Re: [FW1] Firewall Virus Checking

[Yves Belle-Isle]

Title: RE: [FW1] New worm on the road?

Yes all Security server (HTTP, SMTP and FTP) works in proxy mode so the firewall becomes the apparent source of all packet processed   And if you use HTTP to filter virus to your inside web server he will log all acces to your web server comming from the FW not the remote browser.   In your case as it is browsing to outside web server it should be not a problem than the FW mask your internals address and seems to be the sole browser...   Yves Belle-Isle ----- Original Message ----- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 27, 2001 19:58 Subject: [FW1] Firewall Virus Checking We implemented some of the URI code on our Nokia Checkpoint Firewall-1 box to check for virus's.   I have Elron Software's Internet manager on the outside of the firewall monitoring HTTP traffic.   Immediately after we installed the URI code, we noticed all the HTTP traffic going out of our firewall had a source ip address of the firewall.   I was going to move the monitor back inside the network, but realized we have a quad adapter on the box, so I would not be monitoring some of the workstations activity.   Is this the way it is supposed to work?   Thanks, Dennis Longnecker