Re: [fw-wiz] Enforcing content filtering with PIX515E
- From: "Paul D. Robertson" <paul@xxxxxxxxxxxx>
- Date: Tue, 22 Jan 2008 23:23:14 -0500 (EST)
On Tue, 22 Jan 2008, Ian Rarity wrote:
Actually getting all the various versions of various browsers on our
network to use it as their proxy server is proving problematic; each
version of IE seems to store the proxy URL in a different registry key.
You can set the proxy address in a Group Policy Object, apply the GPO to
all the users and you're done.
Also, thanks to our IT policy (or lack thereof), there's not much we can
do to prevent users simply removing the proxy setting in their browsers
and looking at whatever sites they please.
Sure you can- first of all, deny HTTP and HTTPS access at the firewall for
anything that's not the proxy, and second of all, don't allow the users to
override the GPO. The first will catch the non-Windows users, the second
will lock down the rest.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
http://www.fluiditgroup.com/blog/pdr/
Art: http://PaulDRobertson.imagekind.com/
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Enforcing content filtering with PIX515E
- From: Ian Rarity
- [fw-wiz] Enforcing content filtering with PIX515E
- Prev by Date: Re: [fw-wiz] Enforcing content filtering with PIX515E
- Next by Date: Re: [fw-wiz] Enforcing content filtering with PIX515E
- Previous by thread: Re: [fw-wiz] Enforcing content filtering with PIX515E
- Next by thread: [fw-wiz] Implementing ISP load balancing with netscreen firewalls
- Index(es):
Relevant Pages
|
