18-13
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter18 Managing Firewall Web Filter Rules
Configuring Web Filter Rules for IOS Devices
IOS Web Filter Rule and Applet Scanner Dialog Box
Use the IOS Web Filter Rule and Applet Scanner dialog box to create web filtering rules for IOS devices.
Navigation Path
To open this dialog box, select the Web Filter Rules tab on the Web Filter Rules Page (IOS), page18-11,
click Add Row to create a new rule, or select a row and click Edit Row to edit an existing rule.
Related Topics
Configuring Web Filter Rules for IOS Devices, page18-10
Understanding Web Filter Rules, page18-1
Chapter 18, “Managing Firewall Web Filter Rules”
Configuring Settings for Web Filter Servers, page18-15
Field Reference
Exclusive Domains tab The local web filter list. This list is checked before web requests are
sent to the filtering server and applies to all interfaces on which you
configure web filtering.
If you know there are specific domains that you will always allow (such
as your organization’s own domain name), or disallow, you can list
them here. By configuring a local filter list, you can improve
performance because the device does not need to wait for a response
from the filtering server.
To add a domain, click the Add Row button and fill in the IOS Web
Filter Exclusive Domain Name Dialog Box, page 18-14.
To edit a domain, select it and click the Edit Row button.
To delete a domain, select it and click the Delete Row button.
Table18-5 Web Filter Rules Page (IOS) (Continued)
Element Description
Table18-6 IOS Web Filter Rule and Applet Scanner Dialog Box
Element Description
Enable Web Filtering Whether to enable the web filtering rule.
Interface The interface or interface role to which the rule is assigned. Enter the
name of the interface or the interface role, or click Select to select the
interface or role from a list, or to create a new role. An interface must
already be defined to appear on the list.
Interface role objects are replaced with the actual interface names when
the configuration is generated for each device. See Understanding
Interface Role Objects, page 6-67.
Traffic Direction The direction of the traffic to which this rule applies:
In—Packets entering an interface.
Out—Packets exiting an interface.