Re: [FW-1] Problem using Websense and UFP cache question

To: [email protected]

Subject: Re: [FW-1] Problem using Websense and UFP cache question

From: David Glosser <[email protected]>

Date: Sun, 16 Feb 2003 15:14:00 -0500

References: <BF8EB306059FA640A6FD65F289991ADB09B0C0E5@srvexarl01.acf.americredit.com>

Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>

Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I've been told it affects logging. Additionally, once a site is "permited", it will remain that way for as long as

it remains in cache. If we let a site through for a single user with a reserved DHCP address, and that user

visits the site, it will now be available for *all* users for as long as it remains in cache.

Turning on the "one request" parameter, as well as creating a "websense bypass" group above the websense

rule, removed 99% of all our problems with websense.

Does anyone have any information about the UFP caching control? Specifically,

1. Is there a way to see what is in the cache?

2. Is there a parameter to control the size of the cache?

3. Is there a way to "prepopulate" the cache with certain entries?

Thanks

David Glosser

----- Original Message -----

From: Mills, Paul

To: [email protected]

Sent: Wednesday, February 12, 2003 11:38 AM

Subject: Re: [FW-1] Problem using Websense (Internet Management software) with Firewall 1 sp5

It is a flaw with the HTTP Security Server in FW-1.

Open the Policy Editor

Click Manage -> Resources

Double-click on your URI resources that represents Websense

Click the Match tab

On UFP Caching Control select "VPN-1 & Firewall-1 (one request)"

Click OK

Click Close

Save and install the policy

It's my understanding that this will affect your Websense logging but I haven't been able to verify that without a doubt.

Good Luck,

Paul Mills
Check Point Certified (CCSA, CCSE)
Information Security Analyst

-----Original Message-----
From: Richard Collins [mailto:[email protected]]
Sent: Wednesday, February 12, 2003 9:48 AM
To: [email protected]
Subject: [FW-1] Problem using Websense (Internet Management software) with Firewall 1 sp5

I've run into a problem trying to update our internal LAN PC's to Microsoft's Update site when using the Websense software. Removing all restrictions on the Websense package still prevents updates and can only be accomplished by opening the internal network rule on the firewall to http anywhere.

I've been told by a Websense techie that the FW1 isn't passing the entire instruction back to the Microsoft server and it hangs waiting for the rest before beginning to download.

If this has been discussed before, I apologize but would appreciate any help from anyone that has solved this problem.

Thanks in advance,

RT Collins

Oak Park, Illinois