Educause Security Discussion mailing list archives
Re: Blocking Proxy/HTTP Tunneliing servers
From: George Bailey <gbailey () IVYTECH EDU>
Date: Tue, 7 Feb 2006 10:56:44 -0500
Websense doesn't require interaction with a firewall, but it does need a cache device of some kind (Cisco Content Engine, Squid, bluecoat, etc) --gb ---------------------- George Bailey Information Security Ivy Tech Community College of Indiana Indianapolis, Indiana PH: 317.921.4526 _____ From: Justin Dover [mailto:dover () HARPETHHALL ORG] Sent: Tuesday, February 07, 2006 10:27 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Blocking Proxy/HTTP Tunneliing servers The EDUCAUSE Security Discussion Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on Monday, February 06, 2006 at 4:07 PM -0600 wrote: Hi Justin To do centralized filtering - which is really the only way to go - you are probably going to have to spend some money. The commercial solution that really does a good job is Websense. (www.websense.com). We use it at Harding. There is an appliance sold by "8e6" (www.8e6.com), but I have no experience with it. Another product called N2H2 is sold by Secure Computing (www.securecomputing.com). It has been used by the state of Arkansas to do some filtering for their k-12 clients and others. They actually sell two products. The K-12 version is called "Bess" and the more extensive product is called "Sentian". That's about all I know. Cyberpatrol has a centralized solution as well but their database filtered only about 70% of the objectionable sites when we used it about 5 years back. They may have improved. Software solutions like Websense require an interaction with a firewall to implement their filtering. We use Cisco Pix with Websense. For K-12, there are also products out there that work the opposite of filters. They provide a database of sites that have been researched and OK'ed for use and block everything else. I don't have any experience with these products but it sounds like a good idea for some applications. John Nunnally Harding University Great info John. Thank you very much. Justin Dover Harpeth Hall School 615-346-0082
Current thread:
- Re: Blocking Proxy/HTTP Tunneliing servers, (continued)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Valdis Kletnieks (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers O'Callaghan, Daniel (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Graham Toal (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Cal Frye (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Nunnally (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Nunnally (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Stauffacher (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers George Bailey (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers Tran , Lieu D (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers Jeni Li (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers Graham Toal (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers David P. Allen (Feb 09)