Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in of

Hi

I have small doctors office with 6 Desktops and 3 laptops. We have
DSL service plugging into a Linksys WRT54G and then into a 24-port
switch. All computers are windows xp Pro and no servers.

The girls at front desk keep chatting and surfing on myspace. I have
told them several times but when i am not there it just goes on as
usual. In the past month alone the computers have had more and more
stuff being installed on them. I am looking for a device which will
let me block things like myspace, youtube etc. Also block IM
programs. In all my searching over the last two weeks i have come
across fancy names like UTM (unified threat management) and CFD
(content filtering devices) but they all cost in thousands. I need
something in the $400-$600 price range.

I have tried the keyword and url filter in WRT54G and its useless. It
does not block anything. A friend is using fortigate 60 firewall/vpn
router and in its setting i blocked myspace (by keyword blocking) but
i can surf to myspace no problem even after re-booting the router. I
have found Zyxel's Zywall 35 and Safe@Office 500 in my price range but
i can't get any review on if these devices will actually block the
URLs.

Any suggestion?

Thank you for reading.

mK

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

drkhan@gmail.com wrote:



> I am looking for a device which will
> let me block things like myspace, youtube etc. Also block IM
> programs. In all my searching over the last two weeks i have come
> across fancy names like UTM (unified threat management) and CFD
> (content filtering devices) but they all cost in thousands. I need
> something in the $400-$600 price range.

You can find used/refurbished FW appliances not routers for a fraction
of the cost with full support and warrantee for 90 days, from reputable
dealers for a given product line. You call the manufacture or go to
their Web sites to find a list of dealers.

Re: Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in

On Mar 24, 3:26 pm, "Mr. Arnold" <"Mr. Arnold"@Arnold.COM> wrote:
> drk...@gmail.com wrote:
>
>
>
> > I am looking for a device which will
> > let me block things like myspace, youtube etc. Also block IM
> > programs. In all my searching over the last two weeks i have come
> > across fancy names like UTM (unified threat management) and CFD
> > (content filtering devices) but they all cost in thousands. I need
> > something in the $400-$600 price range.
>
> You can find used/refurbished FW appliances not routers for a fraction
> of the cost with full support and warrantee for 90 days, from reputable
> dealers for a given product line. You call the manufacture or go to
> their Web sites to find a list of dealers.

Do you suggest a specific brand or model?

Thanks

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

Mr. Arnold wrote:
> drkhan@gmail.com wrote:
>
>
>
> > I am looking for a device which will
> > let me block things like myspace, youtube etc. Also block IM
> > programs. In all my searching over the last two weeks i have come
> > across fancy names like UTM (unified threat management) and CFD
> > (content filtering devices) but they all cost in thousands. I need
> > something in the $400-$600 price range.
>
> You can find used/refurbished FW appliances not routers for a fraction
> of the cost with full support and warrantee for 90 days, from reputable
> dealers for a given product line. You call the manufacture or go to
> their Web sites to find a list of dealers.

Watchguard, Cisco, Sonicwall, Snapgear are a some that you can
investigate or any of the major vendors of FW appliances.

The link below may help you in your selection process and toss the
Linksys wireless router or convert it into a wire/WAP switch and plug it
into a LAN port on the FW appliance.

http://www.more.net/technical/netserv/tcpip/firewalls/

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

On Sat, 24 Mar 2007 11:44:21 -0700, drkhan wrote:

> Hi
>
> I have small doctors office with 6 Desktops and 3 laptops. We have
> DSL service plugging into a Linksys WRT54G and then into a 24-port
> switch. All computers are windows xp Pro and no servers.
>
> The girls at front desk keep chatting and surfing on myspace. I have
> told them several times but when i am not there it just goes on as
> usual. In the past month alone the computers have had more and more
> stuff being installed on them. I am looking for a device which will
> let me block things like myspace, youtube etc. Also block IM
> programs. In all my searching over the last two weeks i have come
> across fancy names like UTM (unified threat management) and CFD
> (content filtering devices) but they all cost in thousands. I need
> something in the $400-$600 price range.
>
> I have tried the keyword and url filter in WRT54G and its useless. It
> does not block anything. A friend is using fortigate 60 firewall/vpn
> router and in its setting i blocked myspace (by keyword blocking) but
> i can surf to myspace no problem even after re-booting the router. I
> have found Zyxel's Zywall 35 and Safe@Office 500 in my price range but
> i can't get any review on if these devices will actually block the
> URLs.
>
> Any suggestion?
>
> Thank you for reading.

