My client has an SA 540 running 2.1.71 firmware. A trial version of Websense Filtering is installed on a server connected to the SA 540's port 8. The server network card is configured in promiscuous mode. All LAN traffic from stacked network switches comes in on the SA 540's port 1. Websense needs to see that traffic, so all ports on the SA 540 are mirrored or spanned to port 8. Websense sees nothing but its own traffic.
Does port span work on the SA 540? It does not appear to work. Can anyone tell me how to confirm whether it is working or not?
Yes, the port span issue has been resolved. Thank you for asking. It does work just fine. What doesn't work very well is Websense sales and technical support. Websense sales told me their latest filtering product works on a Hyper-V VM with all components installed on the VM. A Websense knowledge base article said essentially the same thing.
Through research I found that you cannot put a Hyper-V VM NIC in promiscuous mode (you can using VMware). A NIC in promiscuous mode is necessary to see traffic on the spanned port. That was the first bit of misinformation. Then for test purposes I thought I would move the blocking and filtering software to the physical Hyper-V host. I called Websense technical support for assistance, and they said it wouldn't work either. The Websense tech even did the installation, and sure enough, it didn't work. I told him it should, and I could not see why it didn't. The call was ended, and I went back to the server to reconfigure the filtering and blocking software on the Hyper-V host. Guess what. It does work.
Moral of the story – don’t believe everything you hear. The Websense evaluation is going well, and now we can see all of the time wasting Internet activity that goes on.
A VPN or Virtual Private Network is a secure network over an unsecure
environment like internet. The VPN allows the remote clients to access
the internal network resources (private network) over the Internet
(public). These are the most common VPN article...
ISA500 series small business integrated security appliances can be
accessed, monitored and managed remotely. The below articles will give
you an insight of remote administration settings on ISA500 series
devicesCisco OnPlus Settings on ISA500 Series Integ...
Captive portal is an additional authentication step that can used for
both guests and authenticated users. Clients will see a special web page
for authentication purposes before they are allowed to use the internet
normally. Captive portal makes use of th...