Paul.
Are you running NG, any issues I should know with WebSense and NG. I'm
integrating Websense and NG for the first time next week.
Daniel Samaan
Technical Security Consultant
CCSE, CCNA, CSPFA, CSVPN, CCA, MCSE+I
Cell: (847) 274-2034
[EMAIL PROTECTED]
---------------------------------------------------------------------
Forsythe Solutions
5440 W. Fargo Avenue
Skokie, IL 60077
www.forsythesolutions.com
Building cost-effective IT infrastructure that organizations trust.
|---------+---------------------------------------------->
| | "Mills, Paul" |
| | <[EMAIL PROTECTED]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[EMAIL PROTECTED]|
| | kpoint.com> |
| | |
| | |
| | 02/18/2003 11:26 AM |
| | Please respond to Mailing list for |
| | discussion of Firewall-1 |
| | |
|---------+---------------------------------------------->
>----------------------------------------------------------------------------------------------|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| Subject: Re: [FW-1] Problem using Websense and UFP cache question
|
>----------------------------------------------------------------------------------------------|
I've been told by Check Point Engineers that the cache is either 2 hours or
24 hours. I have yet to figure out which.
The same Engineer told me that it is a setting in the objects.C file
somewhere (4.1 SP5)
Paul Mills
Check Point Certified (CCSA, CCSE)
Information Security Analyst
-----Original Message-----
From: David Glosser [mailto:[EMAIL PROTECTED]]
Sent: Sunday, February 16, 2003 2:14 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Problem using Websense and UFP cache question
I've been told it affects logging. Additionally, once a site is
"permited", it will remain that way for as long as
it remains in cache. If we let a site through for a single user with
a reserved DHCP address, and that user
visits the site, it will now be available for *all* users for as
long as it remains in cache.
Turning on the "one request" parameter, as well as creating a
"websense bypass" group above the websense
rule, removed 99% of all our problems with websense.
Does anyone have any information about the UFP caching control?
Specifically,
1. Is there a way to see what is in the cache?
2. Is there a parameter to control the size of the cache?
3. Is there a way to "prepopulate" the cache with certain entries?
Thanks
David Glosser
----- Original Message -----
From: Mills, Paul
To: [EMAIL PROTECTED]
Sent: Wednesday, February 12, 2003 11:38 AM
Subject: Re: [FW-1] Problem using Websense (Internet Management
software) with Firewall 1 sp5
It is a flaw with the HTTP Security Server in FW-1.
Open the Policy Editor
Click Manage -> Resources
Double-click on your URI resources that represents Websense
Click the Match tab
On UFP Caching Control select "VPN-1 & Firewall-1 (one request)"
Click OK
Click Close
Save and install the policy
It's my understanding that this will affect your Websense logging
but I haven't been able to verify that without a doubt.
Good Luck,
Paul Mills
Check Point Certified (CCSA, CCSE)
Information Security Analyst
-----Original Message-----
From: Richard Collins [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 12, 2003 9:48 AM
To: [EMAIL PROTECTED]
Subject: [FW-1] Problem using Websense (Internet Management
software) with Firewall 1 sp5
I've run into a problem trying to update our internal LAN PC's
to Microsoft's Update site when using the Websense software.
Removing all restrictions on the Websense package still
prevents updates and can only be accomplished by opening the
internal network rule on the firewall to http anywhere.
I've been told by a Websense techie that the FW1 isn't passing
the entire instruction back to the Microsoft server and it
hangs waiting for the rest before beginning to download.
If this has been discussed before, I apologize but would
appreciate any help from anyone that has solved this problem.
Thanks in advance,
RT Collins
Oak Park, Illinois
--------------------------------------------------------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you have received this email in error please notify the
originator of the message. This footer also confirms that this
email message has been scanned for the presence of computer viruses.
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
