I am the "volunteer IT" contact for a small Christian school. We have had the office PC on the internet (via DSL) for some time, but now we have upgraded the classrooms and labs and want to give them internet access. Obviously, before I do that, I want to put internet filtering in place. Being a small school, we cannot afford the expensive hardware solutions or the yearly memberships for 30 PCs for software. So... is there a way to set up a proxy PC running the filtering software? I have worked with software and hardware for 15 years, but this is new territory for me. I would appreciate as much detail as possible regarding a simple, secure solution for our school including what software and hardware is needed, as well as any references to instructions on how to set it up. Logging and customizing is a must.
Thanks in advance.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
We are actually in Birmingham, Alabama. And yes, a drawing would be excellent if you have the time. you could send it to james@jcaweb.net. If I set up the single PC, could we still use netnanny or something similar to filter with? We prefer a third party solution, as we do not have the resources to maintain block lists and the like. Ability to remotely maintain it would be a tremendous plus.
Well, just took a quick look at the brand of software I have seen alot of business use with my experience and CheckPoint has a software package that will install on either Windows or Unix. These could get rather expensive depending on what your needs are, but might not be bad to take a look at them. You can also take a look at other options and do some comparisons based on price and what they offer. Also, one thing to keep an eye open for is if they vendor offers educational discounts...
I will see what I can come up with.. one thing to remember with going with this route is you would need a decent computer to act as the "firewall" as all traffic would route through them. It would, however, prevent users from changing the settings. One other option to look at is getting ahold of the IEAK from Microsoft (Internet Explorer Administrators Kit) which allows you to customize the Internet Explorer browser and lock down certain settings so curious minds are unable to change settings that you have determined.. See http://www.microsoft.com/w
Other ideas for firewalls to install can be found here -
http://www.dealtime.com/xP
or here -
http://www.pricewatch.com/
I wouldn't recommend buying specifically from these sites, but only listed them as exampled of the various types of firewalls out there. Remember, making sure you have the correct licensing and support is a must! :)
anything 3rd party costs a lot. usually per user. where i work is lucky we get free filtering from our local education authority.
You could have a look at http://www.we-blocker.com/
i havent used it myself yet but it is free. You'd probably have to run it on each workstation. With 30 pcs thats not such a nightmare to setup. the website seems to come and go tho.
the usual methods to provide a proxy is either with linux - cheap but complicated
with microsoft proxy 2 or ISA server - fairly easy but expensive
or some 3rd party proxy.
I've used proxyplus before http://www.proxyplus.cz/
it's been around a few years. for free you can get a 3 user version which is handy to try out. It does a lot this proxy.way more than i ever used. when i was on a 56k modem i much enjoyed the ability to dial-up remotely from another pc on my network.
unlimited users for a school would be a very reasonable imho 70% of $300 (30% discount)
i would think not because programs such as net nanny often have corporate counterparts for proxy filtering. They wouldnt want you using it in that way.
if you look on the netnanny site it says
http://www.net-nanny-softw
"Net Nanny is compatible with proxy servers for networks, but the application must be installed on each individual computer to provide filtering."
the site also gives a list of supported applications which implies netnanny has to be specifically designed to work with those applications and thus doesnt work with any other internet application including proxies.
with a proxy you will need a program specifically designed for that purpose.
OK, so... I can't use NetNanny, but a PROXY seems the way to go. Anyone know of a good, cheap, easy to use, easy to setup product that will proxy and filter? Remember, this is a Christian school with very little resource time available to maintain a "block list" or similar. A product designed specifically for that purpose is what we are looking for.
You may want to consider a hardware solution as opposed to software. You can get a Dlink or Linksys router that will do some very simple filtering. A better solution that is a little more expensive is to use a Sonicwall firewall appliance. The solution is great for filtering traffic as a firewall and you can add there content filtering option. The content filtering can filter all sorts of urls and traffic based on words. Sonicwall maintains the url blocklist and with the subscription will update the list automatically.
Check it out:
Sonic Wall TZ 170
http://www.sonicwall.com/p
The content filtering option is at the bottom of the page.
Good Luck,
Joe
Or just set up the content ratings on each PC through the browser and set a password on changing the settings. Additional software cost? $0. Proxy server cost? $0. Time will be your biggest expediture. However, once you set it up on one PC you might just be able to export that registry key and apply it to the other computers.
I would suggest IPCOP (http://www.ipcop.org) which turns an obsoletePC into a hardware firewall, and there is a third party add-on (http://www.dageek.co.uk/i
"DansGuardian is a web filtering proxy that filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME filtering, file extension filtering, and POST filtering. The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesirable content."
There is a second add-on which auto updates the blacklist for Dans Guardian (http://www.dageek.co.uk/i
The firewall I use at both home and work, and the content filtering I use at home to help protect my children.
Thanks to all for the answers. I split the points because I think bigwave2 had the answer I was looking for, but jpmiglozzi put me on to the sonicfirewall which gives us a plug and play solution (great since I have little time) and it includes VPN and filtering for $850 bucks. Glad to pay it out of my pocket to avoid the setup and administration of a pieced together system.
Business Accounts
Answer for Membership
by: RevelationCSPosted on 2004-07-23 at 08:10:36ID: 11622187
You could build one computer that sits inside the DSL router, but outside your internal switches and have all traffic route through there. I know you can find software for Windows machines, but most people prefer to use linux/unix to set up a "firewall" with this type of environment. Hard to explain the schematic concept without using a visio drawing to show you how the network is set up. Let me know if you want one, and I can see what I can do about putting the drawing up someplace for you to download. Also, mind if I ask which part of the country you are in? Sounds like you are involved in the same kind of project that my alma mater has been in the process of doing for the last few months (wouldn't it be a small world).
I will try to get a list of software that can be used on either a Windows and Unix/Linux environment for use as a firewall/proxy....