|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Problem using Websense and UFP cache question
4.1 SP5 but we'll soon go to either NG FP2 or NG FP3...depending on how many problems I see on this list. Paul Mills Check Point Certified (CCSA, CCSE) Information Security Analyst -----Original Message----- From: Daniel Samaan [mailto:[email protected]] Sent: Tuesday, February 18, 2003 2:52 PM To: [email protected] Subject: Re: [FW-1] Problem using Websense and UFP cache question Paul. Are you running NG, any issues I should know with WebSense and NG. I'm integrating Websense and NG for the first time next week. Daniel Samaan Technical Security Consultant CCSE, CCNA, CSPFA, CSVPN, CCA, MCSE+I Cell:[email protected] --------------------------------------------------------------------- Forsythe Solutions 5440 W. Fargo Avenue Skokie, IL 60077 www.forsythesolutions.com Building cost-effective IT infrastructure that organizations trust. |---------+----------------------------------------------> | | "Mills, Paul" | | | <[email protected]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[email protected]| | | kpoint.com> | | | | | | | | | 02/18/2003 11:26 AM | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |---------+----------------------------------------------> >--------------------------------------------------------------------------- -------------------| | | | To: [email protected] | | cc: | | Subject: Re: [FW-1] Problem using Websense and UFP cache question | >--------------------------------------------------------------------------- -------------------| I've been told by Check Point Engineers that the cache is either 2 hours or 24 hours. I have yet to figure out which. The same Engineer told me that it is a setting in the objects.C file somewhere (4.1 SP5) Paul Mills Check Point Certified (CCSA, CCSE) Information Security Analyst -----Original Message----- From: David Glosser [mailto:[email protected]] Sent: Sunday, February 16, 2003 2:14 PM To: [email protected] Subject: Re: [FW-1] Problem using Websense and UFP cache question I've been told it affects logging. Additionally, once a site is "permited", it will remain that way for as long as it remains in cache. If we let a site through for a single user with a reserved DHCP address, and that user visits the site, it will now be available for *all* users for as long as it remains in cache. Turning on the "one request" parameter, as well as creating a "websense bypass" group above the websense rule, removed 99% of all our problems with websense. Does anyone have any information about the UFP caching control? Specifically, 1. Is there a way to see what is in the cache? 2. Is there a parameter to control the size of the cache? 3. Is there a way to "prepopulate" the cache with certain entries? Thanks David Glosser ----- Original Message ----- From: Mills, Paul To: [email protected] Sent: Wednesday, February 12, 2003 11:38 AM Subject: Re: [FW-1] Problem using Websense (Internet Management software) with Firewall 1 sp5 It is a flaw with the HTTP Security Server in FW-1. Open the Policy Editor Click Manage -> Resources Double-click on your URI resources that represents Websense Click the Match tab On UFP Caching Control select "VPN-1 & Firewall-1 (one request)" Click OK Click Close Save and install the policy It's my understanding that this will affect your Websense logging but I haven't been able to verify that without a doubt. Good Luck, Paul Mills Check Point Certified (CCSA, CCSE) Information Security Analyst -----Original Message----- From: Richard Collins [mailto:[email protected]] Sent: Wednesday, February 12, 2003 9:48 AM To: [email protected] Subject: [FW-1] Problem using Websense (Internet Management software) with Firewall 1 sp5 I've run into a problem trying to update our internal LAN PC's to Microsoft's Update site when using the Websense software. Removing all restrictions on the Websense package still prevents updates and can only be accomplished by opening the internal network rule on the firewall to http anywhere. I've been told by a Websense techie that the FW1 isn't passing the entire instruction back to the Microsoft server and it hangs waiting for the rest before beginning to download. If this has been discussed before, I apologize but would appreciate any help from anyone that has solved this problem. Thanks in advance, RT Collins Oak Park, Illinois ---------------------------------------------------------------------------- ---------------------------------------- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the originator of the message. This footer also confirms that this email message has been scanned for the presence of computer viruses. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
