Zachary,
I wouldn't consider a filter of any kind to be a firewall. Perhaps that's a
mind-set and an overbearing opinion, but I consider router ACL's or software
engines that monitor content (URL's) as filters where I consider hardware or
software that specifically addresses security measures through stateful
inspections as firewalls. Then again, I'm no security expert...
David Ishmael, CCNA, IVCP
Senior Network Management Engineer
Windward Consulting Group, Inc.
Phone: (703) 283-7564
Pager: (888) 910-7094
eFax: (425) 969-4707
Fax: (703) 351-9428
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
-----Original Message-----
From: Zachary Uram [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 06, 2001 6:23 PM
To: David Ishmael
Cc: [EMAIL PROTECTED]
Subject: RE: Content Filtering
i thought a firewall WAS a content filter?
i don't understand please elucidate
On Wed, 6 Jun 2001, David Ishmael wrote:
> Yeah, I've heard the same thing. From my understanding, the best solution
> is to have a firewall AND a content filtering tool. You should never use
a
> content filter as a means of firewalling a network. From what I've read,
> doing a firewall/filter solution is secure (if there is such a thing). ;)
>
> David Ishmael, CCNA, IVCP
> Senior Network Management Engineer
> Windward Consulting Group, Inc.
> Phone: (703) 283-7564
> Pager: (888) 910-7094
> eFax: (425) 969-4707
> Fax: (703) 351-9428
> mailto:[EMAIL PROTECTED]
> mailto:[EMAIL PROTECTED]
>
>
>
>
>
>
> -----Original Message-----
> From: Ron DuFresne [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 06, 2001 4:26 PM
> To: David Ishmael
> Cc: [EMAIL PROTECTED]
> Subject: RE: Content Filtering
>
>
>
> Perhaps I've mised updates and such, but, I was of the understanding that
> all these sweet little content filters for the web were susecptable to url
> obfuscations that allowed one to bypass them.
>
> Thanks,
>
> Ron DuFresne
>
>
> On Wed, 6 Jun 2001, David Ishmael wrote:
>
> > Richard,
> >
> > Are you looking for a stand-alone application or a combination of
> > firewall/content filter? We ran a PIX firewall for a firewall and used
(I
> > think it was called) WebTrends. The speed was in how it worked. The
> > firewall would get a packet destined for bad-site.com and would send the
> > packet on as well as a packet to WebTrends asking for the acceptance
> policy.
> > By the time the response came back from bad-site.com it had already
gotten
> a
> > response from WebTrends to either permit or deny responses from that
site.
> > If it was allowed the response passed through the firewall, if not the
> user
> > was sent a custom URL that said that the site was restricted. Highly
> > configurable and fast...
> >
> > I'm sure there are ton's of good stand-alone solutions out there...good
> > luck! ;)
> > David Ishmael, CCNA, IVCP
> > Senior Network Management Engineer
> > Windward Consulting Group, Inc.
> > Phone: (703) 283-7564
> > Pager: (888) 910-7094
> > eFax: (425) 969-4707
> > Fax: (703) 351-9428
> > mailto:[EMAIL PROTECTED]
> > mailto:[EMAIL PROTECTED]
> >
> >
> >
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Ginski
> > Sent: Wednesday, June 06, 2001 2:11 PM
> > To: [EMAIL PROTECTED]
> > Subject: Content Filtering
> >
> >
> > Hello Everyone,
> >
> > Sorry in advance for being slightly off topic.
> > We are an organization of approximately 4000 users. I have been asked
to
> > find a technology which can prevent users from browsing bad sites. I am
> > somewhat familiar with content filtering products. However, my biggest
> fear
> > is latency. Can anyone recommend who I should check out regarding
content
> > filtering products?
> >
> > PS: If it also prevented the execution of harmful (only harmful) JAVA
> > based and Active X based code..it would be a plus.
> >
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
