Hello again group, First off, thanks for the info on computer usage policies in reference to email monitoring. Your leads help a great deal, and what I ended up determining is, that 3 Tort Law cases and a solid computer usage policy were all that was necessary to show that we were within our rights to do the monitoring. The tort cases, in case anyone is interested, were: McLaren v. Microsoft Corporation ; Smyth v. Pillsbury; and U.S. v. Simons.
This line in the computer usage policy covered our butts too. "Employees have no inherent right to use government office equipment. Therefore, all Agencies will establish appropriate controls to ensure that the equipment is used appropriately." "By using this office equipment, consent to monitoring and recording is implied with or without cause, including (but not limited to) accessing the Internet, using Email. " "System managers do employ monitoring tools to detect improper use." Anyway... here is my new question. Has anyone out there every deployed the McAfee WebShield E250/E500? If so, did you notice any gotchas with the boxes that I should be aware of in implementing ours. I've been having problems getting the thing to enforce it's URL blocking and applet filtering, and McAfee's documentation tells me to check my DNS server settings on the appliance, and nothing else for the troubleshooting. Thanks in advance all! -Mike