Interesting. Might actually be something to look into, although I’d prefer an “appliance” so I don’t have to buy a server (we don’t have any Win2K8 servers…only 2003 R2)
John-AldrichTile-Tools From: Chad Leeper [mailto:c...@capitalcityfruit.com] Sent: Tuesday, May 04, 2010 3:15 PM To: NT System Admin Issues Subject: RE: Internet Policies We use web marshal. http://www.8e6security.com/webmarshal.asp Works pretty well and is pretty cheap. You can add antivirus and anit spyware scanning modules as well. There is also a fairly robust reporting engine for it. I had it enabled for 60 users and it was running on Windows Xp. I have since moved it to a Win2003 VM. /Chad Ahh… We don’t have an ISA server. I suppose I could enable logging on the ASA and check those logs and do similar things…Hmm… something to think about. John-AldrichTile-Tools From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Tuesday, May 04, 2010 2:44 PM To: NT System Admin Issues Subject: Re: Internet Policies I used a "fake DNS" entry for twitter.com <http://twitter.com/> and the others that I found in the ISA log. I made a new forward lookup zone for each one in our Active Dir integrated DNS system. I know it wont block sub-domains but it made the point. It has since been removed. I can use Trend micro officescan if we want to actively block though. Devin On Tue, May 4, 2010 at 1:22 PM, John Aldrich <jaldr...@blueridgecarpet.com> wrote: I was aware of that, but I was wondering what Devin’s company used. J Personally, I’d go for either DNS (if there was a blackhole or something easily implemented like that) or web filtering appliance. John-AldrichTile-Tools From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Tuesday, May 04, 2010 2:20 PM To: NT System Admin Issues Subject: Re: Internet Policies They can be blocked via DNS, via Firewalls, via Web Filtering technologies. -ASB: http://XeeSM.com/AndrewBaker On Tue, May 4, 2010 at 2:11 PM, John Aldrich <jaldr...@blueridgecarpet.com> wrote: How did you block them? Do you have an appliance or did you put in some sort of DNS entries? John-AldrichTile-Tools From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Tuesday, May 04, 2010 1:21 PM To: NT System Admin Issues Subject: Re: Internet Policies Up until last month we blocked all the social networking sites. Now our firm is marketing on them. We are adjusting our policies for this. It will be on a user-by-user basis though. Devin On Tue, May 4, 2010 at 11:38 AM, John Aldrich <jaldr...@blueridgecarpet.com> wrote: What restrictions, if any, do your organizations place on things like IM or social networking sites? I sent out a warning to the office personnel this morning regarding the new “IM Virus” and got an email back from the CEO basically stating “shouldn’t that be a violation of company policy anyway?” and I had to tell him, I knew of no policies regarding that; and that in fact, my former supervisor was fully aware of at least one person (who’s child is overseas in the military) who used IM on a semi-regular basis. For this reason, I’m working on coming up with a company policy. I’ve looked at the sample template from SANS as well as another one that someone sent me off-list. I’m planning on incorporating the best of everything I get, so if anyone has any suggested language regarding IM or social networking, please let me have it. J John-AldrichTile-Tools Think green. Please consider the environment before printing ************************************************************ CONFIDENTIALITY NOTE: The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Thank you. ************************************************************* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image001.jpg>>
<<image002.jpg>>