|
Posted by Simcfc73 on December 10, 2004, 8:10 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi guys.
I'm looking for a firewall/content filter/logging device for the
school netowrk I've just taken over.
I need
Port Filtering
Good quality Content filter with the rules that I can change and
override if required.
Schedules
Logs with Windows Usernames on and sites visited.
No VPN required but I would like one which has the ability to go on a
different line of the first one drops. We've a ADSL line and a ISDN
line available.
The problem is we are tied to our ISP for another 9 months where we
use there proxy to get on the internet. Its a service where they have
2 proxies, one unfiltered and one with a white list for the kiddies.
Now I've tried ISA as I used it before and it would only cost us £50
due to our schools agreement but it doesn't like the upstream proxy
settings and always requires a username and password. I was looking at
ISA with maybe websense (ha at the price) or some other software
webpage filtering.
I've hardly used Linux and Smoothwall licensing for filtering takes it
up to a grand at least.
Does Sonicwall or Firebox fit my bill.
I'm a little concerned that I can't try them before I buy as I don't
want to waste money if there's going to be issue with our upstream
proxy settings.
Can I leave the upstream proxy settings in IE and just change the
default gateway.?? Will that work.??
Sorry for typing so much. I've been reading stuff and downloading
demo's all week.
On SonicWall. Enhanced OS and Tech Support a must.???
I'd appreciate any help you guys can offer.
Simon
PS. We have little kiddies in school who use the white listed proxy so
if I have to get rid of that one the new firewall needs to be sh!thot.
|
|
Posted by Munpe Q on December 10, 2004, 6:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
For your requirements, SonicWALL with Enhanced OS will meet all of your
requirements.
The SonicWALL has the ability to do Load Balancing on multiple WAN
interfaces, and so you can either still use the proxies or bypass them
using the one gateway. There are two options going with SonicWALL, one
is a cloud based content filter and an appliance that does on box
content filtering with the ability to use LDAP for authentication,
reporting, etc. Now, depending on whether or not you have a
Citrix/Terminal Server, you may or may not need ISA. Stay away from it
if you can, but to accurately get content filtering for a
Citrix/Terminal Server, using anyone's content management system, you
would have to use ISA. And the cool part about SonicWALL is that you
can enforce the use of a proxy at the firewall without touching the
desktop by vectoring all requests to the proxy server within the
firewall, which means that no squid proxies at people's homes can be
used to bypass filters and such.
The tech support, or maintenance contract, covers more than just tech
support, it's firmware upgrades and hardware replacement as well, and
so yes, you should budget for that.
As for as logging, look at Servoyant Security Analytics, available from
the guys at Illumen : http://www.illumen.com. I've seen it and it
works great. As I understand it, they were working hand in hand with
SonicWALL to get accurate reporting accomplished, even more so than the
what the SonicWALL Viewpoint product can provide. Good luck with that
project.
|
| Similar Threads | Posted | | School network Security | July 25, 2008, 3:34 pm |
| Bypass School And Work Filters www.classgetter.com | April 10, 2008, 12:48 am |
| VelociRaptor Firewall donated to school - having trouble getting it running | December 9, 2004, 2:48 pm |
| Stay Protected When Surfing, Brand New Proxy Unblock Myspace, Facebook, Bebo At Work, School and Library! | February 3, 2008, 1:49 pm |
| The #1 MySpace proxy sites for accessing MySpace at work and school | August 19, 2007, 11:25 pm |
| Sonicwall Wireless Access - VPN and Guest Access | April 5, 2007, 10:45 am |
| LAN access while VPN is up | October 28, 2005, 1:07 am |
| CLI app - allow access? | December 11, 2006, 1:58 am |
| Allow rdp access on pix 501 | April 1, 2008, 4:54 pm |
| ZA blocks access to dns. Why? | December 3, 2004, 10:29 am |
|
XML site map