Main Nav

Happy New Year all!!!

 

The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content.

 

My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” …

 

I can see several options:

1.    A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team.

2.    A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access.

3.    A managed approach where sites that are known to deliver malware are blocked

 

 

How do you address these issues?

 

Best,

Rob

 

 

Dr. Robert Paterson

Vice President, Information Technology, Planning & Research

Molloy College

Rockville Centre, NY 11571

516-678-5000 ex 6443

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from dthibeau@post03.curry.edu

Rob,

 

I suppose you’d say we use the managed approach (3 below), though “we” don’t do much management ourselves.

 

We use a Packetshaper which has a function that keeps track of well-known specious sites like ones know for supplying links for viral downloads.  So if you get an email with a link to a site with a worm or Trojan there is a chance that you will not be able to reach that site.  Those definitions are updated hourly.

 

Dennis

 

Message from russ.leathe@gordon.edu

I remember all too well the “blaster” virus.  This caused me to rethink our whole protection solution.

 

1.)    FW maintains a db of known malware sites and blocks them.

2.)    Implemented a bandwidth shaper with malware signature detection

3.)    Implemented a NAC that has strict policies for virus/malware sw at the local PC – nobody allowed on our network without protection.

 

So far so good.  It’s been six years.  We do get an occasional infected computer.  Our weakest link are students with broadband cards – bypassing our network – only affects them, not our network.

 

I hope this is helpful,

 

Russ

Gordon College

russ@gordon.edu

 

 

 

Hello Rob,


Best of 2012 to you as well.  We have historically done #1 but are planning in the next few months to implement a dns black hole setup to add #3 to our approach (still doing #1).


- Scott



Scott Krajewski             
Director, IT Services           
Augsburg College    
http://www.augsburg.edu/it/
The Link: IT Newsletter
http://augnet.augsburg.edu/thelink



>>> On 1/4/2012 at 08:00 AM, Robert Paterson <rpaterson@MOLLOY.EDU> wrote:

Happy New Year all!!!

 

The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content.

 

My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” …

 

I can see several options:

1.    A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team.

2.    A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access.

3.    A managed approach where sites that are known to deliver malware are blocked

 

 

How do you address these issues?

 

Best,

Rob

 

 

Dr. Robert Paterson

Vice President, Information Technology, Planning & Research

Molloy College

Rockville Centre, NY 11571

516-678-5000 ex 6443

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

At my previous institution we implemented option 3 and saw a dramatic drop in malware issues. It freed up a lot of Help desk and desktop services time. From: Robert Paterson > Reply-To: The EDUCAUSE CIO Constituent Group Listserv > Date: Wed, 4 Jan 2012 09:00:15 -0500 To: > Subject: [CIO] Network a three way balancing act - Network speed vs. Content filtering vs. Malware/Virus attacks Happy New Year all!!! The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content. My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” … I can see several options: 1. A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team. 2. A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access. 3. A managed approach where sites that are known to deliver malware are blocked How do you address these issues? Best, Rob Dr. Robert Paterson Vice President, Information Technology, Planning & Research Molloy College Rockville Centre, NY 11571 516-678-5000 ex 6443 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Message from mike.cunningham@pct.edu

How do you decide what sites are known to deliver malware?
The devices work much like SPAM filters, in that there is a service component that updates regularly with new sites. There is also the ability for a user to request an exception (which rarely happened) and the ability to add sites. Among the vendors are BlueCoat and Barracuda. On 1/6/12 12:09 PM, "Mike Cunningham" wrote: >How do you decide what sites are known to deliver malware? > >
Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.