03-19-2008 11:06 AM - edited 03-11-2019 05:19 AM
So when you use the "filter url exception" command, does the firewall still inform the Websense server of the URL and just allows it out. Or does the firewall totally not report on URLs from those addresses to Websense?
03-19-2008 12:45 PM
To accomplish URL filtering, pix can be configured with
> Websense (www.websense.com) or N2H2 (www.n2h2.com) in this way:
>
> a)A client establishes a TCP connection to a web server.
> b)The client sends an HTTP request for a page on this server.
> c)The pix intercepts this request and hands it over to the
> filtering server. d)The filtering server decides if the
> client should be allowed access to the requested page. e)If
> the decision is positive, the pix forwards the request to the
> server and the client receives the requested content. f)If
> the decision is negative, the client's request is dropped.
>
> NOTE: Websense works with pix version 5.3 onwards and N2H2
> works with pix version 6.2 onwards. These can only perform
> HTTP filtering not FTP or HTTPS. Although for blocking ftp
> sites, a URL like ftp://ftp.somedomain.com can be entered.
however pix do not report the query to websense when you run the exception command
hope it answers your Query
04-28-2008 10:38 AM
Actually in step c) the pix will send the request to the web server as well as checking with the filtering server to see if it is permitted. Then in step f) if the response is negative, the pix will drop the return packet from the web server.
04-25-2008 08:09 AM
No the exception command removes websense from that traffic.
04-30-2008 09:42 PM
The firewall doesn't inform Websense, it just allow the traffic.
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: