Educause Security Discussion mailing list archives
Web Proxy (CISCO Content Engine) risks
From: Jim Moore <jhmfa () CIS RIT EDU>
Date: Mon, 28 Apr 2003 20:36:23 -0400
I am looking into web proxy risks. We have a lab that wants to set up a proxy server, to cache large volumes of web documentation, and I believe some streaming media. The proxy is CISCO Content engine. First, before I ask a dumb question, and reveal my lack of knowledge on web proxies, what are the risks? What can be misconfigured with Content Engine? Second, revealing ignorance, how is SSL handled for things like passwords on web sites, or encryption to ecommerce sites? And related to that, if it is to be used for documentation, can we communicate 50 ways to say, don't hit anything but public content (or make it a policy?) Third, along with the above communication, can we state that this is not an attempt to be big brother. Lastly, there seems to be a technology that would enable pass through of content not aimed at the documentation site, but it requires additional software on the adjacent routers. Something we can't do. Any other suggestions? Any liability risks? This one is one that I wasn't prepared for. Jim -- -- Jim Moore, CISSP, IAM Information Security Officer Rochester Institute of Technology 13 Lomb Memorial Drive Rochester, NY 14623-5603 Telephone: (585)475-5406 Fax: (585)475-7950 The significant problems we face cannot be solved at the same level of thinking we were at when we created them. -Albert Einstein- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Web Proxy (CISCO Content Engine) risks Jim Moore (Apr 28)
- <Possible follow-ups>
- Re: Web Proxy (CISCO Content Engine) risks jack suess (Apr 29)