How Url Blacklisting And Category-Based Content Filtering Work Concurrently - Cisco ASR 5000 series Product Overview

▀ How URL Blacklisting and Category-based Content Filtering Work Concurrently

How URL Blacklisting and Category-based Content Filtering
Work Concurrently
Both URL Blacklisting and Category-based Content Filtering can be concurrently enabled in a system. The following
describes how URL blacklisting and content filtering are performed on HTTP/WAP traffic when concurrently enabled
on a system:
Step 1 If both URL Blacklisting and Category-based Content Filtering are enabled, first URL blacklist matching is performed,
and then, if required, content filtering is performed.
When an HTTP/WAP request comes for ECS processing, a check is made to see if the URL Blacklisting
feature is enabled. If enabled, the URL is extracted from the incoming request and is matched with the local
Blacklist database.
Step 2
If URL Blacklisting is enabled and Category-based Content Filtering is disabled, and a match is not found for the URL
in the Blacklist database, the request is allowed to pass through, and no Content Filtering EDRs are generated for those
flows.
▄ Cisco ASR 5000 Series Product Overview
If a match is found for the URL in the Blacklist database, the packets are subjected to the blacklisting
action configured in the rulebase—Discard, Redirect, or Terminate flow. In case of multiple HTTP
requests in the same TCP packet, if any of the URLs is blacklisted, then action is taken on the
packet.
If a match is not found in the Blacklist database, then Category-based Content Filtering is performed.
If Category-based Static Content Filtering is enabled, static rating is performed and action
taken as configured for the category returned in the subscriber's content filtering policy.
Content Filtering Support Overview
OL-22938-02