Over the past few days, I’ve spent quite a bit of time looking at some of the advanced capabilities of modern Cisco Firewalls. My most recent testing was done with the Meraki MX 60 cloud managed Firewall product. What I have to say is this is the easiest to configure content filter I’ve ever seen. So I just wanted to take a moment and share what that looks like.
As with all Meraki products, the MX is completely cloud managed. So to manage the device, and administrator must access the Meraki Dashboard. Once authenticated, it is simply necessary to choose Security Appliance then Content Filtering from the menu on the right.
Once on the content filtering page, the policy is self explanatory. The top section is for categories that should be blocked. While the box appears to be a free form entry field, clicking anywhere in the area presents a list of categories to choose from. The bottom section allows for manual whitelisting and blacklisting. To get a better idea on how the match is performed and the format requirements of the block criteria, the “Learn how URL blocking works” link may be selected.
For those wanting to see the complete category list and don’t have dashboard access, I have compiled a current list here — Meraki Content Filtering Categories
One more question that may come up is, “How do I tell what has been blocked?”
The answer to that question is again in Meraki Dashboard. By navigating to Network-wide, then Summary Report, it is easily to see a list of blocked categories. The list is sorted based on the number of blocked sites per category. If more detail is necessary, the Event log can provide this. This is also found in the Network-wide section and the filter criteria can be adjusted to focus on the “Content filtering blocked URL” event type.
The Meraki MX is a product that provides a very simple way to control access to URLs based on categories. One thing to note is that this is considered “Content Filtering” and does require an Advanced Security License.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This
may or may does not reflect the position of past, present or future employers.