Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Corporate Web Filtering

  1. #1
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default Corporate Web Filtering

    I know this is a BackTrack Forum but I’d like to get you expert advice on this topic.

    The company I work for are looking to introduce a web filtering/reporting system.

    One of the main features the system need is the ability to know if the website is in focus and for how long not just that the site was visited x amount of times. This is because the laws in Ireland are very grey to say the lest.

    The setup is as follows, all Windows XP systems on an intranet that has two separate dedicated links to two different data-centres, are external Internet gateways are then split out over the data-centres backbone connection.
    So what systems do my brethren BoFH’s use in their realms or suggest I look at using?

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Depending on how much you are planning to spend.

    Any limits? Everything possible? Some more info would be great.
    Tiocfaidh ár lá

  3. #3
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    ~250-350 Users with company laptops or desktops.

    ~10-50 external/contracts/visitors with own laptops that I have not rights on by connecting to my network. { That’s another subject/issue }

    Link to the DC’s is via fibre uplinks from our core switch to either DC.

    If a client needs to be installed on the users laptops it must only monitor while they are onsite not out of work browsing via there home broadband.

    Budget is 0€ to 10K€.


    Quote Originally Posted by KMDave View Post
    Depending on how much you are planning to spend.

    Any limits? Everything possible? Some more info would be great.

  4. #4
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    You could look into squid which will be free and opensource so you can add the features you need.

    Also if you want a commercial product, you could look into SecureComputing's or now McAffee's Webwasher.
    It is acting as a proxy and you should be able to do the required configuration on it too. Just allow traffic in your company via the proxy, if they are not using a proxy they can't get outside access. Automatic proxy configuration allows the users to have a nonmonitored access while they are at home since no proxy will be found there.
    Tiocfaidh ár lá

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    I've used Squid here for a while, just as a test, and it was fairly easy to install and get working. There's a reporting part of it called SARG.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by BOFH139 View Post
    ...
    .
    One of the main features the system need is the ability to know if the website is in focus and for how long not just that the site was visited x amount of times. ...
    A proxy won't be able to tell if the user has browser window in focus. Only something running on the PC can do that. The proxy may be able to tell you if a site is being requested multiple times, and from which client PC(s), but I doubt whether a proxy can tell the amount on time spent on a site, since HTTP is stateless, and the content is only downloaded once. You may be able to tell time base on some content (i.e. streaming), but not on things like HTML code or JPEG/GIF downloads.
    Thorn
    Stop the TSA now! Boycott the airlines.

  7. #7
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    The only dealings I've had with web filtering has been iPrism. Seemed to work pretty well.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  8. #8
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by Barry View Post
    The only dealings I've had with web filtering has been iPrism. Seemed to work pretty well.
    What? Someone using the "i" on a non-Apple product? How dare they! Jobs better alert his lawyers!
    Thorn
    Stop the TSA now! Boycott the airlines.

  9. #9
    Good friend of the forums
    Join Date
    Feb 2010
    Posts
    328

    Default

    squid and snort you can also with apache and PSK ou hand out via GPO get all the crypted traffic etc..

  10. #10
    Good friend of the forums
    Join Date
    Feb 2009
    Posts
    356

    Default

    Buy Websense and end your misery... that is all I can say, from all my experience, you will NEVER and I repeat NEVER get anything better for your purposes, unless you're willing to spend years on adding features, configuring, reconfiguring, and messing with squid.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •