Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd.

Published byVictor Hines Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd."— Presentation transcript:

1 Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd.

2 Broadband for Schools Project Providing free broadband to nearly 4,000 schools. €18m - Funded by TIF and Depts. of Education and Communication. Feb 2004: Plan announced and HEAnet chosen as ISP. Late 2004: Connection and router tenders awarded. Spring 2005: HEAnet build network and interconnect with selected service providers. NCTE support desk set up. Summer 2005 Majority of schools connected and routers installed – Spring 2006: Summer 2006: Scoilnet email service trialled and put into production.

3 Service providers HEAnet Internet Connectivity & Managed Services Network Management and Monitoring Technical Consultancy Second-line support NCTE First-line support Smart Digiweb Irish Broadband BT Last Mile HS Data Solutions School broadband connections Eircom CPE Router Supply and support Connecting pilot schools

4

5

6 Schools Update 95% of schools installed 84% of schools have used their connection Peak daily Traffic > 100Mbps Daily Download > 250GB Email service now live

7

8

9

10 3 layers of security

11 Cisco Firewall Services Module Integrated firewall module (blade) for 6500 switch 5.5 Gbps throughput 100,000 connections per second 1 million concurrent connections Runs PIX OS

12 Firewall Inbound

13 Firewall Outbound

14 Fortinet 500Mbps in-line scanning – scalable to higher bandwidths Web Content Filtering Virus & Malware Scanning – HTTP, SMTP, POP3 Anti-Spam IPS Logging and statistics

15 Fortinet: Web Filtering Database of 26 million rated Web Sites 76 Categories 24x7 Managed Service White & Blacklists – override categories Unrated sites blocked (24hr rating) Currently 2 levels of filtering but is capable of giving each school it’s own profile

16 Web filtering – potential problems Mis-categorised sitesBlacklisted and submitted for re-categorisation Anonymous proxiesAre placed in blocked category Google tools: Cache, Translate, Mobile etc. Fortinet can parse original URL and filter. Tunnelling, TOR routing and other cloaking mechanisms Various solutions Not everything on the web can be neatly categorized - manual intervention will always be required.

17 Anti-Virus Well-known ports blocked inbound and outbound by FWSM and 871 HTTP, SMTP, POP3, IMAP scanned by Fortinet Automatic reporting culled from Cymru and Spamcop reports, DNS and Fortinet logs. Schools contacted – problem hosts can be blacklisted.

18

19

20 VPN

21

22

23 Other Issues: Scoilnet Email Service –Virus and Spam scanned, inbound and outbound P2P and other bandwidth-intensive apps –Can be blocked or rate-limited Acceptable Usage

24 Q&A liam.kennedy@heanet.ie www.ncte.ie www.fortinet.com

Download ppt "Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd."

Similar presentations

Business Solutions Network Security Solutions Gateway Security

Business Solutions Network Security Solutions Gateway Security
Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.

Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.
HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005.

HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005.
NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities 2005 - Broadband.

NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities Broadband.
What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar

What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar
Module CSY3021 Network Planning and Programming RD-CSY3021-08/09 1.

Module CSY3021 Network Planning and Programming RD-CSY /09 1.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.

1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.
The Internet & The New IT Infrastructure Chapter 9.

The Internet & The New IT Infrastructure Chapter 9.
Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.

Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
Providing secure open- access networks Oliver Gorwits Oxford University Computing Services.

Providing secure open- access networks Oliver Gorwits Oxford University Computing Services.
ROYAL PALM NETWORK PROJECT John Healy Tom Jamieson

ROYAL PALM NETWORK PROJECT John Healy Tom Jamieson
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Firewall Slides by John Rouda

Firewall Slides by John Rouda
Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Similar presentations

Ads by Google