Educause Security Discussion mailing list archives

Re: Query on content filtering

From: Chad McDonald <chad.mcdonald () GCSU EDU>
Date: Tue, 31 Jan 2006 09:31:57 -0500

We have been using content filtering for email for a couple of years.  We
drop all attachments of various type due to the likelihood of virus
infection.  We label messages that we suspect of being SPAM and PHISH.
Other than traffic prioritization we rarely limit what users can do with
outward bound network activity.  For quite some time we have prevented most
inbound connections.  We do, and will continue to, block addresses (or
entire address blocks) that make broad and repeated attempts to circumvent
our security. 

As for bandwidth management, we have been fighting to finish our
installation of Impulse Point for almost 8 months.  Though the vendor is
providing great support, and the product (when installed correctly) is very
robust in its capabilities, neither we nor the vendor has been able to keep
the box stable enough to stay in production for more than a few days at a
time.  If this solution doesn't pan out very soon, we will be looking
closely at the Bradford product.

Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University


On 1/31/06 9:02 AM, "Don Murdoch" <dmurdoch () ODU EDU> wrote:

Greetings.  I am interested to know if other Universities are using content
filters  products like Web Sense, Blue Coat, Cisco Content Engine, and the
like. We have a forthcoming state policy (in draft, subject to change, who
knows where it will end up) which may require some sort of web / traffic
content filter to be in place.

I searched the list archive came across a few using Tipping Point, and Ron
Parkers mention of trying different products and finally settling on Web
Sense + Check Point.

Also  I am not interested in bandwidth mgmt per se  rather, something
that can actually monitor / report / mitigate / clean HTTP, IRC, P2P, 
traffic at the data payload level, not the bandwidth level.

Thank you in advance for your time.

- djm -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don Murdoch, CISSP + 10 others
Information Systems Security Officer
Tel: 757-683-4580    Office of Computing and Communications Services
Fax: 757-683-5155    Old Dominion University - Norfolk, Virginia
This signature block is not a digital signature under UETA,. This email may
contain private or confidential University information.  If you received
this message in error, inform the sender and delete it.

Current thread:

Query on content filtering Don Murdoch (Jan 31)
- <Possible follow-ups>
- Re: Query on content filtering Chad McDonald (Jan 31)
- Re: Query on content filtering Gibbs, Aaron M. (Jan 31)
- Re: Query on content filtering Tracy Mitrano (Jan 31)
- Re: Query on content filtering Valdis Kletnieks (Jan 31)
- Re: Query on content filtering Cal Frye (Jan 31)