RE: Websense protocol Version 4?

["Paul Melson" <psmelson () comcast net>]

The WebSense protocols are proprietary, and not publicly available (at least
that I've seen).  There also appear to be differences between the WebSense
protocol used for PIX firewalls and the one used for Check Point firewalls
(UFP).

Port 15868 listens for the actual url-filter requests from the firewall and
issues a response code based on matching.  Port 15871 is something like an
HTTP server and issues an alert that is inserted in-stream to the browser,
letting the user know that WebSense has blocked the URL they've requested.

PaulM

-----Original Message-----
Subject: [fw-wiz] Websense protocol Version 4?

I see from PIX and Websense documentation that the recommended configuration
for URL filtering is to use the following PIX command:
  url-server host <IP-NUMBER> protocol UDP version 4

Websense and PIX can also be configured to use a TCP protocol.

Are either of these protocols documented anywhere?
I searched both Cisco and Websense, but did not see specifications for the
communication protocol between the PIX and the filter engine.

Information on the Websense site shows that V4.x uses port 15868 for the
"Filtering service", and 15871 for blocking messages, but does not document
the protocol itself.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards