> I'm not interested in having the firewall handling any proxy filtering. By
> that, I assume you mean web proxy filtering (urls that should be blocked,
> etc.). We already have a proxy product in place that we will be sticking
> with and have been 100% satisfied with. As for packet filtering, are you
> talking about specifically looking at the packet and blocking/allowing
> dependant on the type of packet itself? For instance, would packet
> filtering allow blocking any packet that shows up as someone trying to use
> AIM or KAZAA, etc. Or does that fall under the application filtering
> definition? Just trying to familiarize myself with the exact terms.
>
Folks trying to use some of the newer toys like AIM and KAZAA and others
can be hard to block by port, some tunnel via http. sometimes one
can have the affect of minimizing by port blocking, sometimes
blocking the main sites one has to connect to to 'loging' to these
services works, though this requires that you stay familiar with
those systems, which can and do change on a regular basis. These are best
dealt with via HR, and the AUP each employee signs regarding what is
acceptable, and documanting what happens to those that do not follow policies.
Some folk have found posting violaters to a public internal listing
dramatically reduces effects. you have to decide how much buy in from HR
and the upper mgt folks you can get, and how much work you wish/need to
prevent such toys from being used on and through the corporate network.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
