Re: [fw-wiz] Blocking Video/Audio Streaming



You absolutely can do this by integrating your PIX with a product like Websense. (Guess who I work for). PIXs natively support integration with Websense.

I will keep the commercial to a minimum but yes, Websense is a web security product and can filter/block Video and Audio streaming on a signature and port level. So protocols trying to hide under say port 80 are still going to be detected and stopped. Feel free to call me off list and I can go through our solution quickly for you. I promise that I will NOT give up your name to a sale rep unless you want me to.

-- Pete
------------------------------------------
Peter Trembath
Systems Engineer - Central Region
Websense, Inc.
Securing ProductivityTM

+1.248.522.7989 Office
+1.248.522.7991 Fax
+1.248.760.6871 Cell
ptrembath@xxxxxxxxxxxx
http://www.websense.com
------------------------------------------

PaulM <pmelson@xxxxxxxxx> wrote:
-----Original Message-----
Subject: [fw-wiz] Blocking Video/Audio Streaming

Many of the streaming video/audios uses http port 80 as transport, It is
possible to
block this type of traffic on Cisco PIX/IOS FW? a sample config will
really help me.

The HTTP fixup doesn't allow you to deny a/v streams or files over HTTP on
its own. You may be able to add an additional system (like a content filter
or and IDS) that can leverage the PIX to block the connection once it is
properly identified. Part of the problem is that you have a pretty big set
of detection factors for this stuff inside of the HTTP headers. Maybe MIME
type for some things, URL regex for others, and User-Agent for the rest.
PIX can't do that on its own.

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Peter Trembath
New Concepts in IT, LLC
30524 Barlow
Farmington Hills, Michigan 48334
Home Phone: 248-851-3672
Personal Cell: 248-760-6871
peter@xxxxxxxxx
www.nci2t.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: can I use a PIX 515 to block URLs instead of using Websense?
    ... the pix isnt really built for URL blocking, which is why products such as ... websense server ... Unfortunately, Private I does not ...
    (comp.security.firewalls)
  • Re: [fw-wiz] Websense protocol Version 4?
    ... >> Websense and PIX can also be configured to use a TCP protocol. ... but there are also several binary bytes which are static across requests and ...
    (Firewall-Wizards)
  • [fw-wiz] Websense protocol Version 4?
    ... I see from PIX and Websense documentation that the recommended ... configuration for URL filtering is to use the following PIX command: ... Websense and PIX can also be configured to use a TCP protocol. ...
    (Firewall-Wizards)
  • RE: [fw-wiz] Websense protocol Version 4?
    ... There also appear to be differences between the WebSense ... protocol used for PIX firewalls and the one used for Check Point firewalls ... I see from PIX and Websense documentation that the recommended configuration ... Websense and PIX can also be configured to use a TCP protocol. ...
    (Firewall-Wizards)
  • Re: can I use a PIX 515 to block URLs instead of using Websense?
    ... I biggest problem with doing this the way you suggest is that your PIX ... would second the idea that you should look at Websense. ... Unfortunately, Private I does not ... and our blocking needs are small. ...
    (comp.security.firewalls)