cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
837
Views
0
Helpful
4
Replies

ASA/PIX Websense filter exception functionality

paulhignutt
Level 1
Level 1

So when you use the "filter url exception" command, does the firewall still inform the Websense server of the URL and just allows it out. Or does the firewall totally not report on URLs from those addresses to Websense?

4 Replies 4

abinjola
Cisco Employee
Cisco Employee

To accomplish URL filtering, pix can be configured with

> Websense (www.websense.com) or N2H2 (www.n2h2.com) in this way:

>

> a)A client establishes a TCP connection to a web server.

> b)The client sends an HTTP request for a page on this server.

> c)The pix intercepts this request and hands it over to the

> filtering server. d)The filtering server decides if the

> client should be allowed access to the requested page. e)If

> the decision is positive, the pix forwards the request to the

> server and the client receives the requested content. f)If

> the decision is negative, the client's request is dropped.

>

> NOTE: Websense works with pix version 5.3 onwards and N2H2

> works with pix version 6.2 onwards. These can only perform

> HTTP filtering not FTP or HTTPS. Although for blocking ftp

> sites, a URL like ftp://ftp.somedomain.com can be entered.

however pix do not report the query to websense when you run the exception command

hope it answers your Query

Actually in step c) the pix will send the request to the web server as well as checking with the filtering server to see if it is permitted. Then in step f) if the response is negative, the pix will drop the return packet from the web server.

ronj
Level 1
Level 1

No the exception command removes websense from that traffic.

rextillojr
Level 1
Level 1

The firewall doesn't inform Websense, it just allow the traffic.

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: