Looking for content filter solution (corporate)

  • Thread starter Deleted member 19858
  • Start date
D

Deleted member 19858

Guest
Looking for some suggestions for a corporate content filter, it would need to work over the internet (Not a VPN) not just within a LAN. It would probably need to be able to run as a proxy, unless there is some other way that software is designed to work over the internet.
 
we just got an iprism box in here. pretty full featured and can run in proxy mode.
 
any linux distro with squid will take care of that with say.. dansguardian..

though my personal favorite is smoothwall lite w/ dansguardian.
 
We have 8e6 and it connects to the 8e6 DB every night to update its library catalog. It is invisible to the users unless the users try to access a blocked page. There is NO user configuration. I can setup different group policies per user, per group, per IP, per domain, per whatever. It talks to LDAP and AD. Easy to use and works very well. Great reporting too. I can setup weekly reports to run, export them into excel or pdf or whatever, then email me the reports. For corp. environment it is really nice. It also blocks all proxies, IM, P2P. It looks at the header of the packet instead of some huge IP list.

You will be able to see every single web page and picture that everyone of your users has been too.
 
I knew that was gonna come up. I THINK it was $2500 for hardware. Then you had to pay for licenses. I think I paid around 6k for licenses for around 700-800 users. Every year you can renew you license but you do not have to pay for the hardware. The renewal fee is like 1/3 of the cost or something like that.

Support is VERY good with 8e6 too. Very good.
 
Along with the technical specifications of it working over the internet in proxy mode it would need to be resold. This means the solution would need to work for multiple clients and still have a corporate feel to it. It would also need to be sold in a manner that was cost effective. Ill check out those suggestions like 8e6 but keep um coming.
 
Looks like with 8e6 you need a proxy on top of it? We are also looking for something corporate. So can this be specified as a proxy per say in IE and then filtered through that?
 
I just spoke with 8e6 to get cost and a demo setup, ill keep this thread updated, seems like a few people want to know about it.
 
Sonicwall firewalls can do content filtering, AV, and antispyware detection. Depending on how many nodes that will connect the pricing can be as low as $500 or so for a tz150 or tz170 25 node and $2000-$3000 for unlimited nodes such as the 2040 or 3060 models. Annual renewal for content filtering, support and such will be around $800 - $1000 a year for the larger units and a couple hundred on the smaller units.
 
I have Websense deployed at several clients. It works well, but it can get expensive in comparison to other products.
 
Baracuda?

I have no personal experience, but I have read some good things on the company. Just a suggestion.
 
COKE CAN said:
Baracuda?

I have no personal experience, but I have read some good things on the company. Just a suggestion.
Click to expand...
I have several of their spam firewalls deployed. They work very well. After trying many different products, this is what I recommend to people now. I haven't used the content filter, but if the spam firewall is an indication of the quality of their other products, it would definitely be worth checking out. They have a demo program where they will send you a unit for 30 days to try. That's how we got started with them.
 
xphil3 said:
any linux distro with squid will take care of that with say.. dansguardian..

though my personal favorite is smoothwall lite w/ dansguardian.
Click to expand...

Without AD intergration for get about. People not only want content filter but reports are a big part of it.

We use websense. costs a lot but we are Non-profit so i guess they think the money is worth it.
 
blocks is a good think.

its just a box that connect between your server and the internet.
 
No experience with the others mentioned but I deployed Websense at the hospital I used to work at. Very effective solution and fully integrated with your Windows domain and has amazing logging and configuration abilities. We ran it silently (just logging) for a few week prior to announced deployment and active filtering. We had to destroy the logs. You would not believe some of the sites it had logged people visiting !! Freaking well respected surgeons surfing young boy gay pron and a LOT of other things from a LOT of users. We could have ruined a hundred careers. :eek: We then sent out and announcement to all employees that the system was going to be installed and would start logging all access after a certain date.
 
MixManSC said:
No experience with the others mentioned but I deployed Websense at the hospital I used to work at. Very effective solution and fully integrated with your Windows domain and has amazing logging and configuration abilities. We ran it silently (just logging) for a few week prior to announced deployment and active filtering. We had to destroy the logs. You would not believe some of the sites it had logged people visiting !! Freaking well respected surgeons surfing young boy gay pron and a LOT of other things from a LOT of users. We could have ruined a hundred careers. :eek: We then sent out and announcement to all employees that the system was going to be installed and would start logging all access after a certain date.
Click to expand...


