Re: web monitoring tool

["Imran Khan" <ikhan () eudoramail com>]

I do agree with you Byrne and many others who sent responses to my query. I cannot agree enough that this is strange 
one... It is also a deviation from an overall corporate security policy. But executives are executives after all!!!

I did relay my concern earlier today and made a recommendation that these executives use a dialup connection if they 
need to keep their privacy and sanity of others...

I have yet to find out the real objective behind this requirement!


Thanks every one who responded.

Cheers, 
Imran



--

On Wed, 9 Apr 2003 17:46:49   
 Byrne Ghavalas wrote:
> Hi Imran,
>
> The goal certainly is a strange one...
>
> Assuming that all the traffic goes through a firewall, I would assume
> that you could assign static IP addresses (or reserved DHCP addresses)
> to these manager's machines.  Then, you could create a rule on the
> firewall to allow the traffic through, but without logging.
>
> If the firewall does not support the option of no logging, then I would
> say that the only other option I can think of is providing the group of
> managers with their own Internet connection.
>
> Also, if the managers use different workstations, this option won't
> really
> be effective.
>
> As the traffic has to end up going through the firewall one way or
> another,
> I can't see any desktop solution solving your problem.
>
> I must admit that it is rather bizarre that your boss would want to
> disable logging for these users. I can understand the your boss is
> probably thinking of the privacy for those managers, but logging is not
> really supposed to be used to spy on users activities, but rather to
> spot anomalies and hopefully help with troubleshooting and forensic
> investigations... Hopefully any staff that have access to this log
> information are trusted staff members with well-written contracts ;-)
>
> I would try and convince your boss otherwise, but either way, good luck
> in resolving your problem.
>
> Kind regards
>
> Byrne Ghavalas
>
>
> ----- Original Message -----
> From: "Imran Khan" <ikhan () eudoramail com>
> To: <security-basics () securityfocus com>
> Sent: Wednesday, April 09, 2003 1:11 PM
> Subject: Re: web monitoring tool
>
>
> > couldn't find any matter on this one on the security focus website...
> >
> > I am looking for an application to block net utilization at the
> desktop level.
> > My boss wants to keep a select group's (mostly senior managers)
> internet use confidential. She wants this to be done locally (desktop
> application), so no logs are generated on the network admin end.
> > Is this doable?
> >
> > Thanks for all the responses...
> >
> > Imran
> >
> >
> > Need a new email address that people can remember
> > Check out the new EudoraMail at
> > http://www.eudoramail.com
> >
> > -------------------------------------------------------------------
> > Is SPAM over-loading your e-mail server, disk space or bandwidth?
> > SurfControl E-Mail Filter is flexible, intelligent and policy-driven
> > protection.
> > http://www.securityfocus.com/SurfControl-security-basics2
> > Download your free fully functional trial, complete with 30-days of
> free technical support.
> > Stop SPAM before it stops you.
> > -------------------------------------------------------------------


Need a new email address that people can remember
Check out the new EudoraMail at
http://www.eudoramail.com

-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------