[isalist] Re: Possibly OT: Websense, ISA server (proxy mode) and blocking protocols

  • From: "D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR" <DPietruszka@xxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 14 Nov 2007 10:16:21 -0500

> Our main firewall is a Cisco Pix.  We use ISA for proxy server only in a 
> single NIC configuration. 

That is like using a Masserati to go to the grocery store and use the Geo Metro 
to go to your daughter wedding.   But is your choice of course ;-)

 

Logmein is a Java application, there is no protocol you can block, unless you 
block all java applications which I believe is not a great idea. But having 
websense already in place, why you don’t simply go a block *.logmein.com? That 
will fix your problem in 1 minute.

Regarding Google talk, one time I receive an email saying that if you block 
access to these IPs 216.239.37.125, 72.14.253.125, 72.14.217.189 and 
209.85.137.125 on ports 80, 443, 5222 and 5223 you block google talk. But I 
never try it, we block the entire *.google.com

 

Regards

Diego R. Pietruszka

MSC (USA) - Interlink Transport Technologies

 

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andrew Hodgson
Sent: Wednesday, November 14, 2007 9:45 AM
To: isalist
Subject: [isalist] Re: Possibly OT: Websense, ISA server (proxy mode) and 
blocking protocols

 

Hi, 

 

________________________________

   

From: D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR [mailto:DPietruszka@xxxxxx] 
Sent: 14 November 2007 13:44
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Possibly OT: Websense, ISA server (proxy mode) and 
blocking protocols 

 

>You are not allowed to integrated Websense to the firewall and that is why you 
>are using ISA (Is not Isa a firewall?) 

 

Our main firewall is a Cisco Pix.  We use ISA for proxy server only in a single 
NIC configuration. 

 

>Anyway, google and Logmein and regular HTTP or HTTPS traffic, so if websense 
>is blocking other webpages and no this ones, you have something wrong on your 
>websense >configuration. 

>Checking the ISA log connect to Logmein or google, and tell us what you are 
>seeing there. Check the Client username field, since that is most likely your 
>problem. 

 

Websense is blocking websites no problem, it is just the protocols it is not 
blocking.  So, for example, if I go to the Youtube website, I can get in, which 
is fine, but if I try to watch a video, it presents a network error message, 
because Websense has stopped.  This appears to work for most protocols, but 
Google talk and LogMeIn are two examples where it is not working.  I have the 
Websense network service running on the ISA firewall. 

 

This protocol blocking is working for all users as a global policy – I haven’t 
rolled out user based privileges yet. 

 

Thanks. 

Andrew. 

 

 

-- 
allpay.net Limited, Fortis et Fides, Whitestone Business Park, Whitestone, 
Hereford, HR1 3SE. Registered in England No. 02933191. UK VAT Reg. No. 666 9148 
88.

Telephone: 0870 243 3434, Fax: 0870 243 6041. 
Website: www.allpay.net Email: enquiries@xxxxxxxxxx

This email, and any files transmitted with it, is confidential and intended 
solely for the use of the individual or entity to whom it is addressed. If you 
have received this email in error please notify the allpay.net Information 
Security Manager at the number above.

 

Other related posts: