Everyone else covered the risk matrix thoroughly, so the only thing that you need as the one gentleman pointed out is to secure the router in a tamper proof location, password protect its maintenance screen, and then prevent your users from being able to adjust ip settings on their accounts. Honestly, if you are filtering content for people who are "curious" (like your average teenager or employee who is not disgruntled) but not blatantly malicious, it is easy to do, and most likely you have everything you need already. That is basically what the army does, except for the fact that they can afford realtime monitoring. If you have the cash to spend and you want a 100% solution, buy an old school marm for each user who isn't afraid to hit adults or kids with sticks and have her stand behind each employee and monitor their usage. Not the warmest work environment I can think of, but probably adequate for a captive audience such as children.
There is some sarcasm hidden in the above post just in case any think I'm advocating the beating of children... ;) On Feb 16, 2011, at 19:17, "Michael C. Robinson" <[email protected]> wrote: > On Wed, 2011-02-16 at 09:47 -0800, Darren Couch wrote: >> As I said, Dyn DNS solves these issues. >> >> Sent from my iPhone > >>> I want a name for a switch that does 802.1x and MAC based filtering and >>> if at all possible a cost. Barring that, I want information on how to >>> simulate such a device using a Linux based server. > > OpenDNS only solves the filtering issue if you are pointed at the > correct DNS servers. No Internet service provider that I know of will > force that issue, so there is a weakness between the server that should > force use of the correct DNS servers and the modem. If you can bypass > the server, you're unfiltered. If what you have to plug into beyond the > server requires authentication and you don't know the secret, you aren't > toast. So what I really need is an authenticating switch that I can > lock inside my modem cabinet. So what is this switch called and what > does it cost? > > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
