which is no good for Africa etc.) I've also looked at Symantec MessageLabs but this has the same problem as there is no coverage in the Middle East/Asia/Africa etc and it proxies all web traffic so performance at these sites would probably be appaling with the limited bandwidth on top of the latency to the closest MessageLabs servers.
  I've now seen that Cisco have a new IOS Content Filter which uses Trend database servers. This sounded promising as it appears to cache the URL checks on the router making the server location less of an issue. But I'd still like to know where in the world they cover (I've seen reference to only 4 data centres globally). My other concern with this solution is whether it integrates into AD, so we can apply policies based on the user accounts like we do currently with the WebSense solution. The last thing is the price of this solution as it appears to be licensed based on the number of routers rather than the number of users. As our users are so spread out with only 2-3 users per router on average this is likely to mean for us this solution will be ridiculously expensive, can anyone advise if this is the case?
  My question therefore is can anyone advise on a solution for this that will work with our Cisco infrastructure in all our offices without having to purchase lots of servers for remote locations? I've seen that other vendors such as the Astaro Security Gateway have web filtering built into their products without the need for external servers, but I'd prefer to stick with Cisco if at all possible.
  Many thanks for any advice/help anyone can give me in this area.
  Paul

  Hi Paul,
  IOS Content filtering is licensed on a per router basis, you are right. So, probably that would not scale for you.
  Cisco has other solutions with Web Filtering and Ironport engines. The challenge in your setup is that each remote site would need to "call" to a central web filtering location that will be making the decision on allowing or no. Or you would need a service that scales well on a per contintent basis. There are some new Cisco web filtering options that could scale with servers almost everywhere in the world. But I don't think you can get a consice answer from this forum about your potential choices here.
  You local Cisco team will be able to provide you with these options. You are welcome to give them my email if they need to talk to me internally.
  I hope it helps a little.
  PK

• Multiple Filtering options within ALV Output.

  Hi All,
  Being a Functional Guy,I would like to clarify few questions in ALV functionality. In one of our requirement we need to create a ALV report.
  Step1 : Enter values in selection criteria.
  Step2: Execute ALV report.
  Step3: Within Output  I should be able to filters for a particular column. For example: We have a column as Country.In the Column can I select or enter India,US,UK and output should only contain only US,UK,India.
  Step4: Within output We have columns Country and State , can we enter values like Texas in State, US in country in the filter will the output will have only values with Texas & US.
  Can you guys advice if Step 3 & step 4 is possible in ALV.
  Thanks,
  Kitcha

  Hi,
  Yes, you can hae the filtering options for all the columns of the ALV..if you can see there is a stadnard filter functionality available
  for ALV that comes by default..
  When you show the output in alv these default filter is already avaibale..first try to test it out..
  Just go through the ALV documetns..filter is already there..for your output you will get the result..
  Regards,
  Lekha.
  Edited by: Lekha on Dec 10, 2009 10:28 AM

• Simplifying the UWL 'Show Filters' option

  In EP7 (2004s) the default UWL filtering option is more complex than we would like, all we want is for users to search by a text string on their work items as per our old release (EP6).
  The UWL documentation states that the link 'Show/Hide Filter' can be hidden but there is no mention whether this can be customised.
  The options 'High Priority', 'Due Date' and 'Sent Date' are irrelevant for our views hence we would like to remove them even if this required amendment to the SAP standard UWL code.
  I've looked in the PAR files com.sap.netweaver.bc.uwl and com.sap.netweaver.bc.uwl.ui but I can't find where these options are in order to remove them.
  Does anyone know how the filter can be modified?

  Hi Alan,
  I would be vitally interested to know how you removed the show/hide filters option from the UWL overview.  I also have searched the XML files and other config and could not find a means to accomplish this.  Your advice would be appreciated.
  Thanks.
  Karl

• Nokia Drive+ Beta Traffic rerouting option not app...

  Hi
  I have a Lumia 920 with Nokia Drive+ Beta.  Ive been told that it has traffic rerouting but dont see any traffic options in there.  Ive looked through all the menus, including route settings and route optimisation but no traffic related options.
  I live in reading, UK and travel towards and around London a lot so this would be very useful.  Is it just not supported in London yet?

