Firewall Wizards mailing list archives
Re: Content scanning via CVP
From: chuck yerkes <fwwiz () yerkes com>
Date: Fri, 7 May 1999 12:38:10 -0400
What I'm more interest in is what I need in order to create a client. The spec I have has some lovely docs on how to use the API that comes(?) as part of Firewall-1 (I presume). We don't HAVE firewall one. So far, I have some nice words that demonstrate that checkpoint can send things to a CVP server. I don't have anything close to an actual thing that might work. A library and a .h file would be ideal. Checkpoint has not yet replied to queries. Anyone have models of a basic client that can be tweaked to send data to a CVP server? Something I could actually come close to compiling? Thanks for the responses from the 5 or 6 of you that tossed notes, appreciated. Quoting joewee () monkey org (joewee () monkey org):
On Wed, 5 May 1999, chuck yerkes wrote: CVP allows you to do a few things. I am using URI filtering for a client with 400 users behind the firewall. We have a dedicated sparc2 with 48 megs of ram as the CVP server. CVP server should not be the same as the firewall. It runs great with no noticable lag. I have only seen the virus scanning technology used, never configured it myself. But it's extremly transparent. If your worried about people hiding information in pgp files you can always do content filtering and not allow encrypted files to certain networks, for example support and hr shouldn't require encrypted files, should they?
Well, PGP is much less an issue that the "happy blinking x-mas tree binary that also infects your boot sectors" type of thing. The client is aware that there are ways to get past it, the goal is to protect the stupid (and to scan outbound info to protect recipients of data).
Current thread:
- Content scanning via CVP chuck yerkes (May 06)
- Re: Content scanning via CVP joewee (May 07)
- Re: Content scanning via CVP chuck yerkes (May 07)
- Re: Content scanning via CVP Adam Shostack (May 08)
- <Possible follow-ups>
- Re: Content scanning via CVP ark (May 07)
- Re: Content scanning via CVP joewee (May 07)