csc ssm not filter https traffic ?

Unanswered Question
Feb 4th, 2010

Hi all,

         i have block sites in csc ssm via http blocking ,but those site can open via https so how can we block sites ,pls ur suggestion may help u .

Regards

Mak pak

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Sun, 02/07/2010 - 09:26

HTTPS filtering is not supported on the CSC AFAIK; the guide reads:

"Traffic moving via HTTPS cannot be scanned for viruses and other threats by the CSC SSM software."

http://ciscosystems.com/en/US/docs/security/csc/csc63/administration/guide/csc4.html

Also I think MPF (regex matching) does not support HTTPS either, as stated here:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940c5a.shtml

I think your only option would be to integrate your firewall with websense or N2H2.

If the website IPs are static (and less is number), you may do a lookup for them and block 443 access to them using access-lists.

Please rate if helpful.

Regards

Farrukh

Actions

This Discussion