RE: Filtering network content based on User Subscription
I'm bumping the tail-end of this thread, but here goes. we implemet per-user dynamic content filtering using an N2H2 on a squid box running as a transparent proxy. When we had tnt's, we used ASCEND-IP-DIRECT to force filtered users through the n2h2. We use cisco As5800's now and have an outbound policy that checks and redirects based on the Ip address they are assigned (until I get the final VPDN solution working.) -Ejay -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mark Borchers Sent: Saturday, May 08, 2004 6:42 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Filtering network content based on User Subscription Your best bet in this case is to place a appropriately sized firewall at the customer's site, i.e. Cisco PIX 501 - 515 series or SonicWall's equivalent and link it to a WebSense or N2H2 content filtering server at your NOC. [snip] Scott C. McGrath Joe, Cisco's Content Engine can also do the functions that Scott mentioned, plus gives you the benefit of web caching. It's very feature-rich, and the command line looks a lot like IOS. You can configure it to FTP your whitelist of URLs, and set up user-specific or global time restrictions, which address a couple of your specs. For the latter, I think you need the Smart Filter module, which is not part of the basic Content Engine distribution.
Filtering network content based on User Subscription
Hi, To guarantee their staff/chirldren are not affected by 'dirty' content, some of our customers want to filter web content. To avoid the cost of software maintenance, they want us to provide content filtering service based on subscription. Also, customers want to be abel to administrate filtering rules by themselves. At current stage, we planned to set up content filtering by following criterion: 1. By white list, web site not listed in a white list will be blocked 2. By black list, web site listed in a black list will be blocked 3. By time period, in a predefined time period ( as. 8:00 am -- 5:00 pm ) some of web sites are not accessible I have no experience with service like this, and I don't know how to set up such service while mainteining the scability & network performance. Is there anybody would do me a favor to tell me which company provides such products? and what's the working mechanism behind? Each word will be high appreciated. Regards Joe Shen Msg sent via Spymac Mail - http://www.spymac.com
Re: Filtering network content based on User Subscription
Joe, Your best bet in this case is to place a appropriately sized firewall at the customer's site, i.e. Cisco PIX 501 - 515 series or SonicWall's equivalent and link it to a WebSense or N2H2 content filtering server at your NOC. the short version of how this works us The firewall sends the URL your customer is requesting to the filter server and the filter server tells the firewall whether to grant or deny access to the URL. Both products can be configured to fail hard or soft i.e. if the content server is down the firewall will either block all URL's or grant all URL's. Both products do what you want them to do right out of the box and can be tuned easily by your staff or the customer. Scott C. McGrath
RE: Filtering network content based on User Subscription
Your best bet in this case is to place a appropriately sized firewall at the customer's site, i.e. Cisco PIX 501 - 515 series or SonicWall's equivalent and link it to a WebSense or N2H2 content filtering server at your NOC. [snip] Scott C. McGrath Joe, Cisco's Content Engine can also do the functions that Scott mentioned, plus gives you the benefit of web caching. It's very feature-rich, and the command line looks a lot like IOS. You can configure it to FTP your whitelist of URLs, and set up user-specific or global time restrictions, which address a couple of your specs. For the latter, I think you need the Smart Filter module, which is not part of the basic Content Engine distribution.