k-12 web & e-mail content filtering michael i. debakey network and systems administrator...
TRANSCRIPT
K-12 Web & E-mail Content Filtering
Michael I. DeBakey
Network and Systems [email protected]
Lester S. Stoltzfus
Director of [email protected]
Michael Boggess
Regional Sales Manager, Lightspeed Systems
DeliveringProfessionalResponsiveQualityService
Brian SteigaufSystems AdministratorLancaster-Lebanon IU [email protected]
District Information
Encompasses Lampeter, Strasburg, Willow Street, and the southeast corner of the city of Lancaster
36.2 square miles
3,225 total students
470 total number of employees
Our Buildings
Five educational buildings (1 HS, 1 MS, 3 ES)
Two non-educational buildings (Administration Building and Maintenance Building)
All on one campus except for one elementary school
Traditional Web Filtering Problems
Obtuse and complex whitelist / blacklist Too much overhead to submission / approval process I.T.’s “fingerprints” are all over the place Non-existent or minimal integration with directory service
A Checklist for Content Management Decisions
CoSN’s (Consortium for School Networking) “Secure District” website:
http://www.securedistrict.org/safewired/checklist.cfm
Some excellent questions to ask on this topic…
CoSN: Philosophical Questions to Ask
Do you want students to be able to direct their own learning or is it more important for teachers to retain control of what goes on in the classroom?
Should different standards be applied, based on the age of the student? Should school employees be subject to the same rules as students, to their
own set of rules or to no rules? Would you prefer to simply monitor how students and employees use the
Internet, rather than blocking their access to sites? Are there other issues that you want to address at the same time? (Viruses,
malware, application security, mail filtering, etc.) How will school officials respond if students are found to be accessing
inappropriate material? What strategies will your school district use to teach "information literacy?"
CoSN: Evaluating Content Management Products
What kinds of content are you concerned about? What has the experience been with the solution you propose to use? How are users notified when they try to access a blocked site? Does the proposed solution address other forms of content besides just
Web sites? How easy would it be for a child to hack into and disable a particular filtering
solution? Does the proposed solution incorporate advertising messages? Will third
parties be able to collect information about how your students are accessing the Internet?
If your students speak many different languages, does your proposed solution control access to sites written in languages other than English?
How will the proposed solution serve your district in the future?
L-S’s Questions
How easily does the product fit with our existing security model - Firewall, NAT, VPN, “offline” laptops, wireless?
Will it require any fundamental changes to our network topology? What kind of hardware do we need? What software do we need to install? Do we need to touch every computer
on the network? How granular is the control? Per student / staff user, per group, per
computer, per subnet? The $64,000 question: Does the authentication mechanism integrate with
our existing single sign on model? Will it cost us $64,000???
How About E-Mail?
Spam, open relays, viruses Attachment limits Student e-mail accounts hosted or on-site? Regulations relating to e-mail Do your “e-Recordkeeping” practices reflect
your paper recordkeeping practices? Archival methods… Are you prepared to
store all of that stuff?
Lightspeed TTC 7 Mail and Web Content Filtering In-Line Filtering for Best Performance “Internal” and “External” Network Interfaces Three Web Filter Policy Levels: Student, Staff, Administrative/IT MS SQL Server 2005 Required for Each TTC Server
Lightspeed TTC 7 Mail and Web Content Filtering In-Line Filtering for Best Performance “Internal” and “External” Network Interfaces Three Web Filter Policy Levels: Student, Staff, Administrative/IT MS SQL Server 2005 Required for Each TTC Server Web Filtering Hardware
1 x Dell PowerEdge 2950 Server 1 x Silcom Failover card ( 2 x 1000BaseT interfaces) 1 x Intel PCI NIC (2 x 1000BaseT interfaces)
Lightspeed TTC 7 Mail and Web Content Filtering In-Line Filtering for Best Performance “Internal” and “External” Network Interfaces Three Web Filter Policy Levels: Student, Staff, Administrative/IT MS SQL Server 2005 Required for Each TTC Server Web Filtering Hardware
1 x Dell PowerEdge 2950 Server 1 x Silcom Failover Card ( 2 x 1000BaseT interfaces) 1 x Intel PCI NIC (2 x 1000BaseT interfaces)
Mail Filtering Hardware 1 x Dell PowerEdge 2950 Server 1 x Intel PCI NIC (2 x 1000BaseT interfaces) 1 x Dell MD1000 Disk Array
Lightspeed TTC 7 In-Line Installation Always a Best Practice
TTC 7.3 Console Remote Deployment of Security Agent “One Stop Shop” for Managing Antivirus Scans and Client Updates Active Directory-Integrated User, Group, Computer Lookup Functionality
Security Agent Provides Desktop Antivirus Provides Scheduled AV Scans and Definition Updates Provides Program Permissions (L-S Does Not Use This) Zero Client Configuration Required When Deployed through Console Correctly Resolves AD Group Membership and Usernames
Thank you!
Act 48 Code:BL182085