school network security software
September 29, 2006 4:06 PM Subscribe
The alumni association wants to buy me some network security software for the students to block "non educational sites," prevent them from downloading related software, and can revert back to a specified login setup. Looking for suggestions inside.
We already have WatchGuard FireWall and Sophos anti-virus on the server and distributed to every client computer along with fairly restrictive student settings. However, they're looking to get an all-in-one suite that can do the following:
- Block access to user-specified sites (games.yahoo.com, games.com, etc. Being able to specify hours would be nice to automatically allow game playing after school hours)
- Includes some kind of functionality like NetNanny which keeps & blocks a 3rd-party specified list of "naughty" sites.
- Allows a reversion back to specified system settings after reboot...For instance, if they manage to download weather bug, then weather bug isn't there the next time Windows loads up (Really the only piece I'm very interested in as the lone IT guy here).
- Can block certain functions of windows to alter system or network settings. Outside of IE, basically allow users to use MS Office and education-related programs and save docs to a network folder while preventing saving certain kind of files and exploring elsewhere on the Network. I already have this type of security set up through group policies, but they'd like to see something that the average user can understand how you change group settings.
In a nutshell, a piece of software I can manage settings from the server and distribute them to individual workstations. Also, on my end, the ability to have separate groups set up is a must. If I'm going to go along with their wishes, might as well get everything I want.
The learning curve isn't a very important factor to me. More than willing to invest time if to learn the software if it appeases others.
I know other schools and networks use software with some of the above specifications and are looking for suggestions from personal experience as an IT administrator. And before anyone gets on me, I know Windows can do a lot of the above without 3rd party software and have set a lot of it up as such. Let's just ignore that for now.
I run Windows XP pro on the workstations and 2k3 server.
We already have WatchGuard FireWall and Sophos anti-virus on the server and distributed to every client computer along with fairly restrictive student settings. However, they're looking to get an all-in-one suite that can do the following:
- Block access to user-specified sites (games.yahoo.com, games.com, etc. Being able to specify hours would be nice to automatically allow game playing after school hours)
- Includes some kind of functionality like NetNanny which keeps & blocks a 3rd-party specified list of "naughty" sites.
- Allows a reversion back to specified system settings after reboot...For instance, if they manage to download weather bug, then weather bug isn't there the next time Windows loads up (Really the only piece I'm very interested in as the lone IT guy here).
- Can block certain functions of windows to alter system or network settings. Outside of IE, basically allow users to use MS Office and education-related programs and save docs to a network folder while preventing saving certain kind of files and exploring elsewhere on the Network. I already have this type of security set up through group policies, but they'd like to see something that the average user can understand how you change group settings.
In a nutshell, a piece of software I can manage settings from the server and distribute them to individual workstations. Also, on my end, the ability to have separate groups set up is a must. If I'm going to go along with their wishes, might as well get everything I want.
The learning curve isn't a very important factor to me. More than willing to invest time if to learn the software if it appeases others.
I know other schools and networks use software with some of the above specifications and are looking for suggestions from personal experience as an IT administrator. And before anyone gets on me, I know Windows can do a lot of the above without 3rd party software and have set a lot of it up as such. Let's just ignore that for now.
I run Windows XP pro on the workstations and 2k3 server.
NetNanny doesn't work all that well, and kids are smart enough to proxy around it or any other kind of filtering anyways.
I get from your question that you're trying to make alumni happy, so good luck with that.
posted by Mr. Gunn at 8:05 PM on September 29, 2006
I get from your question that you're trying to make alumni happy, so good luck with that.
posted by Mr. Gunn at 8:05 PM on September 29, 2006
Response by poster: I get from your question that you're trying to make alumni happy, so good luck with that.
Basicallyyyyyyyyy, yea. I can set up security on my own well enough- it's the different components being in 18 different places that scares them. They want to see everything all in one program.
posted by jmd82 at 8:26 PM on September 29, 2006
Basicallyyyyyyyyy, yea. I can set up security on my own well enough- it's the different components being in 18 different places that scares them. They want to see everything all in one program.
posted by jmd82 at 8:26 PM on September 29, 2006
Best answer: I wouldn't think there are any products that would do everything you want in a single desktop suite.
Websense is by far the best filtering software (but very expensive) and your kids will not get around it if it's configured properly. The only way around it is with a proxy and no filtering software can completely stop that.
DeepFreeze will do everything else you want. It "freezes" the desktop and resets it after every reboot. Kids can delete system files, change backgrounds, install programs, whatever and it will all be gone at next boot.
posted by bda1972 at 11:04 PM on September 29, 2006
Websense is by far the best filtering software (but very expensive) and your kids will not get around it if it's configured properly. The only way around it is with a proxy and no filtering software can completely stop that.
DeepFreeze will do everything else you want. It "freezes" the desktop and resets it after every reboot. Kids can delete system files, change backgrounds, install programs, whatever and it will all be gone at next boot.
posted by bda1972 at 11:04 PM on September 29, 2006
Best answer: websense is indeed diffiicult to get around.
we use inty exoserver for the filtering. ties in with your windows login, then you stipulate what type of access that user has.
so you can define little groups so certain users have more rights to view sites than others.
posted by moochoo at 9:13 AM on September 30, 2006
we use inty exoserver for the filtering. ties in with your windows login, then you stipulate what type of access that user has.
so you can define little groups so certain users have more rights to view sites than others.
posted by moochoo at 9:13 AM on September 30, 2006
This thread is closed to new comments.
Why not boot the machines off Live CD's. Cost = $0.
posted by SirStan at 6:47 PM on September 29, 2006