Re: [squid-users] Bypassing squid proxy

From: Mika Aleksandroff <mika.aleksandroff@dont-contact.us>
Date: Thu, 07 Mar 2002 20:20:54 +0200

> "H M Rajeev" <hmrajeev@ybil.com> 7.3.2002 07:26 >>>
>>"Colin Campbell" <sgcccdc@citec.qld.gov.au>
>> As others have pointed out, you have a social problem that cannot be
>> solved by technology. All that happens when you do is that you get into a
>Immediately I will implement bandwidth restriction for those users. We MIS
>people have to convince Management to have a policy for Internet access in

Well, actually... If you really want (and can) to solve your problem technically
you'd need to design your LAN in a way that allows you to do that. Basically
this means implementing multiple VLANs with appropriate access-lists.

You can put your staff in, say, two different VLANs - 'privileged' and
'not-so-worthy' - and filter traffic as necessary. You don't need separate
firewall for this, normal router with access-list capability will do.

Depending on your office size this is a viable or not so viable option... In
a moderately sized office there may not be need for anything more
complex than a flat network. And whether it's worth the trouble is a
whole other issue.

If you need to start "fighting" tech-savvy employees you might as
well do it "right" at the beginning, since humans have a tendency to
be pretty imaginative when necessary.. :-)

--
Behave,
             Mika A, ATK-Keskus
             Kymenlaakso Polytechnic
Received on Thu Mar 07 2002 - 11:21:14 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:47 MST