I've been told it affects logging. Additionally, once a site
is "permited", it will remain that way for as long as
it remains in cache. If we let a site through for a
single user with a reserved DHCP address, and that user
visits the site, it will now be available for *all* users for as long as it remains in cache.
Turning on the "one request" parameter, as
well as creating a "websense bypass" group above the websense
rule, removed 99% of all our problems with websense.
Does anyone have any information about the UFP caching
control? Specifically,
1. Is there a way to see what is in the cache?
2. Is there a parameter to control the size of the
cache?
3. Is there a way to "prepopulate" the cache with certain
entries?
Thanks
David Glosser
----- Original Message -----
Sent: Wednesday, February 12, 2003 11:38
AM
Subject: Re: [FW-1] Problem using
Websense (Internet Management software) with Firewall 1 sp5
It is a flaw
with the HTTP Security Server in FW-1.
Open the Policy
Editor
Click Manage
-> Resources
Double-click on
your URI resources that represents Websense
Click the Match
tab
On UFP Caching
Control select "VPN-1 & Firewall-1 (one request)"
Click
OK
Click
Close
Save and
install the policy
It's my
understanding that this will affect your Websense logging but I haven't been
able to verify that without a doubt.
Good
Luck,
Paul
Mills Check Point Certified (CCSA, CCSE) Information Security
Analyst
I've
run into a problem trying to update our internal LAN PC's to Microsoft's
Update site when using the Websense software. Removing all restrictions on the
Websense package still prevents updates and can only be accomplished by
opening the internal network rule on the firewall to http
anywhere.
I've
been told by a Websense techie that the FW1 isn't passing the entire
instruction back to the Microsoft server and it hangs waiting for the rest
before beginning to download.
If
this has been discussed before, I apologize but would appreciate any help
from anyone that has solved this
problem.
Thanks
in advance,
RT
Collins
Oak
Park, Illinois
|