Marlon, Sorry for the confusion. The architecture would depend on the topology of the network. Based on my assumptions, here is how I think you could set it up:
AP/Tower ^ | SU/CPE ^ | Router/Firewall (if any) ^ | Content Filter ^ | School Network For the software solution, you will need a server with two network interfaces on it, one that talks to the router/firewall or CPE, and the other that is hooked into the switch or whatever local distribution mechanism you have on premises. The IP on the interface plugged into the switch becomes the default gateway for the rest of the schools network. The content filter server would have the DansGuardian (http://dansguardian.org/?page=introduction) or L7 Filter (http://l7-filter.sourceforge.net/) on the server and inspect packets as they pass through it to and from the school network. The installation of the software is beyond the scope of the mailinglist and there is a ton of support on those pages and using google. But, you can msg me offlist if you have questions about it. Regards, Kris Efland IntraMeta Corporation t. 972.231.5999 f. 972.231.7022 e. [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marlon K. Schafer (509) 982-2181 Sent: Tuesday, May 08, 2007 10:08 AM To: WISPA General List Subject: Re: [WISPA] commercial router Can I get some more details? You've completely lost me with this. btw, what ever is done has to be at a central location, can't be on each pc. People own their own pc's. Marlon (509) 982-2181 (408) 907-6910 (Vonage) Consulting services 42846865 (icq) WISP Operator since 1999! [EMAIL PROTECTED] www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam ----- Original Message ----- From: "Kris R Efland" <[EMAIL PROTECTED]> To: "WISPA General List" <[email protected]> Sent: Monday, May 07, 2007 4:38 PM Subject: RE: [WISPA] commercial router Marlon, That being the case, I would do something simple like the L7 Filter or DansGuardian, quick and easy and best of all, cheap. I think a lot of the suggestions are overkill for what you are describing. Regards, Kris Efland IntraMeta Corporation t. 972.231.5999 f. 972.231.7022 e. [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marlon K. Schafer (509) 982-2181 Sent: Monday, May 07, 2007 6:27 PM To: WISPA General List Subject: Re: [WISPA] commercial router It's a small private school/business. Think Amish but they do have computers.... Marlon (509) 982-2181 (408) 907-6910 (Vonage) Consulting services 42846865 (icq) WISP Operator since 1999! [EMAIL PROTECTED] www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam ----- Original Message ----- From: "Kris R Efland" <[EMAIL PROTECTED]> To: "WISPA General List" <[email protected]> Sent: Monday, May 07, 2007 1:03 PM Subject: RE: [WISPA] commercial router Marlon, The two that I've encountered most in the field are the Allot NetEnforcer and Packeteer's products. The Allot software has gotten much better recently with detecting 'bad' traffic that gets routed through standard ports (80/443/20/21,etc). And Packeteer has some good content caching patents. Both of their prices are high though. Here's a decent write-up, it's a little old: http://www.eweek.com/article2/0,1895,901491,00.asp Though neither of those are a true 'router' but more of a gateway that would sit behind the router, so I don't know if that's what you are looking for. I could also recommend some open source projects for the DIY person. L7 Filter, DansGuardian, ntop, etc are the standouts. Also, most of the open source firewalls also do basic string matching on urls: *myspace.com for instance. Going down that route I would look at m0n0wall and smoothwall, both of which I've used with success. Are they trying to eliminate types of traffic (P2P) or are they trying to block specific sites? Some of the cheaper products do one and not the other. The better content filters have a subscription type system to do remote updates periodically to the product for an updated list with new proxies and sites they've flagged as bad (think Norton). There are some other products out there like photo no-no (www.photonono.com) that actually filter images on the fly. Though they were very hesitant to send me benchmarks when I was talking to them a while back so you probably need some horsepower to use them at scale. Regards, Kris Efland IntraMeta Corporation t. 972.231.5999 f. 972.231.7022 e. [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marlon K. Schafer (509) 982-2181 Sent: Monday, May 07, 2007 11:22 AM To: [email protected] Subject: [WISPA] commercial router Hi All, I have a customer that's looking for a router that also does content filtering. What are people using these days? Prices? thanks, Marlon (509) 982-2181 (408) 907-6910 (Vonage) Consulting services 42846865 (icq) WISP Operator since 1999! [EMAIL PROTECTED] www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
