• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

GFI Download Security Feature Request

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> GFI Download Security Feature Request Page: [1]
Login
Message << Older Topic   Newer Topic >>
GFI Download Security Feature Request - 12.Jan.2005 6:54:00 PM   
JBakels

 

Posts: 78
Joined: 4.Jan.2002
From: Bradenton, FL USA
Status: offline
Currently GFI Download Security requires users to access the internet through the Web Proxy client. For companies that want to use the Firewall client this is a problem. GFI Download Security will not check any files that are transfered throught the Firewall Client. GFI's documentation states this and it is not a fault of either ISA or Download Security.

I would like to see those who would like to see exclusive Firewall support added to Download Security request it by sending and e-mail to info@gfi.com.

If my understanding of this is wrong please correct me.

Thank you,

Jerry
Post #: 1
RE: GFI Download Security Feature Request - 13.Jan.2005 1:01:00 PM   
JasonM

 

Posts: 36
Joined: 11.Mar.2003
From: JHB
Status: offline
As a workaround, can you not achieve this with 2 ISA servers? When you use only the firewall client, the request still gets forwarded to the proxy, which can then be configured to chain to another proxy server which will have GFI DL Security installed.

(in reply to JBakels)
Post #: 2
RE: GFI Download Security Feature Request - 20.Jan.2005 6:07:00 PM   
minerat

 

Posts: 142
Joined: 19.Mar.2003
From: Philadelphila
Status: offline
Looks like a moot point; it's being implemented.

(in reply to JBakels)
Post #: 3
RE: GFI Download Security Feature Request - 27.Jan.2005 5:16:00 PM   
preeves

 

Posts: 33
Joined: 2.Dec.2004
Status: offline
Andrew,
Can you provide any more information please...
Email below from GFI UK Support indicates that they know nothing about any plans for firewall client support ????

Thanks
Paul

<<snip>>
Thanks for your mail and interest in GFI DownloadSecurity



Unfortunately IĈm not aware of any plans to allow the use of the Microsoft ISA firewall client with GFI DownloadSecurity.



Please don't hesitate to contact me if you have any further questions, or if you feel you need further explanation or assistance.



Thank you for your co-operation.



With Best Regards,

Damien Carlton - GFI Software Ltd
Security & Messaging software for Windows 2000
GFI: MailSecurity - FAXmaker - DownloadSecurity for ISA Server - LANguard Security Event Log Monitor
http://www.GFI.com

Tel: + 44 (0) 870 770 5370

(in reply to JBakels)
Post #: 4
RE: GFI Download Security Feature Request - 28.Jan.2005 12:28:00 PM   
preeves

 

Posts: 33
Joined: 2.Dec.2004
Status: offline
hmmm...if GFI does not work with the Firewall Client are there any products that do ???

(in reply to JBakels)
Post #: 5
RE: GFI Download Security Feature Request - 28.Jan.2005 3:42:00 PM   
minerat

 

Posts: 142
Joined: 19.Mar.2003
From: Philadelphila
Status: offline
It absolutely does. A development patch of this month already fully implements it. The next revision should allow exclusions / fitering the firewall client to be disabed (right now you don't have a choice, web proxy and fwc straight through are filtered). I'm using it right now. Unfortunately there's a bug in it that causes the service to crash every so often, but the lead dev is working on fixing that.

[ January 28, 2005, 03:46 PM: Message edited by: AndrewM ]

(in reply to JBakels)
Post #: 6
RE: GFI Download Security Feature Request - 11.Mar.2005 1:55:00 PM   
Guest
Perhaps this one?

The Firewall service stopped because an application filter module C:\Program Files\Microsoft ISA Server\DSECISA.dll generated an exception code C0000005 in address 0FF02FF8 when function CompleteAsyncIO was called. To resolve this error, remove recently installed application filters and restart the service.

That's already happening with the current version! [Frown] And too often!
And, I'm not the only one...
See: GFI Furums: Topic: DSECISA.dll error - any suggestions?

Getting already [Mad] with this...

