I am trying to use Websense for URL filtering of Intranet pages. Pls see the details below and suggest if possible. The config from PIX is fine as I am able to see logs on Test Log server.
Clients are identified based on IP addresses and a policy should be made to permit authorized access of web apps based on URLs.
Please suggest if Websense can be used for URL filtering of Intranet made of private IP addresses. The details regarding the setup is as follows.
Firewalls: Two PIX525 in Active-Stdby FO mode. Inside IP 10.100.200.4/24
Mode : Intergarted Cisco PIX firewalls
Version: 6.1.1 with database downloaded (Aug28)
OS : Windows 2003 server
Physical Placement: In the inside zone of firewall. The application servers are currently placed in the same zone. Some Intranet servers will be accessed through DMZ zone also later on through a WAN link.
Physical Conenctivity: Server has 2 NIC. 1 NIC for Management (IP 10.100.200.6)
NIC 2 is used for monitoring (IP address 192.168.0.197/24)
Websense is configured to send block information through NIC 1
A policy is made that allows permitted category. In User defined two sub categories are created ?Allowed? and ?Blocked? and respective custom URLs are created in that. Only ?Allowed? category is permitted and other one blocked.
When respective pages are accessed the Test Log servers shows activity and the disposition comes as Blocked and Allowed URL but the URL that is blocked can also be accessed by user.
Native Integration with Popular User Authentication Services Provides convenient method for authenticating VPN users through native integration with popular authentication services, including Microsoft Active Directory, Microsoft Windows Domains, Kerberos, Lightweight Directory Access Protocol (LDAP), and RSA SecurID (without requiring a separate RADIUS/TACACS+ server to act as an intermediary).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :