Re: Web Content Filtering

["Spaller, Mary E." <MESpaller () MILLIGAN EDU>]

I believe if you have students enrolled who are under the age of 18 (minors) it is a CIPA compliance issue…

http://www.fcc.gov/guides/childrens-internet-protection-act



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Barros, 
Jacob
Sent: Wednesday, April 22, 2015 1:43 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Web Content Filtering

With the exception eight endpoints on the main level of our library, we filter all users, including guests and events 
facilities, at all locations.  Our primary concern is web security / system protection but we have found that 
traditional content filtering goes hand in hand.  Our Student Affairs department has chosen to block a few categories 
of web sites that are controversial, but on the whole, what we filter (arguably) leads to a better network environment.

We use PaloAlto as our edge device for the main campus and have used Sonicwall where throughput is minimal.  Neither 
solution requires much effort once in place though the PaloAlto is far superior in my opinion.  The request for 
exceptions with PaloAlto is not automated as with previous solutions we have had, but other than that we are pleased.

We have had content filtering in place almost as long as we have had internet access.  Maybe 6 months to a year total 
without it.  Since we've always had it, no one complains. I can only imagine the politics you will need to overcome for 
a implementation like this to be widely adopted and successful.




Jake Barros  |  Network Administrator  |  Office of Information Technology
Grace College and Seminary  |  Winona Lake, IN  |  574.372.5100 x6178



On Wed, Apr 22, 2015 at 1:08 PM, Donald Welch <djwelch () umich edu<mailto:djwelch () umich edu>> wrote:
Colleagues,
I'm the new CISO for the University of Michigan.  I look forward to meeting you and working with you.  One of my first 
issues is web content filtering.

I've been asked whether any other higher education institutions implement web content filtering and if so what groups 
to you filter for and what kinds of content.  If you wish, I'd also welcome your opinion on how well it works.

This has started with our health system and my guess is that would be our focus if we went forward.  However, one of 
our Trustees has been questioning why we don't filter across the University.  I have to go to an initial meeting Friday 
afternoon, so any info you can give me before then would be much appreciated.

Sincerely,
Don

Donald J. Welch, Ph.D.
Chief Information Security Officer
University of Michigan
734-615-0334<tel:734-615-0334>