web filter checklist

Does anyone have a best practice security/configuration/management/administration checklist/baseline for auditing the security/configuration/management/administration  of a corporate web filter? Are web filters prtetty easy to manage/admin or quite admin intensive? And how do they update? As I assume theres hundreds of new "bad sites" introduced each week that need adding to restricted sites? Also naive question but what is the difference between a proxy and a web filter? is the web filter just the tool that is installed on the proxy? or can they be 2 seperate systems?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

the easiest way to do filtering is to install a commercial package that will give you full control with relatively easy interfaces:



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pma111Author Commented:
Even that needs configuring and managing though I suspect, thats more what I was after a checklist of controls to implement with a commercial tool
I've been in environments where they tried custom solutions and they are very admin intensive.  With a commercial product, at lot of administrative tasks are automated, so you don't end up dedicating a lot of resources.  Once you have set up the rules, the software does the work and just provides you with information.

pma111Author Commented:
>>Once you have set up the rules

That is partly what I was asking for a benchmark/checklist on, the rules. And the configuration.
The configuration will depend on the tool, and where it applies filtering. Rules and configuration are very location specific. What does the management want to block?  Do they want to apply the same rules to everyone, or set up groups with different group dependent rules?  How do they want to track and report?  Do they want to apply rules at all hours of the day.  Are there specific computers that they want to have special rules?

There are classes of sites that you may want to block and then make exceptions for specific sites within that category.  So the rules really have to come from the top.  During the first few months you will probably find that there is a need for some adjustments, as blocking will sometimes hit a specific site that you want to allow, or there is a site you thought would get block that needs a specific rule.

I think you are asking the questions in the wrong place.  These are management level decisions.  Implementing blocking is not trivial and you need direction on what they want.


It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.