View Single Post
  #1   (View Single Post)  
Old 9th December 2009
Bruco Bruco is offline
Fdisk Soldier
Join Date: May 2008
Location: Kalamazoo, MI, USA
Posts: 61
Default Gateway http anti-virus filtering with router/proxy/something?

(I cross-posted this at the FreeBSD forums. Hope that's okay, just trying to get as many suggestions as possible.)

Here's my situation:

I have a Cisco ASA 5510 as my gateway. I do NOT have the content filtering licensing for it (CSC-SSM). Nor are there plans for my company to purchase it. However, I would like, if nothing else, anti-virus at the gateway. Since we aren't going to buy anything I'd like to demonstrate the benefits of open source to the company. And I like FreeBSD. So I thought I'd try to put together a solution using it.

Now, I've read a lot about using Cisco WCCP and a transparent squid proxy and I think that combined with something like HAVP that would work. However, it IS a little over-complicated for me: I have no need for the caching that a proxy provides. I really would just like http traffic to be scanned for viruses/malware, and if found for the data stream to be stopped.

So, has anyone put a solution like this together? Could I use something like HAVP and put it between my Cisco and the ISP router as the next hop for my Cisco? If so, will it pass through non-http traffic without a fuss? Could I combine pfsense with an anti-virus port and put it in front of my Cisco? Anything other options?

Any and all suggestions are welcome. Thank you.
Reply With Quote