• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Web Filtering HTTPS Traffic

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> Web Filtering HTTPS Traffic Page: [1]
Login
Message << Older Topic   Newer Topic >>
Web Filtering HTTPS Traffic - 14.Jun.2010 4:05:38 PM   
anthonymel

 

Posts: 40
Joined: 21.Dec.2004
Status: offline
Can TMG filter HTTPS traffic through its URL categories?.  I'm not talking about the malware stuff through the HTTPS Inspection filter... I'm talking about can it block http://facebook.com as well as https://facebook.com?

Thanks!
Post #: 1
RE: Web Filtering HTTPS Traffic - 14.Jun.2010 7:17:31 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Pretty sure it can, but only to the domain name level, not the page level for secure sites.

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to anthonymel)
Post #: 2
RE: Web Filtering HTTPS Traffic - 14.Jun.2010 7:55:43 PM   
anthonymel

 

Posts: 40
Joined: 21.Dec.2004
Status: offline
Ok I thought it would.  We are thinking of moving to this platform since Websense decided it didn't care about its product anymore.  They released a new version where only the plug-in supports x64 but not the software.  Welcome to 2010 Websense where all new Windows Servers are x64...

I'm also disappointed in HTTPS inspection in TMG in regards to third party browser support.

(in reply to anthonymel)
Post #: 3
RE: Web Filtering HTTPS Traffic - 21.Jun.2010 4:06:21 PM   
kurian2z5

 

Posts: 1
Joined: 21.Jun.2010
Status: offline
quote:

I'm also disappointed in HTTPS inspection in TMG in regards to third party browser support.

That is the reason SSL exists. It can't be broken by any means aside from sabotaging the client or stealing the server private key. In this case TMG installs its own trusted certificate in the client. If TMG's private key were stolen, then all the domain clients are vulnerable to MITM attacks while browsing.

(in reply to anthonymel)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> Web Filtering HTTPS Traffic Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts