|
Posted by JM on March 18, 2006, 5:10 pm
If you were Registered and logged in, you could reply and use other advanced thread options
A telecom client of mine wants to monitor the web use of her kids, as well
as offer some measure of protection. She is concerned about her own kids
and their friends, many of whom bring their laptops with them when they come
visit and/or sleep over. Since these kids come and go, and her own kids use
school laptops with pretty strict usage policies, monitoring
software/hardware has to be at the gateway. I've had decent success with a
multi-pronged strategy that included Cybersitter, et al, but in this case
client software isn't an option.
Already at her home are two routers, a Netgear WGR614 and a Linksys WRT54G.
I set up the Netgear and configured some basic firewall rules. I showed her
how to enter keywords and check the logs, and I have the logs emailing to
her every morning.
We're not looking for any device to do all the work; it's simply a part of
the larger plan, which includes education and enforcing of rules. But, my
specific question is: Is there some security or content filtering appliance
in the $300 range that will offer more than I can get with the basic
firewall capabilities of a consumer router/firewall such as mentioned above?
thank you,
jm
|
|
Posted by Duane Arnold on March 18, 2006, 7:18 pm
If you were Registered and logged in, you could reply and use other advanced thread options
JM wrote:
> A telecom client of mine wants to monitor the web use of her kids, as well
> as offer some measure of protection. She is concerned about her own kids
> and their friends, many of whom bring their laptops with them when they come
> visit and/or sleep over. Since these kids come and go, and her own kids use
> school laptops with pretty strict usage policies, monitoring
> software/hardware has to be at the gateway. I've had decent success with a
> multi-pronged strategy that included Cybersitter, et al, but in this case
> client software isn't an option.
>
> Already at her home are two routers, a Netgear WGR614 and a Linksys WRT54G.
For what?
> I set up the Netgear and configured some basic firewall rules. I showed her
> how to enter keywords and check the logs, and I have the logs emailing to
> her every morning.
The Netgear is not the one you need as the gateway device IMHO as it has
no rules to stop inbound or outbound traffic by port, protocol, or IP on
the LAN or WAN.
>
> We're not looking for any device to do all the work; it's simply a part of
> the larger plan, which includes education and enforcing of rules. But, my
> specific question is: Is there some security or content filtering appliance
> in the $300 range that will offer more than I can get with the basic
> firewall capabilities of a consumer router/firewall such as mentioned above?
>
What you need is the 54G as the gateway device that you can set rules to
stop inbound or outbound traffic by port, protocol or IP along with
review of logs by using something like Wallwatcher (free). The free 3rd
party firmwares that work with Wallwatcher for the 54G will give you the
features you need to be a packet filtering FW router than that wireless
Netgear router will ever have to do it.
The 54g with the right firmware in palace comes closer to a FW router
that that wireless Netgear.
http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
Wallwatcher has emailing abilities but I don't know if you can email logs.
Use the FW abilities that the 54G has to offer.
Or get one of the wire Netgear routers or others that are ICSA certified
that meet the specs above in the link for a a network FW.
It's just my take on it and others may have a different approach.
Duane :)
|
|
Posted by Duane Arnold on March 18, 2006, 7:37 pm
If you were Registered and logged in, you could reply and use other advanced thread options
wire/wireless Access Point switch and plug into a wire router that has
more or better FW abilities.
Duane :)
|
|
Posted by Somebody. on March 18, 2006, 8:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>A telecom client of mine wants to monitor the web use of her kids, as well
>as offer some measure of protection. She is concerned about her own kids
>and their friends, many of whom bring their laptops with them when they
>come visit and/or sleep over. Since these kids come and go, and her own
>kids use school laptops with pretty strict usage policies, monitoring
>software/hardware has to be at the gateway. I've had decent success with a
>multi-pronged strategy that included Cybersitter, et al, but in this case
>client software isn't an option.
>
> Already at her home are two routers, a Netgear WGR614 and a Linksys
> WRT54G. I set up the Netgear and configured some basic firewall rules. I
> showed her how to enter keywords and check the logs, and I have the logs
> emailing to her every morning.
>
> We're not looking for any device to do all the work; it's simply a part of
> the larger plan, which includes education and enforcing of rules. But, my
> specific question is: Is there some security or content filtering
> appliance in the $300 range that will offer more than I can get with the
> basic firewall capabilities of a consumer router/firewall such as
> mentioned above?
>
> thank you,
>
> jm
Others may provide other (cheaper) solutions, but I will speak to what I
know. A FortiGate 50A will provide you with all the protections and
monitoring you need, but it's a bit out of your price range. If you could
extend it towards the roughly $600 range (I don't really know US street
prices very exactly) you could get this sort of protection. I can engage a
discussion offline (despam my email address to respond) with you on how this
would work exactly, beacause such a discussion seems to touch off a
firestorm of controversy in this group, but in short I believe this device
can be used effectively for the type of purpose you're describing above.
This device by the way would replace the Netgear entirely.
Surely there are cheaper solutions but this one is a pretty serious and
pretty effective approach.
-Russ.
|
|
Posted by Rod Engelsman on March 18, 2006, 8:45 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> A telecom client of mine wants to monitor the web use of her kids, as well
> as offer some measure of protection. She is concerned about her own kids
> and their friends, many of whom bring their laptops with them when they come
> visit and/or sleep over. Since these kids come and go, and her own kids use
> school laptops with pretty strict usage policies, monitoring
> software/hardware has to be at the gateway. I've had decent success with a
> multi-pronged strategy that included Cybersitter, et al, but in this case
> client software isn't an option.
>
> Already at her home are two routers, a Netgear WGR614 and a Linksys WRT54G.
> I set up the Netgear and configured some basic firewall rules. I showed her
> how to enter keywords and check the logs, and I have the logs emailing to
> her every morning.
>
> We're not looking for any device to do all the work; it's simply a part of
> the larger plan, which includes education and enforcing of rules. But, my
> specific question is: Is there some security or content filtering appliance
> in the $300 range that will offer more than I can get with the basic
> firewall capabilities of a consumer router/firewall such as mentioned above?
>
> thank you,
>
> jm
I would suggest going with Endian firewall, http://www.efw.it/, on an
older PC. To do everything--and it does a lot--will only require
something like a PII, 400MHz, 256 MB RAM. It comes with a transparent
http proxy and Dansguardian content filtering. The software is free for
the download and even if you have to buy a used box, that can't cost
more than about $50.
--
Rod
|
| Similar Threads | Posted | | Keeping same IP over VPN | December 14, 2006, 1:16 am |
| VPN solution needed | October 19, 2005, 4:02 pm |
| Is there a simple solution? | July 27, 2006, 10:33 am |
| Firewall/VPN solution | December 20, 2006, 3:20 pm |
| best FW solution for <$2000 | February 26, 2007, 4:25 pm |
| I need help choosing a firewall/vpn solution. | January 5, 2007, 10:17 pm |
| IPcop and dyndns.org custom dns a solution! | August 10, 2004, 5:45 pm |
| [OSFP] a solution against 'xprobe2' and 'nmap -O' ?? | May 23, 2005, 10:46 pm |
| Solution for securing VPN using 2-factor SMS Authentication | June 11, 2005, 1:11 pm |
| We have two small office at different locations, which is best VPN solution? | October 1, 2006, 4:43 pm |
|
XML site map