Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX and Anit-Virus

Hi ,

Can we integrate Trend micro or any other antivirus software which is approved by cisco with PIX ......?

Thx in advance.

Regds

Anthony

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: PIX and Anit-Virus

Hi Anthony,

Sorry for the late reply. I hope I understood your question.

If you are thinking on the lines of the existing integration of PIX with Websence/N2H2 for url filtering, then,there is no such integration with an AV software.

Thanks,

yatin

Cisco Employee

Re: PIX and Anit-Virus

Anthony,

You might want to take a look at this url for more info on the way the AV plays a role,

http://www.cisco.com/en/US/partner/partners/pr46/pr13/partners_pgm_white_paper09186a00800b0dec.shtml

Hope this helps,

yatin

13 REPLIES
Cisco Employee

Re: PIX and Anit-Virus

Hi Anthony,

Could you please elaborate on what you mean by integrate the AV with the PIX?

Thanks,

yatin

New Member

Re: PIX and Anit-Virus

Hi Yatin ,

Thanks for your reply.The data which goes out or comes inn to the network through the PIX , must be scanned through the anti-virus software. is it possible...?

Thx & Regds

Anthony

Gold

Re: PIX and Anit-Virus

Anthony --

As far I'm aware, the PIX should have no problem handling AV scanned data. I've actually have 10 Mail servers on the inside and are being scanned for AV with McAFee EPO and also have PIX 515 protecting the inside network. So, for your question - AV and PIX Will it work, the answer is yes.

Hope this helps and let us if you need any more help.

New Member

Re: PIX and Anit-Virus

Hi Yatin,

Mailservers loaded with antivirus and pix providing the security will work independantly. but there is requirement that the data going to internet and comming from internet has to be scanned. I will give an example ,,,In PIX we can configure URL filtering server....whenever users types some URL it will be validated by the URL server , redirected by the the PIX that we wil configure in the PIX. some thing in the same way is there any solution for antivirus software....? can u send some document releated..

regds

Anthony

Gold

Re: PIX and Anit-Virus

Anthony --

You are talking about URL Filtering on PIX - Am I correct ? and you have AV software on your inside clients ?

What is your PIX Model and which PIX IOS are your running ?

Thanks --

Gold

Re: PIX and Anit-Virus

Anthony --

Here is a more info. on URL Filtering for PIX :

URL Filtering—PIX Firewall URL filtering is provided in partnership with NetPartners WebSENSE server software. The PIX Firewall will check outgoing URL requests with the policy defined on the WebSENSE server running either on Windows NT or UNIX. Based on responses from the NetPartners server, which matches requests against Web-site characteristics deemed inappropriate for business use, the PIX Firewall either permits or denies connections. Because URL filtering is handled on a separate platform, no additional performance burden is placed on the PIX Firewall

http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/pix_pa.htm

Hope this helps - Jay

Cisco Employee

Re: PIX and Anit-Virus

Hi Anthony,

Sorry for the late reply. I hope I understood your question.

If you are thinking on the lines of the existing integration of PIX with Websence/N2H2 for url filtering, then,there is no such integration with an AV software.

Thanks,

yatin

Cisco Employee

Re: PIX and Anit-Virus

Anthony,

You might want to take a look at this url for more info on the way the AV plays a role,

http://www.cisco.com/en/US/partner/partners/pr46/pr13/partners_pgm_white_paper09186a00800b0dec.shtml

Hope this helps,

yatin

New Member

Re: PIX and Anit-Virus

Hi Yatin,

Thx for the info , this will give a workaround solution.

Regds

Anthony

New Member

Re: PIX and Anit-Virus

Hey Yatin,

Is there a public version of that document? My CCO login won't work there.

New Member

Re: PIX and Anit-Virus

Hey Anthony,

Netscreen, Symantec, and Checkpoint offer scanning traffic through the firewall for viruses. If you like the PIX, you may prefer the Netscreen over Symantec & Checkpoint.

Hey Cisco guys; how about some virus scanning for the PIX?

New Member

Re: PIX and Anit-Virus

I know eh! You would think by now cisco would integrate that feature in their

product instead of losing business to other vendors.

They have the url scan feature why not a virus scan as well or even better

produce their own line of virus engine much like what they have for

the vpn concentrator or IDS. (Something to think about)

New Member

Re: PIX and Anit-Virus

That would seem like no easy task. The PIX would have to had off the packets containg the data that needed to be scanned to some AV appliance...which would have to do the scan, alter if necessary and then relay it back to the PIX for delivery. I am certain it can be done...but may take some effort. BTW...weren't the AV manufacturers supposed to build AV appliances that did this sort of thing???

217
Views
10
Helpful
13
Replies