Quote:
Originally Posted by justin.knox  I used a URI file for a very short time for blocking some sites that management had deemed a breach of the AUP here. Two things became readily apparent:
1) The URI file solution is very inflexible, both from a scalability and management standpoint
2) Using domains, while they should be quite permissible, does present a performance bottleneck. This came to the point where I was getting false positives, and normal browsing became a chore.
My experience is rather limited with Check Point, but I've been considering using Websense or similar here. Whether or not management agrees is another story entirely. As a work around we've got logging enabled for http and https and a cross-reference file which gives us username vs hostname on the inside. That way with Tracker we can filter by a period of time (say a week) and find anything people should or shouldn't be doing.
HTH |
The URL filtering capabilities in VPN-1 are quite rudimentary and haven't been enhanced in many years. Far better to go with SurfControl or WebSense. Those are "real" solutions.