Cisco WS-CE500-24TT Administration Guide - Page 124

Firewall Configuration Using Other Tools to Control Access to the Internet 4 • TCP Session Cleanup Latency (seconds): Maximum time for a session to remain in the session table after detecting both FIN flags. This value can range between 0 and 4,294,967 seconds. The default is 10 seconds. STEP 3 Click Apply to save your settings. Using Other Tools to Control Access to the Internet The gateway offers some standard web filtering options to allow the admin to easily create internet access policies between the secure LAN and insecure WAN. Instead of creating policies based on the type of traffic (as is the case when using firewall rules), web based content itself can be used to determine if traffic is allowed or dropped. Refer to the following topics: • Configuring Content Filtering to Allow or Block Web Components • Configuring Approved URLs to Allow Access to Websites • Configuring Blocked URLs to Prevent Access to Websites • Configuring IP/MAC Binding to Prevent Spoofing Configuring Content Filtering to Allow or Block Web Components The security appliance supports a content filtering option that you can use to block access to certain Internet sites. Up to 32 key words can be specified for filtering. The type of keywords you can specify include website URL, newsgroup name, etc. STEP 1 Click Firewall > Content Filtering > Content Filtering. The Content Filtering window opens. STEP 2 In the Content Filtering Enable area, enable or disable the following: • Enable Content Filtering: Check the box to enable content filtering. Enable this feature when you want to configure and use features such as a list of Trusted Domains, keyword filtering, and so on. Cisco SA500 Series Security Appliances Administration Guide 124