Content Filtering Support Overview
URL Blacklisting Support ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22938-02
URL Blacklisting Support
In the URL Blacklisting solution, a blacklist is a list of known URLs/URIs, which for some reason are being denied
recognition. The blacklist can be obtained from a known source such as the National Center for Missing & Exploited
Children (NCMEC, http://www. missing kids.com), or any other IP source. The blacklist is a clear text file, the file must
be named cumulative.csv, and must use the same format as the blacklist file from NCMEC. For more information on the
blacklist file, please contact your local service representative.
Unlike the Category-based Content Filtering solution, which categorizes URLs as per a static database and takes
different actions based on the different policies associated with subscribers, URL Blacklisting is applicable to all
subscribers associated with a blacklisting-enabled rulebase. The same blacklist database is used for all subscribers, and
for a specific URL, the same action is taken for all subscribers.
The blacklist file is downloaded and converted into a non human-readable optimized format (OPTBLDB) and then
made available in the system. Once in place, all HTTP and WAP requests from subscribers are inspected in order to
determine the requested destination URL/URI. If the URL/URI is not present in the blacklist then the request is passed
on as usual. If the URL/URI is present in the blacklist, the request is dropped, or the flow is redirected or terminated as
configured. There is no indication/messaging sent to the requesting subscribers that the requested HTTP/WAP
URL/URI was rejected due to a blacklist match.
The URL Blacklisting match-method can be configured to either be generic or to look for any URL/URI in its exact,
literal form.
The system generates usage/event data that can be utilized as the basis for blacklist reporting. The offline reports consist
of, at a minimum, a running total of the number of times a match was made against the blacklist without any
information regarding the specifics of the request.
The default/configured number of versions of the Blacklist database are maintained on the chassis (both the SPCs). This
enables reverting to a particular version if required.
The following figure shows the high-level URL Blacklisting architecture with ECS, and other components in a
deployment scenario.
Содержание ASR 5000 Series
Страница 1: ......
Страница 26: ......
Страница 48: ...New In Release 10 0 SCM Features Cisco ASR 5000 Series Product Overview OL 22938 02 ...
Страница 50: ......
Страница 58: ......
Страница 67: ...Product Service and Feature Licenses Default Licenses Cisco ASR 5000 Series Product Overview OL 22938 02 ...
Страница 68: ......
Страница 126: ......
Страница 138: ......
Страница 146: ......
Страница 218: ......
Страница 236: ......
Страница 356: ......
Страница 374: ......
Страница 422: ......
Страница 496: ......
Страница 572: ......
Страница 654: ......
Страница 700: ......
Страница 726: ......
Страница 784: ......
Страница 816: ......
Страница 839: ...Network Address Translation Overview How NAT Works Cisco ASR 5000 Series Product Overview OL 22938 02 ...
Страница 841: ...Network Address Translation Overview How NAT Works Cisco ASR 5000 Series Product Overview OL 22938 02 ...
Страница 844: ......
Страница 906: ......
Страница 926: ......
Страница 942: ......
Страница 943: ...Cisco ASR 5000 Series Product Overview OL 22938 02 Chapter 30 Technical Specifications ...
Страница 966: ......
Страница 967: ...Cisco ASR 5000 Series Product Overview OL 22938 02 Chapter 31 Safety Electrical and Environmental Certifications ...
Страница 972: ......