  Hi, 
  Have you tried uninstalling and re-installing the application? Try to check as well if the application is updated. You may also take a look for related information here. 

• Is it possible to redirect https traffic to http in CSM?

  Hello,
  I have a requirement to redirect https traffic to http. Is it possible to do that in the CSM?
  In the CSM documentation all redirect examples/config etc refer only to http traffic so I am wondering if the other way around is supported as well.
  BTW I have already tried it on the CSM and it is not working. Everytime I try to reach the https url I get "ERROR_INTERNET_SECURITY_CHANNEL_ERROR" on http watch.
  Thanks for any help offered.
  Murtaza

  I don't have a config in hands for this.
  I have done it before and know this is feasible.
  The redirect is here :
  http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00802877f6.shtml
  Just change the vip to be only accessible by the SSLM.
  Create the appropriate redirect vserver.
  On the SSLM, send the decrypted traffic to the vip address and port.
  Just as if the Vip was a server.
  Gilles.

• VPN Gateway with traffic filtering

  I am working in the lab on a small scale setup in which client PC establishes a IPSEC VPN with a Cisco 1921 Router, i have two questions in this regard.
  (1) For Wireless clients PC's, Is using an IPSEC VPN Client the best possible option or should i prefer other options. the wireless clients also use Radius server for authentication.
  (2) i want to ensure that no other traffic can access or pass the LAN interface other than the Client VPN traffic, what do i need to configure on the Router to ensure that no other traffic can pass other than the VPB traffic.

  First: The actual IPsec VPN client is the AnyConnect. The VPN gateway-config for AnyConnect (especially for IPsec) on the IOS-router is much harder then it is on the ASA. If you still have the possibility to change the gateways, then go for an ASA.It's also much cheaper from a license perspective as there is no AnyConnect Essentials License for the router. The traditional Cisco VPN Client is EOL and you shouldn't start a new deployment based on that.
  Your questions:
  (1) All VPN-Users have to be authenticated somehow. Sending the authentication-request to a central directory is a best-practice and usually done with RADIUS. Additionally to the authentication you can also perform an authorization to control which rights a VPN-user gets.
  (2) If you only want to allow IPsec-traffic, you need to configure an access-list, with permits for UDP/500, UDP/4500 and IP/50 to your router-IP. With that config, all other traffic will be dropped.

• Single 5508 traffic segregation options

  Hi,
  In looking over some design guides, I noticed for a multi-WLC environment, one can use an anchor controller in the dmz to segregate guest traffic, so the WLC(s) on the client's internal network terminate tunnels and then sends EoIP traffic to the anchor in the dmz for the guest traffic.
  For a single 5508, it appears there is no such option unless the multiple WLC ports could be used: some to terminate tunnels and then others to egress guest traffic out a different port connected to the dmz.
  I suspect that is not possible. Wondering what is possible when constrained by a single 5508 for guest traffic segregation. Thanks.

  #whether it is one internal to one guest or multiple internal to one guest the physical connection is always same.
  #only management interface of both internal & anchor needs to be talking physically irrespective of guest wlans getting tunnelled between that internal & anchor WLC, ofcoarse need a physical port configured for guest vlan at dmz.
  #For WLC(internal) without dmz-wlc you need one physical port mapped to that guest vlan, either you can use ACL on WLC or at firewall.

• Time Capsule MAC filtering option

  I've recently purchased a couple Airport Express devices. I've also just disabled my Belkin wireless router in favor of my Time Capsule. I had problems getting items connected to the Express on the network. I have my sons iMac directly connected to the Express via a wired connection and I'm using the mac filter option for the Time Capsule. What I ended up having to do is to add the mac address for the wireless portion of the Express and also it's wired mac address. I also had to add my sons wired ethernet mac address. Is it normal to have to add all of these to the access list of the Time Capsule. I did not have to do it with the Belkin router.

  what you need MAC filtering for ? i have disabled the option after some testing and finding it more troublesome than not.
  just protect your network with a strong, non-dictionary passwords and WPA/WPA2 security.
  it will take a very determined and able hacker to get onto your network ...

