i thought a firewall WAS a content filter? i don't understand please elucidate On Wed, 6 Jun 2001, David Ishmael wrote: > Yeah, I've heard the same thing. From my understanding, the best solution > is to have a firewall AND a content filtering tool. You should never use a > content filter as a means of firewalling a network. From what I've read, > doing a firewall/filter solution is secure (if there is such a thing). ;) > > David Ishmael, CCNA, IVCP > Senior Network Management Engineer > Windward Consulting Group, Inc. > Phone: (703) 283-7564 > Pager: (888) 910-7094 > eFax: (425) 969-4707 > Fax: (703) 351-9428 > mailto:dishmael@windwardcg.com > mailto:9107094@skytel.com > > > > > > > -----Original Message----- > From: Ron DuFresne [mailto:dufresne@winternet.com] > Sent: Wednesday, June 06, 2001 4:26 PM > To: David Ishmael > Cc: firewalls@Lists.GNAC.NET > Subject: RE: Content Filtering > > > > Perhaps I've mised updates and such, but, I was of the understanding that > all these sweet little content filters for the web were susecptable to url > obfuscations that allowed one to bypass them. > > Thanks, > > Ron DuFresne > > > On Wed, 6 Jun 2001, David Ishmael wrote: > > > Richard, > > > > Are you looking for a stand-alone application or a combination of > > firewall/content filter? We ran a PIX firewall for a firewall and used (I > > think it was called) WebTrends. The speed was in how it worked. The > > firewall would get a packet destined for bad-site.com and would send the > > packet on as well as a packet to WebTrends asking for the acceptance > policy. > > By the time the response came back from bad-site.com it had already gotten > a > > response from WebTrends to either permit or deny responses from that site. > > If it was allowed the response passed through the firewall, if not the > user > > was sent a custom URL that said that the site was restricted. Highly > > configurable and fast... > > > > I'm sure there are ton's of good stand-alone solutions out there...good > > luck! ;) > > David Ishmael, CCNA, IVCP > > Senior Network Management Engineer > > Windward Consulting Group, Inc. > > Phone: (703) 283-7564 > > Pager: (888) 910-7094 > > eFax: (425) 969-4707 > > Fax: (703) 351-9428 > > mailto:dishmael@windwardcg.com > > mailto:9107094@skytel.com > > > > > > > > > > > > -----Original Message----- > > From: firewalls-owner@Lists.GNAC.NET > > [mailto:firewalls-owner@Lists.GNAC.NET]On Behalf Of Richard Ginski > > Sent: Wednesday, June 06, 2001 2:11 PM > > To: firewalls@Lists.GNAC.NET > > Subject: Content Filtering > > > > > > Hello Everyone, > > > > Sorry in advance for being slightly off topic. > > We are an organization of approximately 4000 users. I have been asked to > > find a technology which can prevent users from browsing bad sites. I am > > somewhat familiar with content filtering products. However, my biggest > fear > > is latency. Can anyone recommend who I should check out regarding content > > filtering products? > > > > PS: If it also prevented the execution of harmful (only harmful) JAVA > > based and Active X based code..it would be a plus. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "Cutting the space budget really restores my faith in humanity. It > eliminates dreams, goals, and ideals and lets us get straight to the > business of hate, debauchery, and self-annihilation." -- Johnny Hart > ***testing, only testing, and damn good at it too!*** > > OK, so you're a Ph.D. Just don't touch anything. > > - > [To unsubscribe, send mail to majordomo@lists.gnac.net with > "unsubscribe firewalls" in the body of the message.] > uram@cmu.edu "Blessed are those who have not seen and yet have faith." - John 20:29 - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]