C613-22104-00 REV B How to Configure Web Control Default Action Per-entity | Page 41
Configuring Web Control Advanced Network Protection
Figure 8: Web Control for more than one entity
Example 3 The following shows how to configure two firewall entities, with a different default action being
applied for each entity.
Access from the research network entity (within marketing zone) to URLs matching the art and
sports categories are permitted, whilst access to any other URLs is denied.
Conversely, access from the payroll network entity (within the admin zone) to URLs matching the
banned category are denied, whilst access to any other URLs is permitted.
Step 1:
Create the admin zone entity containing the payroll network entity and assign
its IP subnet address.
awplus#configure terminal
awplus(config)#zone admin
awplus(config-zone)#network payroll
awplus(config-network)#ip subnet
192.168.1.0/24
Step 2: Create the marketing zone entity containing the research network entity and
assign its ip subnet address.
awplus(config-host)#zone marketing
awplus(config-zone)#network research
awplus(config-network)#ip subnet 192.168.2.0/24
Step 3:
Enter into Web Control configuration mode and set the website categorization
provider.
awplus(config-host)#web-control
awplus(config-web-control)#provider digitalarts
Step 4:
Configure custom categories and associated match criteria.
awplus(config-control)#category banned
Host
Host
Zone-admin
Zone-marketing
network.payroll
network.research
Network-Internet
Internet
Zone-Public
Host
Host
category art
permitted
category sports
permitted
category banned
blocked
To Next Page
Loading...