[ previous ] [ next ] [ threads ]
 
 From:  "Brandon Kahler" <bkahler at techline dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Web Filtering using Websense/N2H2 integration?
 Date:  Sat, 9 Apr 2005 09:21:25 -0700
Searching the mailing list archive turned up no results for Websense or
N2H2.  The only relevant topics to URL filtering involved proxies such as
Squid.

In the FAQ the author makes note of wanting to replicate commercial SOHO
device functionality.
http://m0n0.ch/wall/docbook/faq-goals.html
I think this is wonderful.  I work in K-12 education in Washington State
supporting mostly rural school districts.  M0n0wall has proved to be a
wonderful alternative for quite a few small to medium districts looking to
reducing costs.

A feature that I would love to see incorporated into m0n0wall is
Websense/N2H2 integration.  I'm not sure if there are licensing issues with
implementing/developing such support.

Here is the Websense link for configuring integration on a PIX:
http://ww2.websense.com/global/en/SupportAndKB/SearchKB/Display.php?faq=336&
plat=all&key=&lang=English

Here is the list of companies that provide integration on their devices:
http://ww2.websense.com/global/en/ProductsServices/PartnerIntegrations/Firew
allSolutions.php

The functionality works something like this:

The client requests a website on port 80
The firewall takes this request, forwards the URL to the specified content
filter server (Websense, N2H2, etc.)
The server compares the URL with its database and rule set (time based
rules, authentication, etc.)
The server then sends back to the firewall instructions to either allow or
deny the requested page.

Unfortunately I don't much about the inner workings of the exchange between
the firewall and the content filter.
Websense works very well in schools and having transparent integration with
the firewall/boarder device makes it easy to deploy.

Thank you,
Brandon Kahler