[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] eSafe CVP Servers
Hi Cristian, Thank you for your reply. I only use my eSafe for SMTP and FTP AV. If/when I use the HTTP scrubbing -- it works for a few hours, then it stops all HTTP traffic (looses connectivity with the firewall). To much of a pain. It's really too bad -- I wish it worked. I have bugged eSafe for help -- but so far, no resolution. eSafe gave me the run-around, and I finally gave up. Other have complained about the same problem. I'll probably go with Norton once my eSafe license expires. This is my config: Dedicated full T1 Internet access FW1 v4.1 SP2 on Solaris 2.6 143MHz Usparc 320MB RAM eSafe v2.1/99 on NT4.0 Server (SP5) PI 233 256MB RAM Websense v3.11 also on this NT4.0 server, which is only a PC clone. HDDs are UW SCSI drives. IDE is evil! The NT box and firewall are connected to a Cisco switch. Firewall is forced at 10/HDX -- while the NT has a SMC NIC running at 100/FDX (also forced to 100/FDX. Force everything -- don't auto neg, according to Cisco). We've had problems with 3COM cards. We don't use them anymore. We've had good experiences with Intel NICs. Anyway... My switch connection status between NT and firewall is the cleanest on our network. The only tips I have for eSafe are: - Per: eSafe README, comment out the "auth_opsec" 18182 line in $FWDIR/conf/fwopsec.conf Or, something like that. See the readme file. I forget. - Use "Low Security" in defeat timeout in eSafe configuration - streamline your FW1 rules. Make them simple, ordered with most used at the top. That's about all I can think of. Hope this helps! -- Chris --- Cristian Nicolae <[email protected]> wrote: > Hi Chris, > I am using the same version as you do. It runns on a > NT Server OS. > As I said, I did not enable the HTTP content > scanning because of the > performance reasons. > Just to give you an idea, I have a 1 Mbps connection > to the Internet and > as soon as I > enabled HTTP scanning my access became as fast as I > was using a 128 kbps > line. Of course, I do not pretend that these figures > are exact, but the > machine was getting on its knees with that. > My firewall is a Nokia IP650 4.1 SP2. > Although I am not an NT expert, I am inclined to say > that NT can hardly > be tuned when there is a performance bottleneck. > > My idea is to take another product running on a > UNIX/Linux platform for > this kind of thing. > I would gladly consider FreeBSD but there are not > too many products of > this sort running on FreeBSD. > One other option is to take the biggest and the > greatest Intel box an > put NT on it. > Any experience with this issue is greatly > appreciated. > Cristian > > > Chris F wrote: > > > > Cristain, > > > > I use eSafe as well. I have trouble using it to > scrub > > HTTP. After some time, the connectivity between > the > > eSafe server and the firewall dies (as if eSafe > can't > > keep up). > > > > I have other issues with FTP scanning. Others have > > mentioned the same. > > > > I'm running eSafe v2.1/99 on NT4.0 SP5 > > FW-1 v4.1 SP2 on Solaris 2.6 > > > > What versions of eSafe and OSes are you at? > > > > Thanks -- Chris > > > > --- Cristian Nicolae <[email protected]> > > wrote: > > > > > > Hi, > > > I have been using eSafe sucessfully. In a > network > > > with 450 users > > > I've been running eSafe on a Compaq Professional > > > Workstation AP500 with > > > 128 MB RAM. > > > My opinion is that SMTP scanning works very well > if > > > one is running not > > > but eSafe on that machine. > > > On the other hand, enabling the HTTP and FTP > > > scanning decreased > > > significantly the access speed. > > > I would be curious to learn from other people > > > experience. > > > > > > I understood that with FW-1 4.1 one can use more > > > than once CVP server. > > > I believe that when it comes to antivirus it is > > > worth to have a cascaded > > > setup with different products. > > > > > > I would be curious to know if anyone has been > using > > > TrenMicro on Linux > > > with HTTP scanning enabled > > > and if there any performance issues. > > > > > > Cristian > > > > > > > > > > > > > > > > > > Ed Davidson wrote: > > > > > > > > I am looking at the various CVP servers for > > > AntiVirus. I was wondering what > > > > people are using and what you like. I have > looked > > > at eSafe's, Trend > > > > Micro's, and Nortons. It seemed that eSafes > had > > > the nicest feature set, > > > > but I couldn't get it to work stable. Nortons > was > > > the most stable and > > > > easiest to use. > > > > > > > > What are your opinions? > > > > > > > > Thank you. > > > > > > > > Edwin Davidson. > > > > > > > > > > > > ================================================================================ > > > To unsubscribe from this mailing list, > please > > > see the instructions at > > > > > > http://www.checkpoint.com/services/mailing.html > > > > > > ================================================================================ > > > > __________________________________________________ > > Do You Yahoo!? > > Send instant messages & get email alerts with > Yahoo! Messenger. > > http://im.yahoo.com/ > > > > > ================================================================================ > > To unsubscribe from this mailing list, please > see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > ================================================================================ __________________________________________________ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|