1. Home
  2. Networking Firewalls
  3. School Access Help

School Access Help

Hi guys.

I'm looking for a firewall/content filter/logging device for the school netowrk I've just taken over.

I need

Port Filtering Good quality Content filter with the rules that I can change and override if required. Schedules Logs with Windows Usernames on and sites visited. No VPN required but I would like one which has the ability to go on a different line of the first one drops. We've a ADSL line and a ISDN line available.

The problem is we are tied to our ISP for another 9 months where we use there proxy to get on the internet. Its a service where they have

2 proxies, one unfiltered and one with a white list for the kiddies. Now I've tried ISA as I used it before and it would only cost us £50 due to our schools agreement but it doesn't like the upstream proxy settings and always requires a username and password. I was looking at ISA with maybe websense (ha at the price) or some other software webpage filtering.

I've hardly used Linux and Smoothwall licensing for filtering takes it up to a grand at least.

Does Sonicwall or Firebox fit my bill.

I'm a little concerned that I can't try them before I buy as I don't want to waste money if there's going to be issue with our upstream proxy settings.

Can I leave the upstream proxy settings in IE and just change the default gateway.?? Will that work.??

Sorry for typing so much. I've been reading stuff and downloading demo's all week.

On SonicWall. Enhanced OS and Tech Support a must.???

I'd appreciate any help you guys can offer.

Simon

PS. We have little kiddies in school who use the white listed proxy so if I have to get rid of that one the new firewall needs to be sh!thot.

Reply to
Simcfc73
Loading thread data ...

For your requirements, SonicWALL with Enhanced OS will meet all of your requirements.

The SonicWALL has the ability to do Load Balancing on multiple WAN interfaces, and so you can either still use the proxies or bypass them using the one gateway. There are two options going with SonicWALL, one is a cloud based content filter and an appliance that does on box content filtering with the ability to use LDAP for authentication, reporting, etc. Now, depending on whether or not you have a Citrix/Terminal Server, you may or may not need ISA. Stay away from it if you can, but to accurately get content filtering for a Citrix/Terminal Server, using anyone's content management system, you would have to use ISA. And the cool part about SonicWALL is that you can enforce the use of a proxy at the firewall without touching the desktop by vectoring all requests to the proxy server within the firewall, which means that no squid proxies at people's homes can be used to bypass filters and such.

The tech support, or maintenance contract, covers more than just tech support, it's firmware upgrades and hardware replacement as well, and so yes, you should budget for that.

As for as logging, look at Servoyant Security Analytics, available from the guys at Illumen :

formatting link
I've seen it and it works great. As I understand it, they were working hand in hand with SonicWALL to get accurate reporting accomplished, even more so than the what the SonicWALL Viewpoint product can provide. Good luck with that project.

Reply to
Munpe Q

Thanks for that.

Its a little daunting that I can't test the thing before I buy. Maybe a nice local company will loan me one.

I'm looking at aroung £3500 with the advanced content filtering package and enhanced OS with a 2040.

Sounds like its perfect for us.

Keyword filtering available with the content filter subscription too.?? I'd also like to do a group that can just have a white list. Is this available too. Also can access be assigned to NT groups.??

Thanks

Reply to
simcfc73

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.