I am using PIX-515E vers. 6.5 0firewall in my network. However I want to dynamically filter some URL such as malicious sites and redirect those Url to the syslogserver or another server. Is it possible? Many tanks in advance?
Re: How to filter http, smtp in PIX-515E firewall?
Thats too much to ask form a PIX 515E (6.x).
What you can use is a websense 3rd party filtering device (smartfilter, websense etc..) or AIP/CSC SSM modules to do these advanced URL filtering and logging. ABout blocking SMTP , you can use ACLs on the inside ifc (inbound direction) to allow PORT 25 traffic only to/from your MAIL SERVER and block all other port 25 traffic. By using the keywork log at the end of the 2nd and 3rd ACEs, you are making sure that whenever any host OTHER THAN THE SMTP SERVER tries to send/receive emails , a log will be generated in your SYSLOG SERVER (assuming you have one setup).
Access-list SMTP_BLOCK extended permit tcp host x.x.x.x any eq 25
Access-list SMTP_BLOCK extended deny tcp any eq 25 any log
Access-list SMTP_BLOCK extended deny tcp eq 25 any any log
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...