• UWL :Show Filters option should be enable default

  Dear ALL,
  In UWL content area (Workitem Table) we have some thing called  Show Filters/Hidefilter option. by default the Addtional filters are not shownup in the UWL screen. Once we click show filter then addtional filter fields  will be shownup in the UWL Screen.
  my requirement is by default(While loading the UWL page/iview) automatically the addtional filters should be shown. can you help me out from this isse.
  Regards
  Sridhar

  Hi,
  You'll have to modify the UWL configuration file and use the defaultViewFilter attribute :
  <View ...  dynamicCreatingAllowed="no">
      <AllowedFilters>
         </CompoundExpression>
          <CompoundExpression referenceBundle="filter_uncompleted" defaultViewFilter="yes">
              <Expression name="itemType" comparator="NotEquals" value="uwl.completedtask.coll" />
          </CompoundExpression>
      </AllowedFilters>
  </View>
  Here's a link to the documentation : http://help.sap.com/saphelp_nw70ehp1/helpdata/en/a2/42e9ba01a5463ba10c797fb8e106d3/frameset.htm
  Regards,
  Pierre

• Remove duplicate filters option?

  Is there a way to remove duplicate filters from a bunch of different clips at once (perhaps using the remove attributes feature somehow)? For example, if you inadvertently put TWO flicker filters on all the clips in your sequence, and you want to remove the duplicate flicker filter, but not all the other filters used on each clip, can you do this without going through each clip one-by-one?

  cmd-z will undo what you've done if you catch it soon enough
  Using the Remove Attributes will remove categories and in your filters case remove them all.
  If all the clips have the same filters and it's just the one extra Flicker Filter you're trying to remove then you could Remove Attributes (filters) on all the clips, then rebuild one clip with all the correct filters and copy it. After which you could then paste those attributes back on all your highlighted clips.
  If on the other hand you've got multiple varied filters then you will have to remove the extra Flicker Filter on each clip.
  Or maybe someone else has a way of doing this that I haven't thought of before.

• How to activte no bidi filtering option for dat element matnr

  Dear All
  I want to activate no bidi filtring option for dataelement matnr in table amra
  But iam unable to do this.I got acess key and try to change but it not comes to edit mode
  it is in display mode only.Iam not able to select the checkbox.

  Hi,
  Are you sure you want to activate Bidirectional flag for MARA-MATNR ?
  If so, you need not register it.
  It should be done via Report program - I18N_SET_DATAELEMENT_FLAGS
  Cheers,
  Kothand

• Re: Nokia Drive+ Beta Traffic rerouting option not...

  Disappointed that lumia with drive beta has no traffic reroute as my N8 had. !!

  Here Drive + is still only Beta so make sure you let Nokia know before tey release the final. You can use the Nokia Support tab below. This is a user to user support forum so your post may not be seen by the right people. 

• RV220W - VLAN traffic filtering

  Hi all,
  Can I please ask if anyone knows of how to filter traffic between VLANs on the RV220W? I cannot seem to see a way.
  I only have two VLANs. The main VLAN and a seperate VLAN for guest WiFi access. I have inter-VLAN routing disabled on the guest VLAN but I do want guest to have access to a couple of devices on the main VLAN. Printers etc. Also, using a PPTP connection remotely I would like to be able to access the guest VLAN.
  Thanks in advance.
  Damien

  Hi Tom,
  I was under the impression that the RV220W does support full tunnel but then again I might be mistaken.  I have not used the SSL VPN yet but I will give it a try.
  Thanks,
  Jose

• Cisco ASA CSC HTTPS Traffic Filtering

  Hello,
  I am interesting how https filtering is working on ASA CSC module. When https filtering is enabled, should I import any certificate in csc which is trusted by users ? And what procedures should I complite to enable https filtering ?

  Hello,
  Here is the configuration guide for https filtering. I hope it helps:
  http://www.cisco.com/en/US/docs/security/csc/csc66/administration/guide/csc4.html#wp1098125
  Regards,
  Felipe.