Solved

websense URL integration

Posted on 2007-03-28
8
380 Views
Last Modified: 2007-12-19
I currently have websense installed as a standalone install and all is great and working fine.  I am considering integrating my cisco device to the websense.  If I do this does this mean that the traffic that is passed to the cisco device will forward to the websense server before it is allowed out to the Interent.  I have a VPN that is connected to the Cisco device and am curious if I integrate websense it will filter this traffic too.
0
Comment
Question by:dtooth71
  • 4
  • 3
8 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 18810724
URL Filter function does not forward all traffic.  It passes the URL and looks for authorization and then allows or denies.

Your VPN users traffic will not be filtered if you have split tunneling.  It will be filtered if you force their web traffic through the cisco device doing the URL filtering.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18810778
Assuming that your Cisco device is a PIX firewall, you can create filter exceptions so that traffic to the remote site is not filtered through WebSense..
0
 

Author Comment

by:dtooth71
ID: 18815583
the VPN tunnels are slit tunneled...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 79

Expert Comment

by:lrmoore
ID: 18815715
You didn't provide the information I was looking for. Is it a PIX firewall as your VPN endpoint?
If yes, and you enable URL Filtering, then you simply create an exception list for the remote ip subnet so that traffic does not get filtered.
0
 

Author Comment

by:dtooth71
ID: 18815887
well it is a asa and I want to filter the URL I dod not want to make an exception
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 18816008
OK, then just don't make any exception and all http traffic, even through the VPN tunnel, will be filtered.
hostname(config)# url-server  host 10.0.1.1
hostname(config)# filter url 80 0 0 0 0   <== all these 0's means "everything"


0
 

Author Comment

by:dtooth71
ID: 18816220
ok, so if I enter those commands and substitute the 10.0.1.1 with the websense server all VPN traffic will be filtered, split-tunnel included?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18816301
Well, that depends...
>I have a VPN that is connected to the Cisco device
Is this a VPN client, or is this a Lan-Lan vpn tunnel?

If it is a VPN client, then no, no web filtering takes place. The only way to accomplish this is to disable split-tunneling and use Websense as a proxy for your VPN clients.

If it is a L-L tunnel, then any http traffic from your network to www servers on the remote network is filtered.

Is your goal to actually filter the traffic, or determine if your traffic will be filtered when you connect via VPN client with split-tunneling enabled?
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question