Solved

Free-Wifi - Preventing Illegal Downloads

Posted on 2014-12-18
8
312 Views
1 Endorsement
Last Modified: 2015-04-27
We are required for most of our customers to provide a free-wifi to their customers.  We have Free-Wifi deployed everywhere for some time now.  Every so often we get a notification from the ISP of an illegal movie download.

What does everyone use to secure these Free-Wifi's from the illegal downloading.

Most of the equipment used is Cisco router (1811) and the open-mesh AP.

Anyone that is willing to give some of their products used would be great.  We are looking to implement something to lock this down to just basic web surfing even if it blocks downloading legitimate material.

Sonicwall is a possibility for us to put in as a router.  Any suggestions on that?
1
Comment
Question by:considerscs
8 Comments
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 188 total points
ID: 40507330
The best you can do is block access to the sites the downloads are coming from. If you say in your TOS that users of your wi-fi agree to such filtering, you should be ok legally.

Neither you or the ISP want this to happen, so work with them to find what addresses are being used to download them, and add them to your firewall or proxy to block traffic to those addresses.

And if you need help setting up (or administering) a firewall or proxy, let me know.
0
 
LVL 3

Accepted Solution

by:
vipelite earned 188 total points
ID: 40507614
1. Almost free - Hassle free you can't stop everyone but I bet you 90% of the downloads will stop - What do you use for DNS? on your DHCP server use OpenDNS. Sign up for a free account and test it out. It's great for filtering everything from porn to illegal websites.

2. Expensive route - Not so hassle free you can manage a web-proxy server that you can filter a lot of things like manually like Sean mentioned  above and some appliances offer you to download free definitions with support. Palo-Altos are great for this and you can do much more with bunch of clicks.
0
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 188 total points
ID: 40507632
Actually, managing a proxy doesn't need to be expensive. You could filter this activity easily with a PFSense box. That costs only the price of the machine running it.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 3

Assisted Solution

by:vipelite
vipelite earned 188 total points
ID: 40507640
I never used pfSense how is that? And you're saying it's basically free?
0
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 188 total points
ID: 40507684
Yes, PFSense is opensource. It's quite a robust little firewall project.  Augment it with Snort (and someone who knows how to use both of them), and you've not only secured your little public wifi AP, but you're also protecting yourself from bad users. And all on the cheap.

Of course, if you have the budget, go with the PaloAlto and Juniper devices. If I had it, I'd have a bank of them in my home.
0
 
LVL 3

Assisted Solution

by:vipelite
vipelite earned 188 total points
ID: 40507695
Yeah, Palo-alto/Juniper same engineer behind it and also uses snort but the appliances's usability is far superior for an average Joe.
0
 
LVL 11

Assisted Solution

by:remixedcat
remixedcat earned 62 total points
ID: 40539803
El-cheapo-el solution-o: PF sense and SQUID

Mid Tier: Cisco Meraki MX60W and squid

God tier: Commercial Firewalls from Cisco with custom ACLs
0
 
LVL 1

Assisted Solution

by:skipskip
skipskip earned 62 total points
ID: 40543832
Agree'd Cisco Meraki access points have a inbuilt firewall that will block traffic at the access point layer... very easy to use is well.

Or if you wanted to block/firewall the whole network I would recommend FortiGate products... model depends on how much throughput your talking about.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Access point 6 90
Stuck in INIT/DROTHER 2 28
Cisco 5508 controller parsing error 4 68
Boosting Power of a Cisco Access Point 8 28
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question