nanog mailing list archives
RE: Filtering network content based on User Subscription
From: "Ejay Hire" <ejay.hire () isdn net>
Date: Sun, 9 May 2004 22:31:57 -0500
I'm bumping the tail-end of this thread, but here goes. we implemet per-user dynamic content filtering using an N2H2 on a squid box running as a transparent proxy. When we had tnt's, we used ASCEND-IP-DIRECT to force filtered users through the n2h2. We use cisco As5800's now and have an outbound policy that checks and redirects based on the Ip address they are assigned (until I get the final VPDN solution working.) -Ejay -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of Mark Borchers Sent: Saturday, May 08, 2004 6:42 PM To: jshen () spymac com Cc: nanog () merit edu Subject: RE: Filtering network content based on User Subscription
Your best bet in this case is to place a appropriately sized firewall at the customer's site, i.e. Cisco PIX 501 - 515 series or SonicWall's equivalent and link it to a WebSense or N2H2 content filtering server at your NOC.
[snip]
Scott C. McGrath
Joe, Cisco's Content Engine can also do the functions that Scott mentioned, plus gives you the benefit of web caching. It's very feature-rich, and the command line looks a lot like IOS. You can configure it to FTP your whitelist of URLs, and set up user-specific or global time restrictions, which address a couple of your specs. For the latter, I think you need the Smart Filter module, which is not part of the basic Content Engine distribution.
Current thread:
- Filtering network content based on User Subscription jshen (May 08)
- Re: Filtering network content based on User Subscription Scott McGrath (May 08)
- RE: Filtering network content based on User Subscription Mark Borchers (May 08)
- <Possible follow-ups>
- RE: Filtering network content based on User Subscription Ejay Hire (May 09)
- Re: Filtering network content based on User Subscription Scott McGrath (May 08)