RE: Application Proxy/L7 Firewall Recommendation?

[ark () eltex ru]

-----BEGIN PGP SIGNED MESSAGE-----

nuqneH,

"Noonan, Wesley" <Wesley_Noonan () bmc com> said :

> Microsoft ISA Server <gasp, he didn't really mention a non-*nix based
> product, much less a Microsoft product did he> :-)
>
> Actually, you really can use Microsoft ISA Server for this in various
> configurations.

As well as any other firewall system.
No ISA advantages here.
 
> Blocking Instant Messenger and other apps - article assumes that you are
> running the ISA client software:
> http://www.isaserver.org/pages/article.asp?id=215 

There are 2 techniques described here:
blocking by windows executable name - trivial and trivial to bypass
blocking by destination IPs - ...
 
> Also, it looks like the hard core content filtering may come best via
> partners running on top of ISA, for example GFI:
> http://www.microsoft.com/isaserver/partners/contentsecurity.asp
>
> You can also use URLscan to do content filtering, but it is not officially
> supported (MS really pushes the partners to do this function the "right"
> way).
>
> If you want more info, check out www.isaserver.org. It is a really good ISA
> reference site.

None of those will do things requested by original poster.

(actually there is no reliable way to do, though technique implemented in
zorp seems to be the best)

> Wes Noonan, MCSE/CCNA/CCDA/NNCSS
> Senior QA Rep.
> BMC Software, Inc.
> (713) 918-2412
> wnoonan () bmc com
> http://www.bmc.com
>
>
> > -----Original Message-----
> > From: Jeff Newton [mailto:Jeff_Newton () pmc-sierra com]
> > Sent: Wednesday, September 04, 2002 21:44
> > To: firewall-wizards () honor icsalabs com
> > Subject: [fw-wiz] Application Proxy/L7 Firewall Recommendation?
> >
> >
> > Can anyone suggest or recommend a sophisticated application-layer proxy?
> >
> > I'm interested in anything particularly adept at scrubbing HTTP of
> > instant message, file sharing, and remote access applications that
> > tunnel to bypass traditional security measures.
> >
> > Cheers,
> >
> > --
> > Jeff Newton, CISSP
> > Information Security Analyst
> > PMC-Sierra Inc.
> >
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards () honor icsalabs com
> > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i

iQCVAwUBPXx7haH/mIJW9LeBAQGOBgQAh38qejteIiQnMop8IbshC3PhkMaaybkp
PCJZzApcHgDnnux1vHgQFV0BiiHWBbtejfh/emtFZnJM5zE+Wk7gz4B1nkfyITD+
bdNdBWIiZ/ZX+//+LUJUugwXWTKmVN9yH9HpQPe1D+JaDg8pDJTvXq3VzwNIXMIL
k+osn+UtUVc=
=Zj2F
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards