Solved

Webfiltering for multiple sites

Posted on 2013-01-09
5
184 Views
Last Modified: 2013-02-06
I have a main head office site that uses several servers to filter web requests. The users are restricted by their AD credentials. A number of groups in the filtering software are created and the AD users are applied to those groups. I have a number of mobile clients they run an application that connects back to the same webfiltering solution except to a seperate server in the DMZ. They get a standard web filtering policy applied, if I want to be specific I have to join the mobile user to the domain so I can apply the policy to their AD username.

I have multiple remote sites that now want to benefit from different policies for webfiltering as oppose to a blanket policy, all of these sites are on their own domain. I thought about creating a VPN and a trust between domains and applying them to the webfiltering policies but I'm thinking there has to be a more efficient way of doing this. I briefly looked at opendns but am unsure if this would work. I am interested to see what other people are using for similar scenarios.
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 27

Expert Comment

by:Steve
ID: 38767202
we need to know what webfiltering software/solution you use to be able to offer any good advice, but are you are basically advising you want multiple sites to share a single webfiltering facility?

If the webfilter is directly accessible by all the sites (an internet based webfilter) it should be fine, but doing it across VPNS to an internal webfilter would be really slow.

OpenDNS can provide some basic filtering but its DNS based and is really easy to bypass.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38767475
Curent solution is websense. Policy gets pushed from head office to the firewall's on each site but again problem is not all sites logon to the head office AD. Some sites have their own AD others are on a peer to peer. I could create a vpn and a trust to the remote sites but I'm exploring all options
0
 
LVL 27

Expert Comment

by:Steve
ID: 38774605
yes, sounds about right.
I'd recommend against trying to get all sites using the central websense due to problems and also due to traffic levels across VPNs.

If its basic control you need you could consider openDNS etc, or a basic webfilter proxy for each site, but you may end up going for a proper hosted filter.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38792182
Open dns is probably too basic. I was hoping to really get detail on what other companies with more than 1000 users and multiple sites are using for this type of thing.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 38804983
The Websense & GFI offerings are well used and regarded,but arent cheap.
0

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question