Book Excerpt: Cisco Secure Internet Security Solutions - part 4 - Page 5

URL Filtering
You added URL filtering for monitoring, reporting, and restricting URL access. Cisco Systems and Websense, Inc. have formed a partnership for joint marketing and coordination of technical information on a product called Websense, which is used to control the sites that users are allowed to access. For example, web sites classified as employment or violent can be blocked. Instructions on ordering Websense are included in the documentation of every PIX Firewall.

The PIX Firewall configuration for enabling URL filtering is very simple. The following three lines show the configuration. The first line tells the PIX to allow or block URL access based on the information received from the Websense server on the inside interface at the 10.1.1.51 IP address. Should a response to a request not be received within the timeout parameter of 30 seconds shown on this line, the next Websense server will be queried. The default timeout is 5 seconds. The second line shows the failover Websense server, which is also the Web server on the public interface. The third line defines that all HTTP requests will be watched. Multiple filter commands can be combined to refine what is monitored.
The full syntax of the filter command will be shown after the command lines.

 url-server (inside) host 10.1.1.51 timeout 30
 url-server (public) host 192.168.2.30
 filter url http 0 0 0 0

filter [activex http url] | except local_ip local_mask foreign_ip foreign_mask [allow]