1. Home
  2. Networking
  3. Router firewall security

Chapter 10. Filtering Web and Application Traffic

In Chapter 9, "Context-Based Access Control," I discussed how you can use the Cisco CBAC, a feature of the Cisco IOS Firewall feature set, to implement a stateful firewall. This chapter picks up where Chapter 9 left off and focuses on filtering of web and application traffic. As you recall from Chapter 9, one of the features of CBAC is the capability to filter Java applets. This chapter starts by covering how this is done with CBAC. It then expands coverage of HTTP connections by discussing how you can filter web connections using N2H2 and Websense web content filtering servers. This last part of the chapter discusses the Cisco Network-Based Application Recognition (NBAR) feature. NBAR typically is used to implement Quality of Service (QoS). However, this extremely powerful tool also can be used to monitor and filter traffic.



    		Part I: Security Overview and Firewalls
    		Part II: Managing Access to Routers
    		Part III: Nonstateful Filtering Technologies
    		Part IV: Stateful and Advanced Filtering Technologies
    		Chapter 8. Reflexive Access Lists
    		Chapter 9. Context-Based Access Control
    		Chapter 10. Filtering Web and Application Traffic
    		Java Applets
    		URL Filtering
    		Network-Based Application Recognition
    		Summary
    		Part V: Address Translation and Firewalls
    		Part VI: Managing Access Through Routers
    		Part VII: Detecting and Preventing Attacks
    		Part VIII: Virtual Private Networks
    		Part IX: Case Study