Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What method do You use?

Status
Not open for further replies.
dkamp

dkamp

Technical User
May 21, 2004
33
US
We need to limit which users are allowed to surf the web and also track where they go.
We currently have an ASA5510 Firewall then a Microsoft ISA2004 server for Proxy and authentication by using Active Directory Groups.

1. What are you using?
2. Do you require users to be authenticated to surf?
3. Do you track their history?
4. What do you use to do this?
5. Do you feel this works well for you?

Please take the time and offer your comments....
Thank You!
 
Sort by date Sort by votes
Just started using a PIX 506 that interfaces to Websense Enterprise, also integrated w/ AD. So far we're very pleased, reporting is good, filtering is very comprehensive.
 
Upvote 0 Downvote
I have been using a pair of PIX 515e’s for the same purpose. Authentication and logging are a must if you use URL filtering or blocking. It's amazing how quickly people will find a way around any efforts to block their favourite web site! Misuse of the web can lead to disciplinary action in most companies and quite often management will request ‘evidence’ of any internet misuse before they tackle staff about online habits, hence the need to ensure each user authenticates using a unique password to the individual and logs of there surfing stored and archived. This works well for us and staff are made to sign SYOP's on a regular basis, agreeing that they fully understand and will comply with the companies internet access policy.
 
Upvote 0 Downvote
jpm121 I was not aware that Websense integrated to AD. I will look into this.
Rob057, Are you integrating with AD for authentication?
 
Upvote 0 Downvote
Authentication for the internet is not done via Active Directory but via a dedicated admission control server
 
Upvote 0 Downvote
What is your goal?

A Block traffic
B count/log
C increase availability

Websense is not cheap, requires quite a bit of space for logging...not to mention application and windows maintence.

If you want to block traffic, Websense works, if you want B and C, use syslog to record url's and get another T1.

Of course, use expands to space alloted. Eventually the next t1 will fill.

I've seen each of these two scenarios.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
153
BIS
BIS
hairyprogrammer1
  • Locked
  • Question
What is my Speed...?
Replies
1
Views
75
iggsterman
iggsterman
darthvader167
  • Locked
  • Question
"Wait while I transfer your call"
Replies
0
Views
95
darthvader167
darthvader167
CDIV
  • Locked
  • Question
Use uplink port as access port 2960 1
Replies
9
Views
290
CDIV
CDIV
XLNTech1
  • Locked
  • Question
Cisco Nexus 9k new admin user
Replies
0
Views
290
XLNTech1
XLNTech1

Part and Inventory Search

Sponsor

Back
Top