Re: web filtering

["King, Ronald A." <raking () NSU EDU>]

We have a layered approach.  We use OpenDNS which redirects URLs like www.warez.com<http://www.warez.com> to our AUP.  
You can select from predefined content groups and add your own.  OpenDNS also operates PhishTANK which has a pretty 
good list of phishing sites so users get redirected away from known phishing sites.  Inside and on the network, we have 
a TippingPoint 2400E that we are very happy with and its filters for P2P, BitTorrent, and malware.  Snort in IDS mode 
backs this up.  We also have Squid running on CentOS boxes that proxy all http traffic, allowing us to block and track 
to the endpoint.  On our university owned computers, we have Sophos Endpoint Security which incorporates a BHO for IE 
to block known malicious sites.  You can control whether this is on or off, but that's it.  We have had some issues 
reported for the BHO though.


Ronald King
Security Engineer
Norfolk State University
Marie V. McDemmond Center for Applied Research
Suite 401
700 Park Ave.
Norfolk, Virginia  23504
Phone:  757-823-3918
Fax: 757-823-2128
Email: raking () nsu edu<mailto:raking () nsu edu>
http://security.nsu.edu

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Fetcie, 
Brian
Sent: Thursday, March 31, 2011 1:51 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] web filtering

Hi folks,

I have been tasked to find a web filtering solution for our campus to help deal with web-based malware and P2P.  Anyone 
using a product for this that they can recommend (..or not recommend..)?
Thanks!

----------
Brian Fetcie
Systems Administrator
Information Services
State University of New York at Canton
email: fetcieb () canton edu<mailto:fetcieb () canton edu>
office: 315-386-7994