Re: Quick Survey - Does everyone do SOME form of "web filtering"??

["Barros, Jacob" <jkbarros () GRACE EDU>]

I just a shorter version to Michael before reading the other posts.  But
since it looks like I am the only one, I thought you all might
appreciate the info.

 

We are a small private institution so we can get away with policies you
all would get trashed on.  We were asked to begin filtering by our
President more than ten years ago.  There were very specific reasons
which I should not get in to here.  =)   The continuation has been
driven by Student Affairs and funding has always been there.  

 

Like many of you mentioned, one of the requirements for our filtering
solution is malware and access list filtering.  P2P is also blocked.
However, we block 'adult', nudity and pornographic material as well as
most weapons-related sites.   Student Affairs chooses the categories and
sites within the categories are maintained by our vendor.  I take care
of individual requests.  Typically, I see only two or three a week.

 

Our biggest issue is with the arts..  websites with nude photographs,
paintings or sculptures.  Obviously fits the category it has fallen
within, but the intentionality is very different.  Each site is reviewed
by Student Affairs.  

 

We do not police or run reports for someone to go knocking on doors,
though the option is there to do so.  I believe the idea is to keep the
unwitting from falling in to something unintended.  Obviously there are
ways to bypass our solution, and not all sites are caught.  My boss
calls it 'taking care of low hanging fruit'.  Greatest value to us is
the malware and phishing filtering.

 

We use St Bernard's iPrism appliance.  There is a request access option
where a message is sent to me for approval.  I quickly evaluate if the
site has been incorrectly categorized. I can easily reassign the site to
a different category, or forward to Student Affairs for review.   Most
requested website...  Victoria's Secret.  Still blocked.  May be a
little overkill, but thankfully, I don't make those decisions.

 

You can assign permissions to individual user accounts to override based
on category, ip address or timeframe I believe.  User accounts can be AD
or LDAP based.  I have done so few I just use the local database.

 

We also filter all guest access. 

 

FWIW

 

Jacob Barros

Network Administrator

Grace College

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of SCHALIP, MICHAEL
Sent: Friday, May 07, 2010 11:01 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Quick Survey - Does everyone do SOME form of "web
filtering"??

 

Hi Folks.....

 

Our Board decided about 3 years ago to require "web filtering" here.
The concern related to "academic freedom" are mitigated through a simple
request process.  If a faculty member or student finds that an
instructionally legitimate website is being blocked - all they have to
do is submit a request to have the website passed through the web filter
and they are in business.

 

My question:  Does everyone do some sort of web filtering?  If you *do*
filter your web access - how long have you done so?  And do you have a
"bypass" process?

 

Thanks,

 

Michael


-- 
This message has been scanned for viruses and 
dangerous content by MailScanner <http://www.mailscanner.info/> , and is

believed to be clean.