URL Filtering Data from the Cisco Cloud

Adding a URL Filtering license automatically enables the URL filtering feature. This allows traffic handling based on a website’s general classification, or category, and risk level, or reputation.

By default, when users browse to an URL whose category and reputation is not in a local cache of previously accessed websites, the system submits it to the cloud for threat intelligence evaluation and adds the result to the cache.

Optionally, you can use a local URL dataset of categories and reputations, which can make web browsing faster. When you enable (or re-enable) URL filtering, the Firewall Management Center automatically queries Cisco for URL data and pushes the dataset to managed devices. Then, when users browse to an URL, the system checks the local dataset and the cache for category and reputation information before submitting it to the cloud for threat intelligence evaluation. To see your options for using the local dataset, including how to disable individual cloud lookups altogether, see URL Filtering Options.

Automatic updates of URL data is enabled by default; we strongly recommend you do not disable these updates.

Note	The Secure Firewall Threat Defense 200 series device does not store URL category and reputation data locally. It relies entirely on browser cache and cloud-based lookups for URL filtering and reputation evaluation.

The set of URL categories may change periodically. When you receive a change notification, review your URL filtering configurations to make sure traffic is handled as expected. For more information, see If the URL Category Set Changes, Take Action.