Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Protect Your Network With Content Filtering

One of the best ways to maintain the security and performance of your network — whether at home or in a large office setting — is to restrict the material users are able to access over the Internet.

By Ron Pacchiano

Businesses of all sizes, schools, government agencies and libraries are faced with the need to control access to inappropriate materials or objectionable Web sites. Also, unclogging valuable bandwidth resources in organizations is becoming increasingly important as more Web sites offer access to streaming audio, video, FTP [define] and chat features. Many corporate users are unaware of the network bandwidth consumption associated with listening to online music. This type of activity not only affects the network performance of the responsible party, it also degrades network performance for everyone on the network.

Moreover, legal liability risks around downloading MP3s and full-length DVDs from Web sites are becoming a major concern. The Recording Industry Association of America (RIAA) recently collected a $1 million fine from an organization found to have copyrighted music files on the corporate network.

Protecting yourslef from these types of problems presents a major challenge, but without that control, you risk productivity losses, liability exposure and misallocation of bandwidth due to non-productive Web surfing. In addition, Schools and libraries risk forfeiting their federal funding unless they provide the content filtering mandated by the Children's Internet Protection Act (CIPA).

One of the best ways to maintain the security and performance of your network is to restrict the material accessible to users. This is type of restriction is known as content filtering.

Content filtering software screens and excludes from access or availability Web pages or e-mail that is deemed objectionable. Opinions on what is considered objectionable content, of course vary, but typically it includes things like pornography, gambling, violence or racist content. Content filtering has always been an important strategy for blocking virues, spyware and malware.

Content filters are usually configured in one of two ways. In the first scenario, an administrator actually compiles a list of restricted sites or keywords to restrict access. For example, products such as the Symantec Gateway Security 360R appliance function this way. The 360R uses just a simple URL static list that allows you to block or allow up to 100 sites. Plus each URL needs to be manually entered into the gateway. This approach is not only time consuming, but hiders the filter's effectiveness, since there is no way for the administrator to block every possible site and is more prone to user error (such as misspelling the site name).

A more reliable approach is to use a subscription service to maintain your content filter. The service creates categories of restricted content and updates them on a monthly basis, increasing your chances of blocking inappropriate sites. For instance, Smartfilter from Secure Computing, provides a database of millions of blockable Web sites in more than 70 categories, which results in a far more efficient solution.

Many companies implement content filtering via a Proxy server [define]. The primary role of the proxy server is to limit a user's capability to access sites or materials that might be deemed inappropriate within a corporate environment. The proxy will intercept all Web requests coming from network clients and check them against the contents of its Access Control List (ACL) [define]. Entries in the ACL can be in the form of domain names, individual pages, specific words or categories (e.g., sex, violence). If the Web page requested is not on the proxy server's ACL, the request is processed normally and the retrieved Web page is sent back to the requesting client. If, however, the requested Web page is on the ACL, it will be blocked, and the client will receive a message indicating they have tried to reach a restricted site.

Proxy servers are not foolproof, but they do provide a greater level of control than that of unrestricted computers. Proxy servers are most effective when used in conjunction with a strong Internet Security Policy and Acceptable Use Policy (AUP)[define] that addresses what material is and isn't appropriate to access, and what the consequences will be if the terms and conditions of the AUP are violated.

As an added benefit, proxy servers can also improve your network's performance by functioning as a caching server. However, proxy servers can be difficult to maintain and troubleshoot, which is why they are typically found onlyin large organizations with a good size IT staff.

For smaller companies, there are a wide variety of Internet Security appliances available from many of the big vendors such as Symantec, SonicWALL and Trend Micro. In addition to being relatively easy to use and deploy, this type of appliance usually offer users even more control over their filtering options by not only blocking Web traffic, but also Internet applications. For example, a single checkbox can block instant messaging traffic and eliminate a distracting and frequently used channel for virus propagation and inappropriate communication. Some even offer a client lockdown feature that enables administrators to quickly disable Internet access from systems that have been hacked, hijacked or otherwise compromised. Though effective, these solutions can vary greatly in cost, ranging from a few hundred to a few thousand dollars.

However, if you're just looking to protect a handful of PCs, a more cost-effective approach for you would be to look into a package such as NetNanny, Cybersitter or CyberPatrol. While not as elegant as some of the security appliances mentioned above, these products do an adequate job filtering internet activity by implementing the following:

  • Blocking harmful sites and images
  • Restricting chat and instant messaging
  • Limiting time online and access to programs
  • Controlling program downloads
  • And, most importantly, protecting the privacy of users

Best of all, each of these products can be purchased for under $50 per PC. Even though they don't give you the unified control of the more expensive networking products we discussed earlier, they do offer some protection.

Unlike many traditional security products, the need for content filtering might not seem apparent, but its value is undeniable. Protection from legal action, increased productivity and the maximization of IT assets makes it, at the very least, something to investigate it further.

Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all.


For more help, don't forget to try one of our PracticallyNetworked Forums.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums