Pages

2/20/2004

Cisco Firewall::FILTERing URL's::Westlaw

Updated
Using either N2H2 or Websense content filtering server with the Cisco firewall (v6.3.3) url-server and filter url commands is a great way to employ URL filtering to objectionable sites. However we experienced a strange issue with Westlaw's research site. At www.westlaw.com users logon and do legal research and choose to print. Interestingly, the printing happens on WestLaw provided printers that are "attached" to the Westlaw service network via modems. Even though this printing is "internal" to Westlaw some print jobs fail for some reason when using url filtering on the firewall. It must create some really odd url to launch the print job and some of these url's must be crapping out at the firewall and/or the content filtering server.
A while back in an attempt to implement this filtering a problem arose with long url's. According to the vendors the solution to this issue was to upgrade to latest firewal code. That has been done and those url's that brought this previous issue to light now are working fine. (logon to hotmail.com and transactions at airline reservation sites resulted in some wild-and long-urls.) But now we have this Westlaw thing.
The workaround to the immediate issue is to make an exception to the filter url statement for the following networks at Westlaw:
163.231.237.0/24
167.68.6.0/23
AND167.231.253.0/24

But I fear a deeper issue is learking in there waiting to arise in some situation that doesn't have a clear and simple workaround.

No comments: