Re: can I use a PIX 515 to block URL's instead of using Websense?
From: Bob Whittier (net_nomad2002@yahoo.com)Date: 06/04/02
- Next message: some josher: "Re: what to monitor with host based ids?"
- Previous message: Paul Browning: "Re: LinkSys Router and ICQ - Correction"
- In reply to: SysAdm: "Re: can I use a PIX 515 to block URL's instead of using Websense?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: net_nomad2002@yahoo.com (Bob Whittier) Date: 3 Jun 2002 21:07:02 -0700
There is now also another "Cisco recommended and approved" option to
Websense called N2H2. They have a great product that is less expensive
than Websense. N2H2 is the only other option that is part of the Cisco
IOS and configured per the instructions below. There are also other
filtering options that don't work as tightly with Cisco as these two.
N2H2 has a 30 day trial version to try out as well.
"SysAdm" <wjones@sitesmith.com> wrote in message news:<adgrmb$vc$1@paris.btinternet.com>...
> the pix isnt really built for URL blocking, which is why products such as
> websense are out there. cisco themselves recommend this product to work in
> conjunction with the pix (as do other firewall manufacturers)
>
> add the following code to your pix in order for it to utilise url filtering.
> in this example, you have defined a server named filter-server which sits in
> the security20 segment, with an address of 192.168.10.1 -- the idle time
> specifies how long to wait for the server before switching to the next
> websense server (which you need to define...)
>
> filter-server (security20) 192.168.10.1 timeout 5
> filter url http 0 0 0 0 allow
>
>
> Security is a many headed beast, which requires the application of many
> techniques in order to combat unwanted traffic and/or intrusion attempts.
> Trying to get a firewall to do a job it wasnt made for is a recipe for
> failure from inception.
>
> SysAdm
>
>
>
>
> "Hana" <hanafubuki@email.com> wrote in message
> news:5244c69b.0206031251.eb5920e@posting.google.com...
> > Our company purchased Private I with our PIX 515 to monitor http
> > traffic. It is satisfactory. Unfortunately, Private I does not
> > provide URL blocking. We have been advised to buy Websense, or
> > something similar. Websense will duplicate the reporting we purchased
> > in Private I, and our blocking needs are small.
> >
> > Understanding that it may both be a lot of work, and not generate user
> > friendly error messages to the client, is there something inherently
> > wrong with blocking the IP addresses of the URL hosts on the firewall
> > itself instead of using a product like Websense?
> >
> > Thank you in advance for your help.
> >
> > Hana
- Next message: some josher: "Re: what to monitor with host based ids?"
- Previous message: Paul Browning: "Re: LinkSys Router and ICQ - Correction"
- In reply to: SysAdm: "Re: can I use a PIX 515 to block URL's instead of using Websense?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
