[TriLUG] Proxy Server.... Squid or something else?
Kevin Flanagan
kevin at flanagannc.net
Tue Dec 6 18:28:14 EST 2005
From the mix of clients it seems that you have some integration work
cut out for you no matter what if you want good logging. Authenticated
connections to the proxy are really the only good way to get logs back
to "This user went to that site at that time" kind of logs. You could
just track IP addresses, if you have all assigned ones, if you DHCP
things, you can't prove who did what. Even if you have all static
addressing, you don't have proof as to who was logged in.
Squid can authenticate to an AD, I gather that it's a bit of work. You
still have the Linux desktops that aren't likely all running SAMBA as
domain members, or using that PAM for kerberos/LDAP auth to an AD.
ISA can integrate well into an AD, but you still have the Linux users
unauthenticated to the proxy.
From what I understand, you can do this well, it's just a fair bit of work.
Kevin
mark at thefowles.com wrote:
> Squid and Dansguardian are good --
>
>
>> Was thinking about putting in a Proxy server in our network to monitor
>> interent usage as well as block internet sites that go against company
>> policy. This is a future *potential* project so I am open to any
>> suggestions. First ideas were Centos/Squid then maybe Windows2003-ISA
>> (but
>> I don't need the firewall functionality nor the cost). My network is a
>> mix
>> of windows/AS400/Linux. What do you all run? Any help would be much
>> appreciated.
>> --
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG Organizational FAQ : http://trilug.org/faq/
>> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>>
>
>
>
>
More information about the TriLUG
mailing list