Block Website and Messenger - URGENT

Unanswered Question
Feb 12th, 2007

Hi All,

I am still new to firewall, I have CISCO PIX 515 firewall. My management asked me to block Yahoo mail, Hotmail, and other websites. Also the asked me many times to block MSN, Yahoo, AIM and other messengers.. How I can do that using pix firewall... this is very urgent for me...

Thanks,

Rami

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rleivaoc Mon, 02/12/2007 - 23:26

If you are running 7.2 you can block IM using the "inspect IM" feature. Here is a link that shows the "inspect IM" command options, http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/cmd_ref/i2_711.htm#wp1658250

However, I don't think it supports all the IM programs. If you wish to block more, you will need to create an ACL to block those application ports.

Now, for filtering Yahoo, and Hotmail email websites, you will need to either get a Websense solution or the Cisco CSC module, both have very good HTTP filtering options. I hope this helps.

ramiqutub Mon, 02/12/2007 - 23:38

Thanks for the reply. I am using version "Cisco PIX Security Appliance Software Version 7.0(2)".

As for the websense, I will take a look and get back to you if I have more questions.

Thanks, many thanks

daviddtran Wed, 02/14/2007 - 19:13

I could not help but jumping into this conversation.

Yes, Pix 7.x can block Yahoo or MSN using http

port; however, it can NOT block other IM traffics such as ICQ or AOL IMs. These IMs

APPs can use ports such as telnet (23) or

smtp (25) to connect to the server. Pix/ASA

will not be able to accomplish what you

requested. What you really need is a

checkpoint firewall. The SmartDefense which

is integrated into CP firewall that can block

these IMs in a heartbeat.

As far as blocking sites such as yahoo or

hotmail, again, I don't think pix/ASA is

capable of doing that. Again, what you need

is a Checkpoint or Juniper Firewalls that

is capable of doing just that. You can

specify domain as the destination and the

firewall will do a reverse dns lookup and

drop connections to yahoo or hotmail in a

heartbeat.

Actions

This Discussion