Re: Blocking Access to web-based email

From: Leythos (void_at_nowhere.lan)
Date: 08/18/05 

Date: Thu, 18 Aug 2005 01:23:09 GMT

In article <8O2dnZ2dnZ2irR_3nZ2dnfsynt6dnZ2dRVn-0Z2dnZ0@comcast.com>,
charlesnewman1@comcast.no-spam.net says...
> Well, most software based solutions do require
> a reboot once a day. But software solutions can also
> filter up to 67 categories of content. CyBlock can
> filter up to 67 categories of content. It also has all
> kinds of reporting, even down to an individual user
> or IP address, something your hardware firewalls
> have not learned yet. I am surprised you dont have
> to reset your firewall everytime an update is
> downloaded.

Charles, Charles, Charles, you need exposure to real firewall
appliances. I can tell you the exact time/date/site/and even files you
looked at on every website you visited while accessing the Internet
through our firewall, and it's an Appliance.

Want to really be shocked, I can do the same with a simple NAT appliance
like a Linksys BEFSR41 - I can log ever internet access you make by
IP/Port and even resolve the DNS for it, oh, and I can email the logs to
myself every 24 hours for review, without being at the router or the
workstation. Please note, when I talk Firewall I'm not talking NAT
Routers, but I wanted you to know that even simple NAT routers provide
the logging you didn't know about.

I don't have to reset or reboot the firewall appliances except in rare
instances. As an example, I can install a new HTTP Proxy rule for
outbound, then setup 2 inbound FTP rules, change the inbound SMTP to
filter attachment XYZ from inbound email, and then change the rules for
what ports/ip user X can access through his VPN connection all without
having to reboot/reset the firewall. About the only time I reboot the
firewall is for Firmware updates - my personal WatchGuard Firebox has
almost 300 days up time on it. 

-- 
spam999free@rrohio.com
remove 999 in order to email me

Relevant Pages

  • Re: D-Link 604 Router
    ... > I can filter outbound connections using URL filtering using something ... > firewall software or hardware and no router, ...
    (comp.security.firewalls)
  • Re: Hardware Firewall Recommendation
    ... Deny Java Applets ... Web Blocker Schedule - enable/disable at programmed times ... Web Blocker non-Operational Controls (what to filter when OFF) ... block .EXE you never have to go back and update the firewall to keep ...
    (comp.security.firewalls)
  • Re: BLOCKING IPs
    ... In the NAT/Basic firewall tab, ... In the right pane of the windows, right click Network connections. ... click Inbound filter. ... > If you are using SBS 2003 Premium, you can use ISA server to block this ...
    (microsoft.public.windows.server.sbs)
  • Re: FIREWALL CHECK
    ... at all (windows firewall). ... The job of a real FW, which I don't consider some 3rd party personal FW/packet filter or even Vista's FW/packet filter to be a FW is not to stop malware. ... A packet filtering FW router, FW appliance or host based software FW running on a secured gateway computer jobs are not to be stopping a malware program running on some computer. ... In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. ...
    (microsoft.public.windows.vista.security)
  • Re: ZoneAlarm and AVG cause "Shut Down" to Fail
    ... A second effect is, that before Windows XP SP2, "Personal Firewalls" had ... packet filter for Windows looks like a very good idea, ... It's idiotic from Microsoft to start so many servers, ... "Your Personal Firewall saved you from an attack again!!!1!11". ...
    (comp.security.firewalls)