11-4. HTTP, Java, and URL Filtering

An IOS firewall can inspect HTTP connections, just as it can with many other application protocols. In addition, the IOS firewall can block or allow Java applets based on the applet server's source address. Finally, you can filter or control web content through cooperation between the firewall and a third-party content-filtering server.

Follow these steps to configure an IOS firewall for web protocol inspection and content filtering:

1.
Enable HTTP inspection:
IOSFirewall(config)# ip inspect name
							inspection-name
							http [urlfilter]
  [java-list
							access-list] [alert {on | off}] [audit-trail {on | off}]
  [timeout
							seconds]
HTTP inspection is added to the CBAC inspection policy named inspection-name. If you use the ...

Get Cisco ASA and PIX Firewall Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.