Firewall Wizards mailing list archives
Re: httport 3snf
From: Al Potter <apotter () icsalabs com>
Date: Tue, 22 Oct 2002 10:49:02 -0400
Robert: rmartin () fishburne org said:
This is a military School for 8-12 graders.. The key here is disipline.
I've been lurking quietly on this thread for a few days, waiting for you to weigh back in as you have here. I strongly suspected what you say above to be the case. You have a policy / discipline / supervision issue. The firewall (or other security device) can never enforce compliance with this type of policy 100% (there's always a smarter hacker), but it can make deviation more difficult, and provide an audit trail to assist the supervisor in detecting and documenting policy violations. This brings the problem out of IT and back into its proper realm, personnel supervision. People set policy, have the discipline (or not) to follow policy, and supervise / enforce compliance with policy. Being in a military environment (and I have 9 years of active duty Army in my past), you may have the luxury of what would be (viewed in many corporate environments as) a draconian policy and enforcement environment. "$FOO is verboten. First time offenders will be counseled in writing. Second time offenders will loose privileges for X days. Third time offenders will be...." Being in an educational environment, you have a challenge and IMHO responsibility to educate these young people as to WHY the policy is there (there IS a reason, right?). I'd recommend you take a look at Winn Schwartau's book: Internet_&_Computer_Ethics_for_Kids_(and_Their_Parents_&_ Teachers_Who_Haven't_Got_a_Clue). It's designed to teach exactly these kinds of lessons to exactly your target audience, and does a decent job of discussing the issues. In short: - Write a policy - Brief and educate your users on the issues, ethics and the policy - Empower the supervisors to monitor compliance and enforce the policy The Firewall only helps with the last one. Hope this helps.... AL -- +------------------------------------------------------------------------+ | Al Potter | | Manager, Network Security Labs | | ICSA Labs apotter () icsalabs com | | www.icsalabs.com PGP Key ID: 0x58c95451 | +------------------------------------------------------------------------+
Attachment:
_bin
Description:
Current thread:
- Re: httport 3snf, (continued)
- Re: httport 3snf Ryan M. Ferris (Oct 21)
- Re: httport 3snf Paul D. Robertson (Oct 21)
- Re: httport 3snf Duncan (Oct 22)
- Re: httport 3snf Paul D. Robertson (Oct 22)
- Re: httport 3snf Duncan (Oct 22)
- Re: httport 3snf Paul Robertson (Oct 22)
- Re: httport 3snf R. DuFresne (Oct 22)
- Re: httport 3snf Robert E. Martin (Oct 22)
- Re: httport 3snf Paul Robertson (Oct 22)
- Re: httport 3snf m p (Oct 22)
- Re: httport 3snf Al Potter (Oct 22)
- Re: httport 3snf Duncan (Oct 22)
- Re: httport 3snf Paul Robertson (Oct 22)
- Re: httport 3snf Kyle R. Hofmann (Oct 23)