Solved

Internet misusage

Posted on 2004-08-31
7
407 Views
Last Modified: 2008-03-10
Using Web Spy we monitoring our organizational web usage.  We use BT ISA filter for most content blocking and block all incoming ports except 80, 443 and 25.  The problem is everyday it seems users are able to find new some new chat mechanism.  The latest was phonefox and e-messenger.net.  Chatting is in clear violation of policy.  All users have signed computer user agreements.  Short of sending out termination letters to every employee that violates policy is there another way to win the battle of these port 80 chatters?
0
Comment
Question by:nikkgilbert
7 Comments
 
LVL 44

Expert Comment

by:CrazyOne
ID: 11939949
Port 80 is somewhat univeral. IE needs it. Ummm if you are going to curtail chat useage then use cameras to look each individual person or a key logger.

***Edited Comment-WesLennon - By Request***
0
 
LVL 5

Expert Comment

by:webtrans
ID: 11939993
try this product
should very much help
http://www.akonix.com/products/l7_isa.asp
0
 

Author Comment

by:nikkgilbert
ID: 11940002
Perhaps I should have been a little bit more detailed.  As my organization is a US military base outside the US.  Its a security risk, plain and simple to answer your second comment.
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 
LVL 5

Accepted Solution

by:
webtrans earned 250 total points
ID: 11940022
well best practice would be
1-installing the Content filtering Plugin
2-watching up on the website vistied traffic report on a daily basis and adding as u walk through
other than that i see u have a very limited way of handling it

OR

u can close all sites through the CF plugin to ISA
and ask them to ask u on a one by one basis to open needed websites for there work
:D
that should pretty much do it i guess

0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 11940122
Perhaps I should have been a little bit more detailed.  As my organization is a US military base outside the US.  Its a security risk, plain and simple to answer your second comment.
By saying this you disclosed probably more than your users did.
If you like to restrict any chat thing use a url filter such as websense. Disabled the CONNECT method of your proxy. If you like a very restrictive approach you should create a whitelist which are the only websites that are allowed.
0
 
LVL 4

Expert Comment

by:gemchest
ID: 11940127
Hi nikkgibert,

To be frank it's very hard to curtail port 80 chat problem. Of course, you can do a complete filtering by installing plug-in. However that might (or might not) slow down all the connections considerably and will be using huge resources to do so. As an millitary organisation i suggest you should educate your employees and instill strict discipline on the way they handle the systems. It's a millitary organisation after all and if it requires such strict security clearance (no chatting programs) then I really think the most effective way is to educate your men.


regards,
Luis
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 11940181
for such a question there is no straight forward technical answer.
The only thing you can do is like said before
URL filter or create a whitelist.
Disable Connect method. on your proxy
And this is civilian life we are free to express our opinions sorry m8
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question