#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11

    Advice needed for the following senario


    Hi guys,

    I was given the following task by my boss and needed some advise on how I can get it done.

    Basically, my company wishes to control the Internet access for the staffs. The staffs will only be allowed to access web content on any server that is outside of the organisation using ports (80) and SSL (443). Access to all web servers is fine internally. All transaction has to be logged on the proxy and associated with a user. To achieve this, my company will need to commision a HTTP/HTTPS proxy. My company also uses the Active Directory for authentication purposes.

    I am given a Linux machine to work with. What software solutions can I use to satisfy this requirement? Is there any need for a policy? What other technical changes will I need to make to the client systems, server or the network to enforce this?

    Thanks in advance
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11
    Anyone?
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2007
    Posts
    4
    Rep Power
    0
    hi if i where you i would use a bloxx unit they have great solutions with fantastic reporting on users and much more as well as limiting internet access
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11

    Talking


    Originally Posted by Acid_C4
    hi if i where you i would use a bloxx unit they have great solutions with fantastic reporting on users and much more as well as limiting internet access
    Er...pardon me for my ignorance but what's a bloxx unit?
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11
    Originally Posted by Silvertype
    Er...pardon me for my ignorance but what's a bloxx unit?
    Ok, now i know what a bloxx unit is. For the benefit of those who don't, click on the link below to find out:

    http://www.bloxx.com/solutions.php

    Anyone still have any suggestions on how how I should approach this problem?
  10. #6
  11. manwich
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2003
    Location
    Canadanistan
    Posts
    578
    Rep Power
    384
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Sep 2003
    Location
    Oregon
    Posts
    2,157
    Rep Power
    933
    Company should be purchasing a hardware firewall with content filtering and reporting. Sonicwall is a product I use.

    Fact they are giving you a Linux box with no information on what or how to setup it up mystifies me as to their intentions.

    Squid is the product my Linux brother uses for internet control on a Linux box. Iptables won't do it for you.

    http://www.skullbox.net/squid.php
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11
    Originally Posted by wanderer2
    Company should be purchasing a hardware firewall with content filtering and reporting. Sonicwall is a product I use.

    Fact they are giving you a Linux box with no information on what or how to setup it up mystifies me as to their intentions.

    Squid is the product my Linux brother uses for internet control on a Linux box. Iptables won't do it for you.

    http://www.skullbox.net/squid.php
    Hi wanderer2,

    Thanks for the advice. Think the Linux box could be given to me to be setup as the proxy server. Anyway, for Squid, do I just install it on my Linux box itself, or do I install it for every machines including the client machines and server?

    And also, I realised the Squid also supports content filtering and reporting too. So, for this case, should i use the filtering and reporting functions of the firewall or those provided by squid instead?

    Sorry for the novice question. I'm new to these stuffs.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Sep 2003
    Location
    Oregon
    Posts
    2,157
    Rep Power
    933
    You have a firewall with content filtering and reporting????

    A proxy isn't on the workstation. Wkst just points to it, which in this case is your linux server.

    Might post your question about linux and squid in the linux forum. What I know of linux would rattle around in a walnut shell.
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    45
    Rep Power
    11
    Originally Posted by wanderer2
    You have a firewall with content filtering and reporting????

    A proxy isn't on the workstation. Wkst just points to it, which in this case is your linux server.

    Might post your question about linux and squid in the linux forum. What I know of linux would rattle around in a walnut shell.
    No, I don't but I might be requesting for one if that is necessary. However, from what I know, squid can also do content filtering and reporting, which is why I need to know whether if an additional firewall is necessary in this case.

IMN logo majestic logo threadwatch logo seochat tools logo