• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

Web filtering options on wifi network

All

We have a client who has an existing wifi solution already in place and working - they are using Juniper based hardware

There is a WLC200 controller and about 50 AP's covering the school

They want to create a 2nd SSID for the students and then when students access that SSID they need to filter the sites the students can access

My question is related to the hardware we need to implement this - do we need something like these from Juniper -
http://www.networkscreen.com/SRX210.asp

Or can we use any UTM solution to make this work?

Or if I am looking at the wrong hardware what do I need to make this function properly can anyone give their input on?

Note the students will be using iPads only so no laptops or username/passwords required to authenticate at all...which is why the connection to the new SSID is the way they want it to work...

Any help appreciated
0
smckeown777
Asked:
smckeown777
  • 2
  • 2
  • 2
2 Solutions
 
Craig BeckCommented:
Look at OpenDNS... No hardware needed.  Just create an account, set some filters and point students at OpenDNS servers for DNS resolution.
0
 
Joey YungSenior Network EngineerCommented:
I prefer UTM firewall for URL filtering feature. The student is quite smart now a day, DNS based control I worry they can fixed by a week ^^
0
 
smckeown777Author Commented:
Thanks for the answers...

Craig - are you familiar with that controller? Never thought of OpenDNS but can't hurt to give it a try as its free...but my question is related to DHCP - when students connect to the separate SSID how do I hand out an IP with alternate DNS settings...that's where I am slightly lost...is this a function on the controller or how does this bit work?

Joey - so any UTM will do the job? Any recommendations or have you done this before?

Cheers...
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
Joey YungSenior Network EngineerCommented:
Yes, there have a URL filtering feature on the UTM firewall, and you can specified the student VLAN/Subnet with certain filtering control

Cost effective brand: Fortinet
Famous brand: PaloAlto, Checkpoint
0
 
Craig BeckCommented:
You just need to create a new scope on the DHCP server for the guests and specify the OpenDNS servers instead of your internal ones.

The WLC should also be able to specify a DHCP server per WLAN, or interface that attaches to the WLAN.  That means you can point the WLAN to a different DHCP server too if you want.
0
 
smckeown777Author Commented:
Thanks folks...looks like there are other issues on the network(flat network with only a few managed switches) so have to upgrade those first to get vlan's working at all...but thanks for the options...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now