On Wed, Apr 18, 2012 at 10:34, Matthew W. Ross <[email protected]> wrote: > Hey List. > > I'm curious if anybody here knows of a content filtering system that is able > to handle two networks simultaneously. > > What I'm looking for: We have a "School" network, which should be for all > computes that are owned by the school. We are working to implement a > wireless "Guest" network. I want this network to be completely separate from > the school network, including what internet ISP they are going to use. > > I know I could do this by using 2 separate content filters. I'm interested > to see if there is a solution that can do it with a single device. I want to > be able to manage/search the content filter on both networks. > > So in the end, I'm looking for something like this: > > ISP1 --- ++++++++ --- Guest Network > > + Filter + > > ISP2 --- ++++++++ --- School Network
We did something similar with our Barracuda web filter - however, the guest network uses the same Internet connection as our production network. I put up a guest VLAN that is completely separate from our production VLANs - it terminates on our firewall, and the wireless runs on a separate SSID/VLAN on the same switches as our production network. That meant configuring the internal interface of the firewall as a trunk, but it wasn't too hard to do. It also required that the Barracuda run its interfaces as trunks - that was a bit trickier, but their support techs worked with me, and got me beta build of their software that supported it. That was about a year ago, so it's now production code. The Barracuda is a bridging proxy - it sits between the firewall and all traffic, listening for port 80 stuff and evaluating it, ignoring all the rest. One oddity is that the Barracuda has to have an IP address on each VLAN. I don't quite understand why that is, exactly. Regardless, I'm pretty sure you could do what you want in a similar manner - the guest VLAN would just terminate on a different firewall, or different (sub)interface of your current firewall. Kurt So, now the Barracuda filters for both guest and production - it works well enough. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
