Integration of proxy with http content security appliance ?

---

• From: soumenpaul1977@xxxxxxxxx
• Date: 14 Feb 2007 19:45:28 -0000

---

Hi
All

I'm not sure if this is the correct mailing lists or not.So i'm posting it in the security basics mailing lists.

I have an internal proxy server(SunWeb Proxy 4.x) with 3 LANs.I have a checkpoint firewall with 3 interfaces which are connected to the 3 LANs.
For caching of http traffics , I forward all http requests to proxy server , which then does proxying and then forward back to checkpoint firewall and goes to internet.proxy has one NIC and it's default gateway is pointed to firewall interface. This is a simple set up n working.

Now I have bought McAfee Security Content Management (SCM) which I want to use as http content security solution.It would do AV,PUP,Malware etc checking , URL filtering for my http requests which are coming to proxy.

My questions are as below :

1.Anyone has any such experience on how to integrate them for layer 3 connectivity ?

Is there any special configs need to be done for Sun proxy to forward http checking to the content security box ?

Is there any specific network settings for McAfee Content security box ? currently the content security box is in explicit proxy mode.As per mcafee concepts guide , it should be in this mode. This box has only one option , i.e to specify a default gateway.It does not support OPSEC , 802.1Q etc


2.If you have integrated websense/N2H2 with squid/Sunwebproxy/WinProxy etc . Whats the conceptual integration menthods between proxy n content security box ?
what kind of configs I should do in proxy to forward the http packets to content seuciryt box and how the content security box would send http packets back to my proxy ?



Any configs help or conceptual helps would be helpfull..


Regards
Soumen Paul
Security Consultant
Cable & Wireless

CCNA CCSA CCSE JNCIA CSPFA CEH

---

• Prev by Date: Re: Re: PHP filter function against SQL injections
• Next by Date: Research Subject
• Previous by thread: SF new column announcement: Mouse-Trapped (by Mark Rasch)
• Next by thread: security not a big priority?
• Index(es):
  • Date
  • Thread

---

Relevant Pages [SubWeb] NEW http proxy/reverse proxy ... SubWeb is a proxy. ... HTTP flows in the line of HTTPush, ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) WhiteHat Arsenal 1.06 Beta Released ... fitted with an HTTP Response Code lookup utility. ... WHArsenal the best web application security product available. ... WhiteHat Arsenal logs all HTTP Request activities in either XML or HTML ... The Session Manager keeps log files ... (SecProg) [NEWS] Cisco Web-Browser Interface Vulnerability ... Get your security news from a reliable source. ... Cisco IOS Software Release 12.3JA ... HTTP secure) are not vulnerable. ... http server or ip http secure-server. ... (Securiteam) [NEWS] Firewall-1 HTTP Security Server - Proxy Vulnerability ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A security vulnerability in the way Checkpoint's Firewall-1 handles ... AllUsers@SomeNet webserver http UserAuth Long Allow Auth HTTP ... It appears that the default for the HTTP Security server is to allow any ... (Securiteam) [NEWS] Cisco VPN 3000 DoS ... Get your security news from a reliable source. ... Cisco VPN 3000 DoS ... HTTP is an application protocol for which the default TCP ... the concentrator can be configured to use HTTPS ... (Securiteam)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)