[K12OSN] differentiated internet filtering by grade level question

David Trask dtrask at vcsvikings.org
Thu Jan 12 02:57:05 UTC 2006 

I'm doing filtering by groups (grade levels) using DansGuardian.....I use
an SME sever (www.contribs.org)  and the Dungog dansguardian package.


"Support list for opensource software in schools." <k12osn at redhat.com> on
Wednesday, January 11, 2006 at 9:27 PM +0000 wrote:
>Jesse McDonnell wrote:
>> I'm a high school librarian and have a question on whether anyone is
>using the same proxy server and filtering software to provide different
>filtering to students at different grade levels.  Everyone in the
>district currently goes through the same proxy server and has the same
>level of filtering.  All Web-based email is blocked as are file transfer
>sites like yousendit. We're having an ongoing discussion of the filtering
>policy and how much of a threat web-based email presents.
>> 
>> I have an override account on the BESS filter so students in the
>library can access their email to download large files they are
>transferring back-and-forth between home and school when students don't
>have jump drives. When they are in the computer lab or using wireless
>laptops in the classroom they are unable to do it since I'm the only one
>in the building with an override. I'm wondering how difficult it would be
>to have everyone in the high school go through a different (or aliased)
>proxy IP that would have unfiltered access to webmail. 
>> 
>> We are in a windows enviroinment and using BESS (N2H2) filtering
>software. IP addresses are assigned by a Windows DHCP server. We don't
>use roaming profiles. Students don't have email accounts through the
>school district and account names are of the form
>GraduationyearLastnameFirstinitial (06smithj is joe smith graduating in
>2006). When they login the start menu and the apps available are mapped
>from a folder on one of the servers.  So it would simple to change the
>proxy IP address in IE for all high school students. 
>> 
>> How best to deal with this situation....? 
>> 
>> Jesse McDonnell 
>> 
>I'm not sure if Bess supports this or not, but a number of filtering 
>proxy systems, ranging in price from free to very-not-free, handle 
>transparent NTLM authentication and filtering, which would give you the 
>ability to create a different set of ACLs based upon the organizational 
>unit of the user requesting a website.  We've been using a 
>remotely-hosted Bess solution, but are turning away from it in favor of 
>the more granular control I mention here along with the advantage of 
>having a large caching proxy at the edge of our network.
>
>Upon further examination, it would appear that Bess supports this as well:
>http://www.securecomputing.com/index.cfm?skey=1377#fbug
>
>The more I look at the n2h2 site, the more Bess looks like a very 
>well-configured Squid with SquidGuard.  Does anyone have any insights as 
>to whether or not this is the case?
>
>Cheers,
>Mike Ely
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>



David N. Trask
Technology Teacher/Director
Vassalboro Community School
dtrask at vcsvikings.org
(207)923-3100

More information about the K12OSN mailing list