Blocking people from accesing Proxy servers on net

Unanswered Question
Feb 26th, 2010
User Badges:
hii
i have a question ...
suppose i apply the policy to allow only http and https traffic from  router and
blocking all other traffics but before allowing http traffic i list the  some of the website like "facebook" not allowing people in company to  visit these social website ...but what if they go to some proxy website  originate traffic from there to the facebook ???....like cooltunnel.com  is there any policy to block that to????



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Sun, 02/28/2010 - 19:17
User Badges:
  • Cisco Employee,

Besides blocking cooltunnel.com as well, I can't think of anyother way to block this.


-KS

p.charalambous1 Sun, 02/28/2010 - 23:34
User Badges:

You could use Modular Policy Framework on ASA and filter HTTP traffic based on url content, I think it could solve your problem.

Even if they use a proxy, the HTTP traffic destined to facebook will be inspected by the ASA MPF and drop it.

trustcisco Mon, 03/01/2010 - 05:24
User Badges:

Actually this is very difficult and time consuming if you want to do this with the ASA.


Either buy CSC-SSM module for the ASA and configure it accordingly or use a web security gateway like ironport.

Actions

This Discussion