While I would rather see you get a full firewall, that's about $2K, but a
DFL-700 permits blocking of sites by names and ip addresses - so you could
block *.myspace.com/* and even *.yahoo.com/* so that they can't reach the
yahoo servers or the myspace servers with ANY program.





--

Leythos

spam999free@rrohio.com (remove 999 for proper email address)

Re: Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in

On Mar 24, 4:57 pm, "Mr. Arnold" <"Mr. Arnold"@Arnold.COM> wrote:
> Mr. Arnold wrote:
> > drk...@gmail.com wrote:
>
> >
>
> > > I am looking for a device which will
> > > let me block things like myspace, youtube etc. Also block IM
> > > programs. In all my searching over the last two weeks i have come
> > > across fancy names like UTM (unified threat management) and CFD
> > > (content filtering devices) but they all cost in thousands. I need
> > > something in the $400-$600 price range.
>
> > You can find used/refurbished FW appliances not routers for a fraction
> > of the cost with full support and warrantee for 90 days, from reputable
> > dealers for a given product line. You call the manufacture or go to
> > their Web sites to find a list of dealers.
>
> Watchguard, Cisco, Sonicwall, Snapgear are a some that you can
> investigate or any of the major vendors of FW appliances.
>
> The link below may help you in your selection process and toss the
> Linksys wireless router or convert it into a wire/WAP switch and plug it
> into a LAN port on the FW appliance.
>
> http://www.more.net/technical/netserv/tcpip/firewalls/

One of the things i just can't understand is why does Linksys router
has an option to block URL... if it does not work. How can they add a
feature that broken across the board. *frustrated

Thanks for your suggestions. If you guys know of a specific model
please recommend that since at of this stuff is very new to me.

Thank you.

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

drkhan@gmail.com wrote:
> Hi
>
> I have small doctors office with 6 Desktops and 3 laptops. We have
> DSL service plugging into a Linksys WRT54G and then into a 24-port
> switch. All computers are windows xp Pro and no servers.
>
> The girls at front desk keep chatting and surfing on myspace. I have
> told them several times but when i am not there it just goes on as
> usual. In the past month alone the computers have had more and more
> stuff being installed on them. I am looking for a device which will
> let me block things like myspace, youtube etc. Also block IM
> programs. In all my searching over the last two weeks i have come
> across fancy names like UTM (unified threat management) and CFD
> (content filtering devices) but they all cost in thousands. I need
> something in the $400-$600 price range.
>
> I have tried the keyword and url filter in WRT54G and its useless. It
> does not block anything. A friend is using fortigate 60 firewall/vpn
> router and in its setting i blocked myspace (by keyword blocking) but
> i can surf to myspace no problem even after re-booting the router. I
> have found Zyxel's Zywall 35 and Safe@Office 500 in my price range but
> i can't get any review on if these devices will actually block the
> URLs.

mK,

What you need, and it would appear lack, is an agreed-to acceptable use
policy. If you have no policy, you have no security.

If you have an acceptable use policy that prohibits use of such web
sites, installing of software, etc, then any such computer misuse can be
dealt with by management.

As it appears that you have no policy, even the act of investigating
their usage could be a breach of privacy laws and even against their
human rights.

In short, without an agreed policy - and backing at board level, you
have _NO_ security. WITH an agreed policy your reliance on technical
countermeasures can be reduced thus saving on purchasing and
maintaining hardware and software notto mention administrative overheads.

Having said all that, one effective solution could be an old workstation
with a vaiant of BSD/ Linux running squid and IP Tables may be the
technical solution you are searching for.

HTH,

Bogwitch.

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

drkhan@gmail.com wrote:
> Hi
>
> I have small doctors office with 6 Desktops and 3 laptops.
I think there are confidental data on the PCs.

> The girls at front desk keep chatting and surfing on myspace.

This is not dangerous, only unwanted during their hours of work

> I have told them several times but when i am not there it just goes
> on as usual.
You do not respect you
> In the past month alone the computers have had more and more
> stuff being installed on them.
Everyone has adminrights and the responsible person (you ?) has lost the
control of the PCs and the data. You are only allowed to pay for the
electricity.

