RE: Internet usage and monitoring

["Petter Bruland" <pbruland () fcglv com>]

We use WebSense here and it's AWESOME!!! :-)

At my last job, I setup a squid proxy and since we used Cisco, almost
all network traffic was routed through the squid box.. I guess it's
called transparent proxy setup? Anyway, that worked great, as there are
so many squid log analyzers out there. I used Calamaris as well as
webalizer to get an overview of what's going on, and that worked great.

Another cool thing you can do with Squid (and probably other proxy
servers too) is to create a block list, as well as control how much
bandwidth/speed you'll allow to certain sites. Like I wasn't allowed to
block anything, but I did throttle MySpace, Friendster etc down to 10
Kbit/sec speed, and that quickly deters users from using such sites :-)

Anyway, if you got some chi-ching $$$, I'd highly recommend WebSense.
Very neat logging, and very good control over the end users. Here we
have set it up so that certain users only have an hour of free surf time
per day, when accessing non-work related stuff such as shopping and
news. It also blocks spyware/malware really well.

-Petter 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of gjgowey () tmo blackberry net
Sent: Thursday, September 27, 2007 10:24 AM
To: Bhardwaj, Akash; listbounce () securityfocus com; p1g; Jon Petre
Cc: security-basics () lists securityfocus com
Subject: Re: Internet usage and monitoring

Speaking of Websense I know the larger pix's tie in with it, but I
wonder if the 501 does too.  If so then you've found your solution:
Websense plus a PIX 501 fw (you can get these cheap on ebay).

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: "Bhardwaj, Akash" <Akash.Bhardwaj () safenet-inc com>

Date: Thu, 27 Sep 2007 22:08:12
To:"p1g" <killfactory () gmail com>,"Jon Petre" <jono-31 () hotmail co uk>
Cc:<security-basics () lists securityfocus com>
Subject: RE: Internet usage and monitoring


I would always prefer Websense, it is the most simple, powerful device
to use.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of p1g
Sent: Thursday, September 27, 2007 8:43 PM
To: Jon Petre
Cc: security-basics () lists securityfocus com
Subject: Re: Internet usage and monitoring

For that small of a network, look at Cymphonix. It does traffic
analysis via NetFlow.
It also deos content management.

So, you can use it to block the traffic or simply report on it.

Top talkers, top applications, etc....

This is an appliance based solution. Not expensive.

Surf Control on Windows
i-prism is a squid based appliance(blackbox.easy to manage)

On 9/27/07, Jon Petre <jono-31 () hotmail co uk> wrote:
> Hello List,
>
> I am looking for an idea/program to monitor users internet usage. Due
to the
> nature of the customer who requires the monitoring carried out, this
program
> must be able to run on a windows box and needs to be very reasonably
priced
> (I have no control over budget unfortunately). I am aware of programs
such
> as ISA server (too expensive) and squid (*nix based). Any other
sugesstions
> would be great.Customers network is round a bout 20 workstations that
need
> to be monitored, so pretty small in reality.
>
> Looking forward to all your help.
>
> TIA
>
> Jono
>
> _________________________________________________________________
> Can you see your house from the sky? Try Live Search Maps
> http://maps.live.com


-- 
-p1g
SnortCP
  ,,__
o"     )~  oink oink
   ' ' ' '

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________