Any ISPs that run a watchdog style safe filter?

Forums › New Zealand Broadband › Any ISPs that run a watchdog style safe filter?

1 | 2

berend

62 posts

Master Geek

#376435 4-Sep-2010 07:29

Ragnor: As mentioned Maxnet and Snap offer filtering via WatchDog.

You should also implement content filtering at the gateway/firewall for the school, Sonicwall have some good stuff.

We already have a transparent proxy as we have a pfSense box connecting us to the internet. OpenDNS might be something, but I believe we definitely need content filtering. We're not dealing with adults here. We're also not dealing with kids who want to explore the boundaries, we just want to avoid people at school stumbling on content/images which would be inappropriate in a school setting.

But the suggestion to use a different ISP and still use Watchdog filtering is a good one. We're currently using Watchdog as our ISP, but have the feeling that they do not have enough qualified technical people to resolve issues.

1080p

1332 posts

Uber Geek
Inactive user

#376459 4-Sep-2010 08:21

I was about to suggest pfSense, I've just setup my own router using it and it is wonderful.

I think an OpenDNS filtering system could not hurt. Their blocklists are huge and encompass a massive portion of the internet because they are such a large organisation.

To become even more strict than that you may need to consider a whitelist only policy as blacklisting is always going to be a cat and mouse game with you being slightly behind the curve.

raytaylor

4014 posts

Uber Geek

Trusted

#376605 4-Sep-2010 15:22

I would have also said something like pfsense. You can disable the dns port from all the workstation computers from connecting to remote dns hosts, and so they must use the dns server built into pfsense, which only forwards queries onto the opendns servers.

Kerio winroute firewall does a very good job with their built in filtering system.
It talks to the kerio people who look at all urls and class them, and you can set up your own filtering system. Does all the stuff pfsense does but will happily run on a windows xp home / pro box. Has an http cache too to speed up browsing and url filtering etc.

I use it for a few of our corporate clients. The built in reporting system is amazing.

Best thing is that you can set up a redirect so that if a student goes to a blocked site, you can redirect them to a blocked page, which using a php script can make a log. Then you can go and analyse students who have heaps of hits in the block log and take appropriate action.

Oh also i think the licensing is based on the amount of people online at a time - so you look at how many workstations you have, not how many students.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

raytaylor

4014 posts

Uber Geek

Trusted

#377981 8-Sep-2010 19:51

At my old school, the IT guy was a git and thought that by only allowing port 80 through the firewall, only web traffic would go through. Untill i changed the RDP port on my pc at home and just remoted into the pc at home to access things.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

dklong

167 posts

Master Geek

#378584 10-Sep-2010 14:50

Berend

I've used a combination of Squid with DansGuardian at home to provide a combination proxy server/content filter for the home network. DansGuardian is a bit of a bugger to get right as it's default config is 'very' strict... but slowly we have got the right balance.

By configuring the router to only allowing external access from the proxy box, you force clients to go through it and therefore have to abide by the rules. By-passing the proxy simply means they can't get out at all.

Obviously not as easy as getting an ISP to do it, but more configurable long term and allows content filtering rather than just DNS blacklists etc. Also supports erstricting file downloads by extensions etc.

Cheers

David

insane

3239 posts

Uber Geek

ID Verified

Trusted

#378704 10-Sep-2010 23:58

Ragnor: As mentioned Maxnet and Snap offer filtering via WatchDog.

You should also implement content filtering at the gateway/firewall for the school, Sonicwall have some good stuff.

Maxnet also offer their own 'netguardian' product which does a similar thing to that of the Watchdog filter, but it is fully separate. The watchdog filter is a two part setup I believe using both the same system that Maxnet use and then another device called whitebox? I believe.

1 | 2