> I am looking for a device which will
> let me block things like myspace, youtube etc. Also block IM
> programs. In all my searching over the last two weeks i have come
> across fancy names like UTM (unified threat management) and CFD
> (content filtering devices) but they all cost in thousands. I need
> something in the $400-$600 price range.

- $0: switch the WRT54G immediately off.
- rebuild your PCs and laptops with proper software, userpermissions etc.
- establish a use and security policy for the use of the PCs and the use
of the internet.
- write letters of warning and signalise instant dismissals.

- then you can define the firewall requirements.
The firewall must have a slight part in the use and security policy
and your promblems can't be solved technical by a firewall.
UTM, CFD etc. are buzzwords, but in your case only snakeoil for
security. In a company with 9 PCs is this absurd.
I will not give you a recommendation for a firewall, search for
experienced experts in your surrounding area. The costs of the hardware
are the smallest part, more expensive is the proper implementation and
maintenance.

bye
Christoph

Re: Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in

drkhan@gmail.com wrote:

>
> Do you suggest a specific brand or model?

I'd strongly recommend getting a clue about IT security. I'd think that
there are patient data on your computers. The things that happen in your
network make me fear that these data are spread over the whole internet.

Get a seriuos security solution that covers those risks. That will include
strict user and access rights, no free internet acces from any of the
computers in your network and much more. And it will cost a little bit more
than a few hundred dollars but it will be far less than the compensation
you'll have to pay in case of patient data leaking out.

Wolfgang

Re: Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in

On Mar 25, 8:04 am, Wolfgang Kueter wrote:
> drk...@gmail.com wrote:
>
> > Do you suggest a specific brand or model?
>
> I'd strongly recommend getting a clue about IT security. I'd think that
> there are patient data on your computers. The things that happen in your
> network make me fear that these data are spread over the whole internet.
>
> Get a seriuos security solution that covers those risks. That will include
> strict user and access rights, no free internet acces from any of the
> computers in your network and much more. And it will cost a little bit more
> than a few hundred dollars but it will be far less than the compensation
> you'll have to pay in case of patient data leaking out.
>
> Wolfgang

Thank you guys. You all have suggested a few very good ground rules.
I think i am gonna sort out the acceptable use policy this week and
then look for a security solution.

Thank you again!

Re: Suggestions please!!! Need a device to block internet accessto specific URLs and IM programs in

Christoph Hanle wrote:
> drkhan@gmail.com wrote:
>> Hi
>>
>> I have small doctors office with 6 Desktops and 3 laptops.
> I think there are confidental data on the PCs.

Yikes! I missed the first paragraph! Think HIPAA (if the OP is in the
USA). Time for the OP to get a professional in. They are way out of
their depth.

>> The girls at front desk keep chatting and surfing on myspace.
>
> This is not dangerous, only unwanted during their hours of work

I would have to disagree. MySpace has had several XSS vulnerabilities
recently.

> - $0: switch the WRT54G immediately off.

And I missed that, too.

> - rebuild your PCs and laptops with proper software, userpermissions etc.
> - establish a use and security policy for the use of the PCs and the use
> of the internet.
> - write letters of warning and signalise instant dismissals.

As I am unsure of the OPs country of residence, it is difficult to say
wether taking an image of the HDDs for a subsequent investigation would
be necessary before re-installation. I would. Otherwise it could be seen
as a deliberate attempt to destroy evidence. There could very easily be
a loss of confidential patient data from this system.

> - then you can define the firewall requirements.
> The firewall must have a slight part in the use and security policy
> and your promblems can't be solved technical by a firewall.
> UTM, CFD etc. are buzzwords, but in your case only snakeoil for
> security. In a company with 9 PCs is this absurd.
> I will not give you a recommendation for a firewall, search for
> experienced experts in your surrounding area. The costs of the hardware
> are the smallest part, more expensive is the proper implementation and
> maintenance.

Absolutely. This is beyond the scope of an amateur. There are very
serious consequences of a security incident with this setup and I would
be very suprised if there has not been one already.

If the OP is in the UK, I'd be happy to offer my servies. :-)

Bogwitch.

Re: Suggestions please!!! Need a device to block internet access to specific URLs and IM programs in

drkhan@gmail.com wrote:

> Thank you guys. You all have suggested a few very good ground rules.

Sorry, but I'm shocked. Seriously: The setup you run/ran in your office
implements nothing of the standards of security and privacy protection
required for a doctor. You risk(ed) your business.

Wolfgang