Main Nav

Posted by rpaterson on January 4, 2012

Happy New Year all!!!

 

The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content.

 

My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” …

 

I can see several options:

1.    A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team.

2.    A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access.

3.    A managed approach where sites that are known to deliver malware are blocked

 

 

How do you address these issues?

 

Best,

Rob

 

 

Dr. Robert Paterson

Vice President, Information Technology, Planning & Research

Molloy College

Rockville Centre, NY 11571

516-678-5000 ex 6443

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from dthibeau@post03.curry.edu

Rob,

 

I suppose you’d say we use the managed approach (3 below), though “we” don’t do much management ourselves.

 

We use a Packetshaper which has a function that keeps track of well-known specious sites like ones know for supplying links for viral downloads.  So if you get an email with a link to a site with a worm or Trojan there is a chance that you will not be able to reach that site.  Those definitions are updated hourly.

 

Dennis

 

Posted by: listserv-anon on January 4, 2012
Message from russ.leathe@gordon.edu

I remember all too well the “blaster” virus.  This caused me to rethink our whole protection solution.

 

1.)    FW maintains a db of known malware sites and blocks them.

2.)    Implemented a bandwidth shaper with malware signature detection

3.)    Implemented a NAC that has strict policies for virus/malware sw at the local PC – nobody allowed on our network without protection.

 

So far so good.  It’s been six years.  We do get an occasional infected computer.  Our weakest link are students with broadband cards – bypassing our network – only affects them, not our network.

 

I hope this is helpful,

 

Russ

Gordon College

russ@gordon.edu

 

 

 

Posted by: listserv-anon on January 4, 2012

Hello Rob,


Best of 2012 to you as well.  We have historically done #1 but are planning in the next few months to implement a dns black hole setup to add #3 to our approach (still doing #1).


- Scott



Scott Krajewski             
Director, IT Services           
Augsburg College    
http://www.augsburg.edu/it/
The Link: IT Newsletter
http://augnet.augsburg.edu/thelink



>>> On 1/4/2012 at 08:00 AM, Robert Paterson <rpaterson@MOLLOY.EDU> wrote:

Happy New Year all!!!

 

The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content.

 

My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” …

 

I can see several options:

1.    A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team.

2.    A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access.

3.    A managed approach where sites that are known to deliver malware are blocked

 

 

How do you address these issues?

 

Best,

Rob

 

 

Dr. Robert Paterson

Vice President, Information Technology, Planning & Research

Molloy College

Rockville Centre, NY 11571

516-678-5000 ex 6443

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Posted by: krajewsk on January 6, 2012
At my previous institution we implemented option 3 and saw a dramatic drop in malware issues. It freed up a lot of Help desk and desktop services time. From: Robert Paterson > Reply-To: The EDUCAUSE CIO Constituent Group Listserv > Date: Wed, 4 Jan 2012 09:00:15 -0500 To: > Subject: [CIO] Network a three way balancing act - Network speed vs. Content filtering vs. Malware/Virus attacks Happy New Year all!!! The CIO list community was recently discussing “Web content filtering” in response to a query from Richard Nelson. My impression was that most places do not filter web content. My director of network services came to me yesterday with the three way balancing act described in the subject. I assume those who don’t filter content have ways to limit or prevent the malware/virus that are associated with certain kinds of sites. I would be interested in hearing how. Is this the old axiom “you can pick two of the three” … I can see several options: 1. A laissez faire approach where sites are not scanned and malware is managed at the desktop by a user support team. 2. A managed approach where sites that are known to deliver malware are scanned to verify they are clean, thus slowing network access. 3. A managed approach where sites that are known to deliver malware are blocked How do you address these issues? Best, Rob Dr. Robert Paterson Vice President, Information Technology, Planning & Research Molloy College Rockville Centre, NY 11571 516-678-5000 ex 6443 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Posted by: shandon on January 6, 2012
Message from mike.cunningham@pct.edu

How do you decide what sites are known to deliver malware?
Posted by: listserv-anon on January 6, 2012
The devices work much like SPAM filters, in that there is a service component that updates regularly with new sites. There is also the ability for a user to request an exception (which rarely happened) and the ability to add sites. Among the vendors are BlueCoat and Barracuda. On 1/6/12 12:09 PM, "Mike Cunningham" wrote: >How do you decide what sites are known to deliver malware? > >
Posted by: shandon on January 6, 2012
Post a Comment

Research and Publications

Conferences and Events

Career Development

Focus Areas and Initiatives

Connect and Contribute

About EDUCAUSE

Close

 


Current Issue
March/April 2013
EDUCAUSE Review

Publications

Research

Close


Annual Conference
October 15–18, 2013
Save the date!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

See All Events

Close

EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center

Find or Post a Job

Leadership and Management Programs

EDUCAUSE Institute
Advanced Programs
Project Management

 

Fellowships and Awards

Fellowships
Awards Programs

Getting Involved

Mentoring
Volunteer
Speak at an Event

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

Advance Your Career

 

Close

Latest Topics

EDUCAUSE organizes its efforts around three IT Focus Areas

 

Enterprise and Infrastructure

Enterprise and
Infrastructure

Policy and Security

Policy and
Security

Teaching and Learning

Teaching and
Learning

 

Join These Programs If Your Focus Is

Close

From the Blogs
The Role of Campus Leadership in Ensuring IT Accessibility
by
Diana Oblinger

Find Others

Share Ideas

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

Create Your Profile

 

Close

2013 Strategic Priorities

  • Connected Learning
  • Enterprise IT
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.
 

Discover Membership