(in reply to JBakels)
  Post #: 7
RE: GFI Download Security Feature Request - 11.Mar.2005 2:41:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

It seems that all the Web content filtering packages are running into this problem. I don't know the state of any fixes, though.

HTH,
Tom

(in reply to JBakels)
Post #: 8
RE: GFI Download Security Feature Request - 14.Mar.2005 6:10:00 PM   
Guest
Thomas,

First, thank you for your reply. I was hoping for a reply on the GFI Forums on this - well, at least there is now one more user there complaining on this problem - probably they might fix it if there are enough users complaining!

Even if it might be off-topic for this board (well, the error message was too):
If the problem seems to affect in general web filters - wouldn't that be a hint that the problem is in ISA 2004? SP1 doesn't cure that either... [Frown]

If so, then using 3rd party web filters wouldn't be recommended at this time (for the sake of ISA's stability) - until there is a fix from MS? Is the usage of web filters with ISA generally not recommended? Should we better look for a standalone product?

Thanks for your attention,
Marc

(in reply to JBakels)
  Post #: 9
RE: GFI Download Security Feature Request - 16.Mar.2005 4:24:00 PM   
minerat

 

Posts: 142
Joined: 19.Mar.2003
From: Philadelphila
Status: offline
Yes, that was the problem I was having

The Firewall service stopped because an application filter module C:\Program Files\Microsoft ISA Server\DSECISA.dll generated an exception code C0000005 in address 10002FF8 when function CompleteAsyncIO was called. To resolve this error, remove recently installed application filters and restart the service.

After working with the lead dev, the problem was fixed in an update on Febuary 11th. ftp://ftp.gfisoftware.com/temp/netmon/update11022005.zip I don't know if this patch is incompatible with the cumulative patch released on March 7th. I don't know whether the fix for this issue was included in that or not. I'm guessing the next update listed on the server (11/03/05) includes it as well. I can only vouch for the 11/02/05 update.

NOTE: This patch update includes the functionality that filters all web proxy & firewall http traffic. It cannot be disabled for one without diabling for the other. I've been using this patch since it was uploaded. I don't know why GFI support doesn't have the info. I'll post in the thread on the forums.

[ March 16, 2005, 04:34 PM: Message edited by: AndrewM ]

(in reply to JBakels)
Post #: 10
RE: GFI Download Security Feature Request - 17.Mar.2005 11:30:00 AM   
ecce2k

 

Posts: 3
Joined: 14.Mar.2005
Status: offline
Hi Andrew,

Thanks for the information! I'll try this ASAP and post if that fixed it (and on the GFI forums too)!

[Big Grin]

Marc

(in reply to JBakels)
Post #: 11
RE: GFI Download Security Feature Request - 19.Apr.2005 12:02:00 PM   
ecce2k

 

Posts: 3
Joined: 14.Mar.2005
Status: offline
The patch update11032005.zip seems to have solved my problem. I've been monitoring the service for two weeks now and it's running without any crashes.

As Andrew said above, this patch adds virus scanning to SecureNAT and Firewall clients.
If you shouldn't like this new feature, you can deactivate virus scanning for http traffic by editing the default http protocol and unchecking the "Web Proxy filter" under "Application filters", Parameters tab.

Don't worry, virus scanning remains active for Proxy Clients!

[Big Grin]
very happy user (now)

[ April 19, 2005, 12:03 PM: Message edited by: ecce2k ]

(in reply to JBakels)
Post #: 12
RE: GFI Download Security Feature Request - 22.Sep.2005 5:12:00 AM   
Guest
If you shouldn't like this new feature, you can deactivate virus scanning for http traffic by editing the default http protocol and unchecking the "Web Proxy filter" under "Application filters", Parameters tab.

Where can I find this Option?

(in reply to JBakels)
  Post #: 13
RE: GFI Download Security Feature Request - 22.Sep.2005 6:23:00 AM   
Guest
Another Question - Where can I view which built in my version of DLSEC is?

(in reply to JBakels)
  Post #: 14

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> GFI Download Security Feature Request Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts