Depending on how much you are planning to spend.
Any limits? Everything possible? Some more info would be great.
Corporate Web Filtering
I know this is a BackTrack Forum but I’d like to get you expert advice on this topic.
The company I work for are looking to introduce a web filtering/reporting system.
One of the main features the system need is the ability to know if the website is in focus and for how long not just that the site was visited x amount of times. This is because the laws in Ireland are very grey to say the lest.
The setup is as follows, all Windows XP systems on an intranet that has two separate dedicated links to two different data-centres, are external Internet gateways are then split out over the data-centres backbone connection.
So what systems do my brethren BoFH’s use in their realms or suggest I look at using?
Depending on how much you are planning to spend.
Any limits? Everything possible? Some more info would be great.
Tiocfaidh ár lá
~250-350 Users with company laptops or desktops.
~10-50 external/contracts/visitors with own laptops that I have not rights on by connecting to my network. { That’s another subject/issue }
Link to the DC’s is via fibre uplinks from our core switch to either DC.
If a client needs to be installed on the users laptops it must only monitor while they are onsite not out of work browsing via there home broadband.
Budget is 0€ to 10K€.
Originally Posted by KMDave
You could look into squid which will be free and opensource so you can add the features you need.
Also if you want a commercial product, you could look into SecureComputing's or now McAffee's Webwasher.
It is acting as a proxy and you should be able to do the required configuration on it too. Just allow traffic in your company via the proxy, if they are not using a proxy they can't get outside access. Automatic proxy configuration allows the users to have a nonmonitored access while they are at home since no proxy will be found there.
Tiocfaidh ár lá
I've used Squid here for a while, just as a test, and it was fairly easy to install and get working. There's a reporting part of it called SARG.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
A proxy won't be able to tell if the user has browser window in focus. Only something running on the PC can do that. The proxy may be able to tell you if a site is being requested multiple times, and from which client PC(s), but I doubt whether a proxy can tell the amount on time spent on a site, since HTTP is stateless, and the content is only downloaded once. You may be able to tell time base on some content (i.e. streaming), but not on things like HTML code or JPEG/GIF downloads.
Thorn
Stop the TSA now! Boycott the airlines.
The only dealings I've had with web filtering has been iPrism. Seemed to work pretty well.
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69
What? Someone using the "i" on a non-Apple product? How dare they! Jobs better alert his lawyers!
Thorn
Stop the TSA now! Boycott the airlines.
squid and snort you can also with apache and PSK ou hand out via GPO get all the crypted traffic etc..
Buy Websense and end your misery... that is all I can say, from all my experience, you will NEVER and I repeat NEVER get anything better for your purposes, unless you're willing to spend years on adding features, configuring, reconfiguring, and messing with squid.
Posting Permissions