Port blocking with PIX and Websense 1

[netadmin65]

I'm trying to block ports using the "Protocol Sets"
policies in Websense, adding the necessary ports in
the "Protocols" section.

First of all, yes, I know I can use access lists in
the PIX to do the same thing, but it is much easier
to do it in WebSense.

The problem is, that the PIX will only block what
it sees in the "filter" commands, which as of now, are
only HTTP, HTTPS, and FTP.

Is there a way that the PIX (using Websense) can
block the ports listed under the sub-headings in
the "Protocols" section in WebSense?

 

[netadmin65]

I may have already answered my question, but I do
need verification on this:

I think I'll be able to do port blocking from
a machine set up as a WebSense "Network Agent".

Would someone please confirm this?

Thanks

 

[Lockdown]

We use Websense with the Network agent to block ports and protocols on the Pix, what you need to do is configure the Network Agent to be able to see all the traffic on your internal Pix interace. We do this on a managed switch using monitor ports, switches by default wont do this for you.

You then configure your protocol rules in Websense to block / allow as you desire, then test using standard applications such and Messenger and music downloads.

The network agent when you install it, comes with a test to see if it can see your network traffic. Hope this all helps.

Regards

Terry

 

[netadmin65]

Hi lockdown.

I gave you a star. This appears to work fine.
The star is for telling me about the network test.