Lab Exercise Configure WebSENSE

Complete the following lab exercise to practice what you learned in this chapter.

Objectives

In this lab exercise you will complete the following tasks:

■ Filter malicious active code.

■ Configure the PIX Firewall to work with WebSENSE.

■ Install WebSENSE on a Windows NT Server.

■ Configure WebSENSE to block a web site.

Visual Objective

The following figure displays the configuration you will complete in this lab exercise.

Rip Routing Protocol

Backbone server Inside host

Web, FTP, and TFTP server Web, WebSENSE and FTP server

Backbone server Inside host

Web, FTP, and TFTP server Web, WebSENSE and FTP server

©2000, Cisco Systems.

Task 1: Configure the ACL

Perform the following lab steps to configure the access list to stop web traffic, but to allow other IP traffic through the PIX Firewall:

Step 1 Test connections to 172.30.1.50 by using FTP and HTTP connections.

Step 2 Enter the access-list command to create an ACL that will deny internal network Internet access:

pixfirewall(config)# access-list 101 deny tap any any eq www

Step 3 Enter the access-group command to create an access group that will bind the ACL to an interface:

pixfirewall(config)# access-group 101 in interface inside

Step 4 Test connections to 172.30.1.50 by using FTP and HTTP connections. Step 5 Remove the access-group command:

pixfirewall(config)# no access-group 101 in interface inside

Step 6 Add an additional command to the ACL:

pixfirewall(config)# access-list 101 permit tap any any eq ftp

Step 7 Bind the ACL to an interface by creating an access group:

pixfirewall(config)# access-group 101 in interface inside

Step 8 Test connections to 172.30.1.50 by using FTP and HTTP connections. Step 9 Remove access-list 101 from the PIX Firewall:

pixfirewall(config)# clear access-list

Step 10 Show the access list:

pixfirewall(config)# show access-list

Step 11 Show the access-group:

pixfirewall(config)# show access-group

Task 2: Filter Malicious Active Code

Perform the following lab steps to configure ActiveX and filter Java. You will not be able to test this task:

Step 1 Enter the filter activex command to block ActiveX from any local host and for connections to any foreign host on port 80:

pixf irewall(config)# filter activex 80 0 0 0 0

Step 2 Enter the filter java command to block Java applets:

pixfirewall(config)# filter java 80 0 0 0 0

Step 3 Use the following command to show you the filters:

pixfirewall(config)# show filter filter activex 80 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0

Task 3: Configure the PIX Firewall to Work with WebSENSE

Perform the following steps to configure the PIX Firewall to work with the WebSENSE server:

Step 1 Enter the configure terminal command to enter config mode:

pixfirewall(config)# config terminal

Step 2 Enter the url-server command to designate the WebSENSE server:

pixfirewall(config)# url-server (inside) host 10.0.P.3

Step 3 Show the desinated url-server by entering the following command:

pixfirewall(config)# show url-server url-server (inside) host 10.0.1.3 timeout 5

Step 4 Enter the filter url http command to prevent outbound users from accessing World Wide Web URLs that are designated with the WebSENSE filtering application:

pixfirewall(config)# filter url http 0 0 0 0 allow

Step 5 Display the filter url http command by using the following command pixfirewall(config)# show filter url filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow

Task 4: Install WebSENSE on an NT Server

Perform the following steps to install the WebSENSE software onto the NT server. Accept all of the default settings for the software installation:

Step 1 Double-click the WebSENSE folder located on the desktop of the computer.

Step 2 Double-click wspix303.exe. This begins the installation process for WebSENSE.

Step 3 When the WebSENSE for Cisco PIX window opens, click Nextto continue.

Step 4 Click Yes to accept the terms of the WebSENSE software license agreement.

Step 5 Click Next to accept the default destination folder.

Step 6 Set the password for the server:

Password: cisco Password (again): cisco

Step 7 Click Nextto continue.

Step 8 Click Nextto accept the default port of 18072.

Step 9 Click Nextto accept the default components to install.

Step 10 Click Finish to complete the installation.

Task 5: Configure WebSENSE to Block a Web Site by URL

Complete the following steps to configure WebSENSE to block a web site by URL:

Step 1 Test the HTTP connection to 172.30.1.50 in your web browser.

Step 2 After making sure you can reach this web page, close your browser.

Step 3 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>WebSENSE Control Panel.

Step 4 In the WebSENSE Control Panel, select the Custom URLs tab.

Step 5 In the URL Classification field, select Screen and in the field following the http drop-down menu, enter 172.30.1.50 to block external web sites.

Step 6 Click Add.

Step 7 Click Apply.

Step 8 Click OK. The Restart Server window opens. Step 9 Click OK.

Step 10 Test the HTTP connection to 172.30.1.50. You should not be able to open the web page.

Step 11 Close your browser.

Step 12 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>WebSENSE Control Panel.

Step 13 In the WebSENSE Control Panel, select the Custom URLs tab.

Step 14 In the URLs field, select the rule youjust created and click Remove.

Step 15 Click Apply.

Step 16 Click OK. The Restart Server window opens.

Step 17 Click OK.

Step 18 Test the HTTP connection to 172.30.1.50 You should be able to open the web page.

Step 19 After making sure you can reach this web page, close your browser.

Task 6: Configure WebSENSE to Block a Web Site by Workstation

Complete the following steps to configure WebSENSE to block a workstation by IP address from accessing theInternet.

Step 1 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>WebSENSE Control Panel.

Step 2 From the Workstations tab in the Workstation Override frame, select Always and enter your workstation IP address 10.0.P.3 in the field that follows.

(whereP = pod number)

Step 3 Click Add. Step 4 Click Apply.

Step 5 Click OK. The Restart Server window opens. Step 6 Click OK.

Step 7 Test the HTTP connection to 172.30.1.50. You should not be able to open the web page.

Step 8 Close your browser.

Step 9 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>WebSENSE Control Panel.

Step 10 From the Workstations tab in the Always Blocked frame, select the workstation IP address youjust created.

Step 11 Click Remove.

Step 12 Click Apply.

Step 13 Click OK. The Restart Server window opens. Step 14 Click OK.

Step 15 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>WebSENSE Control Panel.

Step 16 Click the Control tab and then the Stop button to stop the WebSENSE server.

Step 17 Click OK.

Task 7: Reset the PIX Firewall and the WebSENSE Server

Perform the following to reset the PIX Firewall and the WebSENSE server: Step 1 Remove the url-server:

pixfirewall(config)# no url-server (inside) host 10.0.P.3 (where P = your pod number) Step 2 Remove the filter url command:

pixfirewall (conifg)# no filter url http 0 0 0 0 allow

Step 3 Open the WebSENSE Control Panel by choosing Start>Programs>WebSENSE for Cisco Pix>Uninstall WebSENSE for Cisco PIX

Step 4 You are prompted, Are you sure you want to completely remove "WebSENSE for Cisco PIX" and all of its components? Click YES.

Step 5 You are prompted whether you want to Remove Shared File. Click Yes To All.

Step 6 You are then asked to verify that you want to remove the shared file. Click Yes.

Step 7 Click OK.

Step 8 You are prompted to restart you computer. Reboot your computer.

0 0

Post a comment