I would feel akward if I had to talk to the user
 
Another vote for Barracuda here... Our corporate is running redundant Barracuda contents filtering running Novell BorderManager and it works very well (sometime, i'm damned to get some favorite site blocked but I live with it since it's not my "internet" but the corporate internet).

PPL has bitched following the installation of the Barracuda Web Filter and asked to get back access to dancing lessons sites, YouTube, cracking sites, MySpace, etc...

MixManSC, this is some sick shit and it would be very very embarassing for them to know that you know about their browsing habits :p
 
Anyone that's worked in a corporate environment in IT or really any IT environment for that matter has probably found people that do that. The sad part is it's not as uncommon as people think.

I've found alot worse than that.

When you start finding it arranged into specific folders for their viewing pleasure and when you erase it and it comes back. We've found people having sex in the tape room at work. People drop off their laptops to have them worked on and you find pictures of their spouses in suggestive positions and clothing. You see EVERYTHING.

Sorry for the topic switch.
 
I had a guy arrested... beat that!

child porn, sent to his work email FFS.
 
Well my 8e6 WebEx is tomrorow, ill report back with how that goes. I should have an eval of SmoothWall Corporate Guardian 5 up early next week. I am also going to look at Barracuda and use these 3 as my final choices I think.
 
I got the smoothwall guardian demo and it did not work on our new IBM server, x3550.
 
trying Trustix now, actually had the option for the RAID card, but not finding NIC drivers. Atleast over one hurdle
 
I vote for Websense. Just make sure that whoever you end up going with knows you plan on reselling the gear.
 
8e6 ended up being way too exspensive for what it was and would not work the way we wanted it to so we didn't even look at the demo.

Barracuda looks like it fits our price and needs pretty well, however we have yet to demo it and it lacks good reporting in this version. They said that in the next release (v3.2) that reporting will have a major overhaul.

I have yet to look at SmoothWall Corporate Guardian yet but probably will be doing so later this week.
 
SnowPunk98 said:
8e6 ended up being way too exspensive for what it was and would not work the way we wanted it to so we didn't even look at the demo.

Barracuda looks like it fits our price and needs pretty well, however we have yet to demo it and it lacks good reporting in this version. They said that in the next release (v3.2) that reporting will have a major overhaul.

I have yet to look at SmoothWall Corporate Guardian yet but probably will be doing so later this week.
Click to expand...

I told you what to do silly billy, smoothwall express 2.0(i think i may have called it lite by accident). Get yourself dansguardian(smoothy forums) and compile it yourself. and what did it cost you, a server and your time. Nothing more:)
 
I would have to give a no for websense. There are a LOT of ways around it. Heck I was at a nonprofit site recently (Which leechs off of the city for an internet connection in which they have websense deployed.) and found a 9 year old kid that was able to get around it! :eek:
 
Raystream said:
I would have to give a no for websense. There are a LOT of ways around it. Heck I was at a nonprofit site recently (Which leechs off of the city for an internet connection in which they have websense deployed.) and found a 9 year old kid that was able to get around it! :eek:
Click to expand...

Could you PM me and elaborate on this? It's possible that they didnt have proxies blocked, and that the kid was just going to a proxy site. I administered a Websense install for about 4 years and I was never able to find a way around a properly configured install.
 
Boscoh said:
Could you PM me and elaborate on this? It's possible that they didnt have proxies blocked, and that the kid was just going to a proxy site. I administered a Websense install for about 4 years and I was never able to find a way around a properly configured install.
Click to expand...

ssh tunneling, icmp tunneling, dns tunneling, etc, etc, etc
 
Boscoh said:
Could you PM me and elaborate on this? It's possible that they didnt have proxies blocked, and that the kid was just going to a proxy site. I administered a Websense install for about 4 years and I was never able to find a way around a properly configured install.
Click to expand...

Myself either. If users are getting around it then there are other much more serious security problems. None of those protocols should be open through the firewall for unauthorized users. And if - a user is authorized and caught abusing it they get promptly warned. There is simply no reason for general users to need ICMP open across the firewall as an example. I worked at a hospital and due tip HIPAA we did have to take extreme security measures though but even at home I follow the same practices.
 
Boscoh said:
And if you have a properly configured network, doing that is very, very difficult.
Click to expand...

SSH tunneling is very very very very very tricky to stop. especially when the user is running the server on an encrypted channel, like https... which you really can't filter these days:eek:
 
Lock down the computers with group policy to disallow unauthorized executables to run or be installed. If that's not possible just use random checks and if a user is caught then fire them.
 
You must log in or register to reply here.
Back
Top