Announcement

Collapse
No announcement yet.

Increase security on a T1 internet connection

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Increase security on a T1 internet connection

    Hello,

    We have 50 clients connected to T1 internet connection. The T1 modem is conntected to a simple netgear router with no real security features.

    We would like to replace the netgear router with a real firewall solution that will also have AV scanning from inbound/outbound.

    We would also like to monitor internet activity in terms of the useage of the internet, websites visited by users, we are running windows 2000 domain.

    another feature that is important for us - we would like to sniff the network for MSN messenger chats, and be able to capture all conversation real time.

    will appreciate your suggested solutions

    L

  • #2
    Re: Increase security on a T1 internet connection

    ISA Server. Not sure about logging MSN conversations, also not sure about the legal issues surrounding logging of MSN conversations. Would be safer to disable the ports required and uninstall Messenger from the computers.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Increase security on a T1 internet connection

      ISA won't log MSN conversations. I'm not sure why you want to log that. It can give you a lot of problems with the privacy of the employees.
      Also ISA has no integrated AV protection. However With Forefront TMG (somewhere next year) their will be Malware protection.
      GFI has a "plugin" for ISA server to allow HTTP/FTP scanning: http://www.gfi.com/webmon/

      Also CheckPoint is a great product but doesn't fully has your requirements (AV and MSN logging)
      Last edited by Dumber; 24th October 2008, 22:35.
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: Increase security on a T1 internet connection

        No privacy issues if they've signed paperwork that covers it (not to mention the laws in his area). If you want to block IMs in the workplace, don't forget to block web-based IM sites.
        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Increase security on a T1 internet connection

          We use Office Communicator 2005 at work; and it's logged using Facetime IM Auditor.

          My company is a huge Energy firm, and the logging of IM conversations would have had to be agreed by the Union, whose authority is recognised by the company. This particular Union is renowned for not accepting anything which is either unlawful or unfair to employees.

          I think you can safely say that in a working environment in the UK, logging of IMs is acceptable.


          Tom
          For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

          Anything you say will be misquoted and used against you

          Comment


          • #6
            Re: Increase security on a T1 internet connection

            I believe over here it's not, but oh well... What do I know about the Law.
            If I see all my speeding tickets I think not much

            However, I would suggest to check it with your company lawyers
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: Increase security on a T1 internet connection

              If it's not company related, then it's an easy case to say that they shouldn't be doing it at work. Don't care where you are, you're being paid to work, not chat w/ your friends all day.
              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: Increase security on a T1 internet connection

                Originally posted by Wired View Post
                If it's not company related, then it's an easy case to say that they shouldn't be doing it at work. Don't care where you are, you're being paid to work, not chat w/ your friends all day.
                Well - in my particular case, Office Communicator is an "Internal Only" product provided by the company...


                Tom
                For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

                Anything you say will be misquoted and used against you

                Comment


                • #9
                  Re: Increase security on a T1 internet connection

                  Do I actually need an ISA server, I can not install it on any machine or Server 2000 domain

                  Comment


                  • #10
                    Re: Increase security on a T1 internet connection

                    Originally posted by lirank View Post
                    Do I actually need an ISA server
                    Yes, what you want to do requires a proxy server. ISA Server would usually be the number 1 choice.

                    Originally posted by lirank View Post
                    I can not install it on any machine or Server 2000 domain
                    Not too sure what you mean by this?
                    Gareth Howells

                    BSc (Hons), MBCS, MCP, MCDST, ICCE

                    Any advice is given in good faith and without warranty.

                    Please give reputation points if somebody has helped you.

                    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

                    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

                    Comment


                    • #11
                      Re: Increase security on a T1 internet connection

                      Their other options out there, but you have quite a lot of requirements.
                      You might have a look at Check Point, for example UTM-1
                      For example:
                      http://www.checkpoint.com/products/utm-1/index.html
                      or for smaller locations:
                      http://www.checkpoint.com/products/u...dge/index.html
                      Last edited by Dumber; 27th October 2008, 21:57.
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment

                      Working...
                      X