An easier way to get around trying to build rules for this on your FW is to deploy a gateway server, and proxy all IM connections through it. This way you have a external mechanism to control what your trying to accomplish. This would also allow a bit more monitoring of resources if that is the concern. Do a search on google or whatever for AIM proxy.
-Lyle -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Suresh Rajagopalan Sent: Thursday, May 10, 2007 9:43 AM To: [email protected] Subject: [FW-1] Selective IM filtering I'd like to use Smartdefense to block IM protocols (including IM over HTTP). But I would like to be able to allow IM for certain users. CP support says Smartdefense rules are global and are not available on a per user basis (user-auth/session-auth). Has anyone come up with a workaround for this? We are running NGX R61. Thanks Suresh ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
