Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Free-Wifi - Preventing Illegal Downloads

Posted on 2014-12-18
8
Medium Priority
?
428 Views
1 Endorsement
Last Modified: 2015-04-27
We are required for most of our customers to provide a free-wifi to their customers.  We have Free-Wifi deployed everywhere for some time now.  Every so often we get a notification from the ISP of an illegal movie download.

What does everyone use to secure these Free-Wifi's from the illegal downloading.

Most of the equipment used is Cisco router (1811) and the open-mesh AP.

Anyone that is willing to give some of their products used would be great.  We are looking to implement something to lock this down to just basic web surfing even if it blocks downloading legitimate material.

Sonicwall is a possibility for us to put in as a router.  Any suggestions on that?
1
Comment
Question by:considerscs
8 Comments
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 752 total points
ID: 40507330
The best you can do is block access to the sites the downloads are coming from. If you say in your TOS that users of your wi-fi agree to such filtering, you should be ok legally.

Neither you or the ISP want this to happen, so work with them to find what addresses are being used to download them, and add them to your firewall or proxy to block traffic to those addresses.

And if you need help setting up (or administering) a firewall or proxy, let me know.
0
 
LVL 3

Accepted Solution

by:
vipelite earned 752 total points
ID: 40507614
1. Almost free - Hassle free you can't stop everyone but I bet you 90% of the downloads will stop - What do you use for DNS? on your DHCP server use OpenDNS. Sign up for a free account and test it out. It's great for filtering everything from porn to illegal websites.

2. Expensive route - Not so hassle free you can manage a web-proxy server that you can filter a lot of things like manually like Sean mentioned  above and some appliances offer you to download free definitions with support. Palo-Altos are great for this and you can do much more with bunch of clicks.
0
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 752 total points
ID: 40507632
Actually, managing a proxy doesn't need to be expensive. You could filter this activity easily with a PFSense box. That costs only the price of the machine running it.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 3

Assisted Solution

by:vipelite
vipelite earned 752 total points
ID: 40507640
I never used pfSense how is that? And you're saying it's basically free?
0
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 752 total points
ID: 40507684
Yes, PFSense is opensource. It's quite a robust little firewall project.  Augment it with Snort (and someone who knows how to use both of them), and you've not only secured your little public wifi AP, but you're also protecting yourself from bad users. And all on the cheap.

Of course, if you have the budget, go with the PaloAlto and Juniper devices. If I had it, I'd have a bank of them in my home.
0
 
LVL 3

Assisted Solution

by:vipelite
vipelite earned 752 total points
ID: 40507695
Yeah, Palo-alto/Juniper same engineer behind it and also uses snort but the appliances's usability is far superior for an average Joe.
0
 
LVL 11

Assisted Solution

by:remixedcat
remixedcat earned 248 total points
ID: 40539803
El-cheapo-el solution-o: PF sense and SQUID

Mid Tier: Cisco Meraki MX60W and squid

God tier: Commercial Firewalls from Cisco with custom ACLs
0
 
LVL 1

Assisted Solution

by:skipskip
skipskip earned 248 total points
ID: 40543832
Agree'd Cisco Meraki access points have a inbuilt firewall that will block traffic at the access point layer... very easy to use is well.

Or if you wanted to block/firewall the whole network I would recommend FortiGate products... model depends on how much throughput your talking about.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question