Print

Print


Here at the Barre SU we have a SonicWall Pro 3060 running the advanced OS and Comprehensive Gateway Security Suite that includes premium content filtering.  With these subscriptions, most of the http proxy servers are blocked. Once in a while, a new one crops up and I submit it to SonicWall for blocking (We block it ourselves also).

Latest problems, however, are related to https proxies (Content filter does not filter https traffic). Sonic folks tell me there is no solutioon yet for our Pro 3060 box (Pro 4060 and above Advanced OS supposedly addresses this).  I created a Firewall Deny access rule (LAN to WAN) for https traffic to a group if IP addresses--when I find a new https proxy, I add it's IP to the group.

Another "new" source is Google-- both the mobile browser access ( http://www.google.com/gwt/n) and all the translator functions act like proxy servers and allow access to banned sites!  Translate any page from Spanish to English, for example, and you bypass filtering.  I have added Content filter "keyword blocking" for phrases like myspace.com and facebook.com and "gwt/n"  which helps, but obviously we cannot catch them all in this manner.

It is truly a game for some of the students.

We try to emphasize 3 things here (that are covered in our AUP):

1. School computers are for school work.

2. Students are supposed to be supervised when using computers.

3. Students are responsible for their actions and will be held accountable.


Diane



2. At 03:38 PM 12/7/2006, John Munson wrote:

Here at Blue Mountain we recently are experiencing a problem with students accessing proxy websites that allow for anonymous web surfing, thus thwarting our content filter. In response we are doing a schoolwide education piece, as well as upping the consequences to students for this particular infraction. We also have added several of the proxy website URLs to the custom blocked list, but don't for a moment think we'd be able to determine/keep up with them all. (btw, we use Sonicwall for content filtering).

Is this the extent of what can be done to address this problem or are there other options that we've missed here at the school?

Thanks for any assistance on this,

John Munson
Technology Coordinator