Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Filtering network content based on User Subscription

  • From: Ejay Hire
  • Date: Sun May 09 23:39:31 2004

I'm bumping the tail-end of this thread, but here goes.

we implemet per-user dynamic content filtering using an N2H2 on a squid
box running as a transparent proxy.  When we had tnt's, we used
ASCEND-IP-DIRECT to force filtered users through the n2h2.  We use cisco
As5800's now and have an outbound policy that checks and redirects based
on the Ip address they are assigned  (until I get the final VPDN
solution working.)

-Ejay

-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
Mark Borchers
Sent: Saturday, May 08, 2004 6:42 PM
To: jshen@spymac.com
Cc: nanog@merit.edu
Subject: RE: Filtering network content based on User Subscription



> Your best bet in this case is to place a appropriately sized 
> firewall at
> the customer's site, i.e. Cisco PIX 501 - 515 series or SonicWall's
> equivalent and link it to a WebSense or N2H2 content 
> filtering server at
> your NOC.
[snip]
>                             Scott C. McGrath

Joe,

Cisco's Content Engine can also do the functions that Scott
mentioned, plus gives you the benefit of web caching.  It's 
very feature-rich, and the command line looks a lot like IOS.

You can configure it to FTP your whitelist of URLs, and set
up user-specific or global time restrictions, which address
a couple of your specs.  For the latter, I think you need
the Smart Filter module, which is not part of the basic 
Content Engine distribution.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.