The best web filter

I am administering a network at a school.  The kids seem to think it is funny to hit and print hard core porn.  The administration is freaking out.  Does anyone have any good experience with some rock solid, lean web filters?  Thanks.
fletchmanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

luv2smileCommented:
I would invest in a good hardware firewall!
0
fletchmanAuthor Commented:
I have one of those.  I need something to that can get an updated filter to keep out the hardcore sites, whether it is violence or porn.
0
_anom_Commented:
I'd suggest n2h2's bess filter, it works very well.  It has several predefined categories of sites set up and monitored by n2n2 that you can choose whether or not to block.  It also fits in with a variety of devices (cisco routers, pix firewalls, isa server, sonicwall, and the list goes on).

Cheers
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

debuggerauCommented:
Hi fletchman,

I would suggest installing a websense filter, you can protect more than just sites, it helps with spyware, Malicious Mobile Code, Peer-to-Peer File Sharing, Instant Messaging, Streaming Media and Student Hacking. A lot of people are opting to avoid the web filters as none are 100% effective and they are opting to use Student education and Supervision. I personally like the carrot and stick approach....

Good luck.

0
Ferg_y2kCommented:
LOL, had the same problem a while back.

Now you can do it 2 ways, both will involve investing a little bit of cash though.

Firstly you will need to get a spear PC less then 1Ghz's, 256mb ram will be fine, put 2 ethernet cards in it.

Download smoothwall http://www.smoothwall.org/

This program is one amazing firewall, during installation you will need to configure the firewall to use the gateway which the school has been given.
Once install you can add on diffrent modules to filter and ban sites words porn etc few more thing, these work well but not perfectly.
For that solution they request you by there pro version which will set u back about £600 for 40pc.

Major benifits of this kind of firewall all web and files surfed are logs with graphical stats and you can limits usage on port plus so much more.

Highly recommended.

Another open is if you are in the uk you can contact RM (Research Machines) and they offer a remote filtering process which they manage and maintain. kinda expensive though, we found it was best to just use smoothwall and monitor usage ban sites when we need to.


Hope this has been of some help

David
0
syn_ack_finCommented:
The three best filters I have had experience with:
SurfControl - www.surfcontrol.com
Websense - www.websense.com
N2H2 - www.n2h2.com

For a school, I'd go with anom's advice and look at N2H2. Their pricing for education is usually incredibly lower than the competition and they work with many firewalls.

I'd first look at a content filter that works directly with my firewall. If the firewall you have does not integrate with any of the above, then SurfControl may be the way to go. They have a pass-by mode that allows you to place it on a hub between your firewall and trusted side and it will still monitor and block. Essentially, when it sees a request it doesn;t like go out, it sends a connection RST packet to the server and a redirect to the cleint. Works well.

Good Luck
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
maotxCommented:
A simple 1ghz box with decent ram and a good harddrive would be perfect for your filtering needs.
Place it between the gateway and your LAN with the following configuration:
--Debian     (or your favorite distro)                http://www.debian.org
--Squid set to transparent mode                     http://www.squid-cache.org/
--squidGuard                                                 http://www.squidguard.org/

Once that box is setup, your good to go.
No configuration required on client machines.

Well supported, documented, and easy support forums as well as mailing lists if you have any questions/issues.
0
calebgarrettCommented:
Very simple setup and administration and great results....

http://www.youngzsoft.net/ccproxy/

0
maotxCommented:
from ccproxy's site, "Open proxy server graphic guide page and set up the IE browsers at clients."

That is a lot of setting up to do in a school environment.  Although it is possible to create a custom script that would directly edit the registry to do it.  Push that down, given its all domain.  But then students can still change the proxy setting in IE, or just use a different web browser.  Which of course, both can be avoided with proper lockdowns.

I still recommend Squid.  No client configuration. Most of the time, easy setup.  And any problems you have you can easily ask for help.
> 100,000 lines of url/key word filteration with squidguard.
0
Ron MalmsteadInformation Services ManagerCommented:
enable content ratings on internet explorer...(no cost)

you could also get ISA server 2003 (you can manage blocklists, content ratings, and user access / or subscribe to a service that does it for you)

or you could use an aol browser and setup the usernames as child accounts.

there are alot of software companies that provide lockdown software for school computers....google it.
0
caball88Commented:
i would go with the ISA server route and block the content at the gateway rather than at the client machine. we use websense here and it uses a policy based blocking which you can customize and configure. it has worked pretty well and also blocks other things like peer-peer file sharing which can be annoying if those kids are trying to download music, movies and software.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.