firepower

FireSIGHT URL Filtering using Sourcefire User Agent and LDAP AD

No lie, this one took me a while to figure out.  First, if you haven’t done so already, check out this article which clearly explains (with pictures!) how to accomplish this basic URL filtering without user awareness:

URL Filtering on a FireSIGHT System Configuration Example

If you only desire to filter based on something basic like networks, you’re all set. However, if you want to get more granular and start creating policies based on AD/LDAP group membership, this post is for you.  I’ll go ahead and assume you already have the FirePOWER modules or appliances installed somewhere in your network and they’re being managed by FireSIGHT.  Follow the steps below: (more…)