1 / 19

Enterprise Internet Filtering

Enterprise Internet Filtering. Presented by Sheri L. DeVaux. Agenda. Why filter Filtering background at DOIT Product selection, Why 8e6 Infrastructure Implementation Logical Flow Categories Delegated Administration DOIT Request for Review Process FYI Q&A. Internet Filtering.

kisha
Download Presentation

Enterprise Internet Filtering

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Enterprise Internet Filtering Presented by Sheri L. DeVaux

  2. Agenda • Why filter • Filtering background at DOIT • Product selection, Why 8e6 • Infrastructure Implementation • Logical Flow • Categories • Delegated Administration • DOIT Request for Review Process • FYI • Q&A

  3. Internet Filtering • Tool to enforce the Acceptable Use Policy (AUP) http://www.ct.gov/doit/cwp/view.asp?a=1245&Q=314686&insidedoitPNavCtr=|31104|#31105 • Preserves Network Resources • Helps to control access to bandwidth-intensive sites • Keeps other network devices available for their core functions • Protects the States network infrastructure by blocking internet threats • Centralization frees up IT personnel for other agency mission critical projects

  4. Background • Late 2007 Governor Rell “asks that each agency review their internet filtering standards, and that each Commissioner and Executive Director ensure their Agency's compliance with State standards”. Letter to Commissioners January 2008. • DOIT charged with conducting a review of all internet access allowed by agencies • Late 2007 RFI to gather data • 8e6 solution selected • Early 2008 Bid • February 2008 Awarded • Summer 2008 DOIT Pilot • Fall 2008 Delegated Admin and Reporter Training by vendor • Late 2008 begin Phased Agency cutovers • Currently in the Implementation Phase

  5. Product Selection • True enterprise level filtering • Transparent • Filters – http, file types (mp3, .zip, etc…), anonymous proxies • Directory Based Authentication • Delegated Reporting capability

  6. 8e6 R3000 • Standalone appliance • Secure and Hardened • Red Hat Linux OS • Functions in “pass-by mode”

  7. Physical Implementation

  8. Logical Flow - Allowed

  9. Logical Flow - Allowed

  10. Logical Flow - Allowed

  11. Logical Flow – Access Denied

  12. Logical Flow – Access Denied

  13. Logical Flow – Access Denied

  14. Categories • 100+ Predefined Categories • Threat Groups • Adult Content, Bandwidth, Security, etc…. • Productivity Groups • Entertainment, Investments, Shopping, etc…. • Custom Categories • Re-categorization http://www.8e6.com/external/submit-a-site.php • Human Review

  15. Delegated Administration • Distributed Management Scheme • Delegated Responsibility • Agencies Business Needs • Custom Block page

  16. DOITs Request for Review Process • Site Review request submitted via the Block/Warn page • Business need/Justification required • Request received by the DOIT EIFS Staff • Needed analysis performed • Request forwarded to Director of ITSecurity, Michael Varney and Deputy CIO, Richard Bailey for approval/denial • Approved changes configured, notification sent • Weekly meeting held for review and analysis • Site Review report forwarded to CIO Wallace weekly

  17. FYI • HTTPS Filtering • 8e6 R3000 attempts to identify and validate the secure server certificate • Section Reports to DOIT Directors • Internet Activity is tracked and reports are included in the Monthly MARS

  18. Enterprise Internet Filtering Q&A

  19. Thank You DOIT/ITSecurity Staff Sheri DeVaux 622-2455 Christine Northrop 622-2512 Robert Johnston 622-2437 Anna Marie Rohon 622-2075 doit.eifs@ct.gov

More Related