Configuring URL Filtering

Updating the Security Policy

URL Filtering allows networks to block traffic to certain sites by utilizing URL-based policies. It is implemented using the Snort Engine.

1. On the vManage GUI, navigate to Configuration => Security. Locate the Guest-FW-IPS-DIA policy and click on the three dots next to it. Choose to Edit the policy. We will add URL Filtering capabilities to the same policy which we used for IPS deployment

   

2. Click on the URL Filtering tab and then click on Add URL Filtering Policy. Choose Create New

   

3. Click on Target VPNs and enter a Target VPN of 30. Click on Save Changes

   

4. Enter URLF-NoShopping for the Policy Name. Set the Web Categories to Block and add auctions and shopping to the categories. Set the Web Reputation to High Risk

   

5. Specify This is not allowed! in the Content Body and make sure all the Alerts are selected. Click on Save URL Filtering Policy

   

6. Make sure the URLF-NoShopping URL Filtering policy shows up and click on Save Policy Changes

   

7. Click on Next and choose to Configure Devices. You can check the side-by-side configuration if needed, making note of the web-filter and block page-profile configuration being pushed by vManage. This is our URL-F configuration

   

Verification

Wait for a few minutes before going through the verification steps enumerated below.

1. Log in to the Site40 PC by accessing vCenter (use the bookmark or access 10.2.1.50/ui if connected to the GHI DC and 10.1.1.50/ui if connected to the SJC DC). Log in using the credentials provided and click on the sdwan-sjc/ghi-site40pc-podX. Click on the console icon to open a Web Console. Open an Incognito window in Chrome or a Private Browsing tab in Mozilla Firefox. Try to access http://www.amazon.com. The page should get blocked, giving the message we had customized

   

2. Log in to the CLI for cEdge40 via Putty and issue show utd engine standard logging events. This will show us amazon.com being blocked with a category of shopping attached to it

   

URL Filtering is working as expected in our lab environment.