Managing Filters
Filters are used to control content that passes in to, and out of, your network. The following filter types are available:
Filters are used to control content that passes in to, and out of, your network. The following filter types are available:
Application control enables you to be more specific about the web applications and activities you want to filter than would be possible with URL or category filtering, for example:
There are different ways to block applications or accomplish the desired result. You can use the standard web filters instead of, or in addition to, application control. It is important that you place the rule containing application control filters in the desired order relative to any other rule, particularly when using Delegated Administration. When a rule allows access to a web resource, any subsequent rule that blocks access is ignored. You should take particular care with rules that include the following categories:
When the application engine blocks a transaction, Cloud Web Security sends a block page to the end user. However, not all websites display the block page. For example, some Web 2.0 websites display dynamic content using JavaScript instead of a static web page and are not likely to display the block page. Users are still properly blocked from downloading malicious data, but they may not always be informed of this by the website.
Applications are controlled by selecting a class, such as social networking, a platform within that category, such as Facebook, a specific application, such as chat, a group of applications, such as games, or an action. The most common actions that you can control are:
The names of these actions may vary depending on the application provider.
![]() Note |
New classes, platforms, applications, and actions are periodically added to the application control engine by Cisco based on analysis of Cloud Web Security user traffic. |
Classes, platforms, and applications can be thought of as nodes on a tree. When Cisco adds a new child node to the tree, it will automatically be included in any existing filters where the parent node is selected. For example, if a filter included the Social Networking > Facebook node, and a new application was added as a child of the Facebook node, it would automatically be selected in the filter.
Step 1 |
Click the Web Filtering tab to display the Web Filtering menus. |
Step 2 |
In the Management menu, click Filters to display the filter management page. ![]() |
Step 1 |
Click the Create Filter tab. |
||
Step 2 |
Enter a unique Filter Name. |
||
Step 3 |
For each filter type that you want to add to the filter, click the hyperlink in the left column and enter the details. You can use as many filter types as you want for each filter.
|
||
Step 4 |
Click Save to apply your changes in each filter type. |
||
Step 5 |
Click Save all Settings to apply all your changes. Alternatively, navigate away from the page to abandon your changes. |
Select the check boxes of the required categories. You can click Select All to select all the check boxes or Deselect all to clear all the check boxes. You can click Set to Default to copy the categories from the default filter or Copy HTTP selection to copy the categories from the HTTP settings for the filter. The available categories are the same as for HTTP.
![]() Note |
This option is available only if you select the Enable HTTP/HTTPS Split check box in the Separate HTTPS Restrictions section of the page. |
Enter the domains or URLs to be included in the filter. Each domain or URL should appear on its own line. You can use hostnames and subdomains, but you must omit the protocol (http://). You can click Sort Alphabetically to sort the list.
Enter the IP ranges to be included in the Networks/IPs box. These must be entered in the form of an IP address and a net mask, for example 192.0.2.0/24.
You can click Make Default to copy the settings from the default filter.
![]() Note |
There is a limit of 1,000 entries per Domain filter, and a total limit of 10,000 entries. |
Select the check boxes of the applications, audio, video, and image files that you want to block. You can select the Select All check box to select all the check boxes for a category or clear it to clear all the check boxes. You can click Select All to select all the check boxes or Deselect all to clear them. You can click Set to Default to copy the settings from the default filter.
In the box, enter any additional MIME types to block, for example text/html. Each MIME type must be entered on its own line. You can click Sort Alphabetically to sort the list.
Select the check boxes of the inbound file types to block. You can click Select All to select all the check boxes or Clear All to clear them. You can click Make Default to copy the settings from the default filter.
Enter any additional file extensions (up to eight characters) in the box, for example 7z. Each file extension should be entered on its own line. You can click Sort Alphabetically to sort the list.
Bi-directional filters are applied to incoming and outgoing content.
Select the check boxes for the application types, applications, and activities to include in the filter. Controls can be applied to various activities, including:
Selecting a node selects all child nodes in the tree. However, the opposite is not true. Selecting all activities is not the same as selecting the application. Selecting all applications is not the same as selecting the application type.
You can Show Selected to expand all selected nodes or Collapse All to collapse all nodes.
You can begin typing in the Filter box to filter the visible categories.
![]() Caution |
The Select All selects everything, even categories that have been hidden from display using the Filter box. |
Enter the domains or URLs to be excluded from the filter. Each domain or URL should appear on its own line. You can use hostnames and subdomains but you must omit the protocol (http://). You can click Sort Alphabetically to sort the list.
Enter the IP ranges to be included in the Networks/IPs box. These must be entered in the form of an IP address and a net mask, for example 192.0.2.0/24.
Select the required check boxes for the web browsers you want to include in the filter. You can select the All Versions check box to add every version, including future versions, of a given browser.
Enter any other user agents you want to include in the Custom User Agents box. Each user agent must be entered on a separate line. The following characters can be included:
!<text>—does not equal <text>
^<text>—starts with <text>
*—zero or more characters
<text>$—string ends with <text>
![]() Note |
Full regex syntax is not supported. Only the symbols listed above are used. |
You can click Set to Default to copy the settings from the default filter.
Step 1 |
On the Web Filtering > Management > Filters page, click the Edit icon next to the filter name. |
Step 2 |
Click the hyperlink of the settings type you want to change. |
Step 3 |
Make your changes. |
Step 4 |
Click Save all Settings to apply your changes. Alternatively, navigate away from the page to abandon your changes. |
On the Web Filtering > Management > Filters page, click the Delete icon next to the filter name