Options
Websense integrated with ASA
datchcha
Member Posts: 265
I have purchased Websense which can be imtegrated with my ASA, but before i deploy this. Is there a way to have the 'stand alone' version of Websense block ip addresses in addition to domian names?
thank you
dat.
thank you
dat.
Arrakis
Comments
-
Options
Ahriakin
Member Posts: 1,799 ■■■■■■■■□□
Not sure about Websense itself but you could install a software firewall to the server it's running on and simply write a block rule for the host (presuming you mean you are using it as in Proxy mode). But there is probably a way to block a specific host inside it.We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place? -
Optionsrbutturini
Member Posts: 123
Yeah you should be able to do this by creating a policy for it.
-
Options
LOkrasa
Member Posts: 343 ■■■□□□□□□□
When you say standalone do you mean Websense running on a standalone server or do you mean the version like WebSense Express or Enterprise? -
Optionsdatchcha
Member Posts: 265
Stand alone version, "Enterpirse Edition". I have my proxy server 'websense' configured and running, and i am monitoring traffic with Wireshark, but i still have users hitting sites which download like 10mb in a 4 mininute process. Before I had the option in IE to detect proxy select i saw this IP addresses and most of them are Social sites or online music/video which do not fall under the Websense database. To make matter worst, i have not clue of the domain names, becuase when i use Arin.net to check, i get results like Qwest, so i guess the sites are hosted on vurtial servers or soemthing of the like.LOkrasa wrote:When you say standalone do you mean Websense running on a standalone server or do you mean the version like WebSense Express or Enterprise?
Hey saw you are in G.burg maryland, you are right up the street from me...Waht do you have to say about DC United 0 - 3 lost, and not to mention their 6th straight lost in a row...dark times for us...thanks...love the Polska image!!!! recognize!!!
thanks againArrakis -
OptionsLOkrasa
Member Posts: 343 ■■■□□□□□□□
datchcha wrote:
Stand alone version, "Enterpirse Edition". I have my proxy server 'websense' configured and running, and i am monitoring traffic with Wireshark, but i still have users hitting sites which download like 10mb in a 4 mininute process. Before I had the option in IE to detect proxy select i saw this IP addresses and most of them are Social sites or online music/video which do not fall under the Websense database. To make matter worst, i have not clue of the domain names, becuase when i use Arin.net to check, i get results like Qwest, so i guess the sites are hosted on vurtial servers or soemthing of the like.LOkrasa wrote:When you say standalone do you mean Websense running on a standalone server or do you mean the version like WebSense Express or Enterprise?
Hey saw you are in G.burg maryland, you are right up the street from me...Waht do you have to say about DC United 0 - 3 lost, and not to mention their 6th straight lost in a row...dark times for us...thanks...love the Polska image!!!! recognize!!!
thanks again
I do not think you can block up just IP alone but you can do that on the ASA itself via ACL. In order to block by domain name - Login to the Policy Server, Filter Definitions > Custom URLS > Choose Category and click Add. Type in the domain and add it in... This should be enough to be able to add in the domain to be blocked.
Another option is that you can block by protocol set so you can block Streaming Media, P2P File Sharing/etc...
Don't follow MLS because it literally puts me to sleep... way too slow. I watch the EPL alot but mostly Intl. games if they are on. I am from Poland so yeah I love the NT and especially Janczyk (guy in picture).