Forget Hardware-Based Web Filtering Appliances for Schools and Look to the Cloud

Oct 31, 2016 | Network Security, Web Filtering

Hardware-based web filtering appliances for schools have some advantages, but many K12 schools are saying goodbye to the appliances and are choosing a much more convenient and practical solution.

In the United States, K12 schools are required to implement a web filtering solution to control access to the Internet in order to receive E-Rate discounts on Internet access. Even schools that do not participate in the E-rate program need to filter the Internet. Parents are pressuring schools into ensuring the Internet can be accessed safely in schools and want to receive assurances that their children can use the Internet without inadvertently – or deliberately – viewing inappropriate material such as pornography. Twenty four states have also introduced legislation covering children and Internet access in schools.

Hardware-Based Web Filtering Appliances for Schools

A hardware-based web filtering appliance for schools may appear to tick all the boxes. Hardware devices sit in front of an Internet gateway and filter Internet traffic. They prevent users from accessing websites that are deemed to be dangerous or inappropriate.

While hardware-based web filtering appliances for schools can seem like an easy option, many schools are finding that is far from the case. Hardware-based web filtering appliances for schools are fine if there are just a handful of computers accessing the Internet in each classroom, but hardware solutions lack scalability. When the number of devices is increased, more appliances must be purchased.

Hardware-based web filtering appliances place limitations on web traffic. When the number of devices simultaneously requiring access to the Interest increases, a bottleneck can occur. It doesn’t matter how much the Internet pipe to a school is increased with an ISP, if a 1GB web filtering appliance is used for example, that will be the limiting factor not a 5GB connection. There is likely to be latency, which can be considerable.

One solution is to use multiple hardware devices. This will increase the capacity, although more devices mean an increased maintenance burden on IT departments. Multiple devices mean schools have to find the space to house the appliances. Cooling systems may need to be augmented and more devices means higher energy bills. Hardware-based web filtering appliances for schools can prove to be very costly.

Hardware-based web filtering appliances are now being stretched further still as many schools start increasing the number of devices used by students. While one or two desktop computers used to be sufficient, many schools are now considering one-to-one computing, where each student is issued with a school laptop. However, such an increase in devices places considerable demands on hardware-based web filters and the result is considerable latency.

Then there is the problem of how to protect students when laptop computers are taken home. As we have already seen, some parents have made their schools take back the devices until adequate controls are placed on the devices to restrict Internet content. If software is installed on each laptop – in the form of a local client – the Internet can still be filtered using school hardware-based web filters. The client forwards traffic to the school’s datacenter, and traffic then passes through a web filtering appliance.

This sorts out the problem of Internet filtering, but it also puts more pressure on the datacenter. This may even require additional hardware devices to be purchased. Also, outside of normal school hours, if there are any issues with the datacenter, students will be prevented from accessing the Internet.

The latency and cost issues have spurred many K12 schools to look for an alternative to hardware-based web filtering appliances for schools. The answer has been found in the cloud.

Benefits of Cloud-Based Web Filtering Solutions for Schools

Cloud-based web filtering solutions offer a number of advantages over hardware-based web filtering appliances and solve many problems, especially as schools increase either the number of devices supplied to students or the number of devices that are allowed to connect to the network.

Cloud-based solutions require no hardware purchases and no space in the data center. This offers an initial cost saving as devices do not need to be purchased. No network deployments of client applications also means quick and easy implementation and since there is no hardware to maintain, the burden on IT departments is eased.

Any web filtering solution involves a certain degree of latency, although with cloud-based solutions this is kept to an absolute minimal level. Internet speed is not noticeably reduced and there is no latency within the datacenter itself. When students take hardware off the premises they can still be protected without data needing to be routed back to the schools’ datacenter. An roaming agent can be installed on each school-issued device that is taken off premises or even on students’ personally owned devices to ensure that filtering controls are applied.

Then there is the speed of reaction to web content that should be blocked. When changes need to be made to filtering rules, they can be applied quickly and easily from any location without the need for IT staff to access each hardware appliance. A cloud-based control panel can be accessed from anywhere with an Internet connection and changes can be rapidly made.

Cloud-based solutions are also highly scalable. There is no limit on bandwidth or the number of users. Once a solution is deployed, it doesn’t matter how big the network gets. There is no need to upgrade hardware or purchase any more devices. Additional licenses can be purchased as and when needed. Further, if there is ever a reduction in required capacity, licenses can be adjusted accordingly.

With these and many other benefits, it is no surprise that so many schools are now turning to the cloud for their Internet filtering needs. The cloud is the perfect choice for K12 schools looking to keep their students – and devices – safe and WebTitan Cloud is the ideal solution for K12 schools to filter the Internet.

WebTitan - Web Security for the Education Sector

The TitanHQ team has worked on email anti-spam solutions for schools, web filtering for education, and email archiving for schools for over 20 years. We have a deep understanding of the web security issues that all schools and colleges face when protecting students, staff members, and visitors.

WebTitan is a powerful web security solution that ensures safe Internet browsing for children. The solution provides protection from harmful and obscene web content whether students are studying in the classroom, school library, or offsite and blocks threats such as malware, ransomware, and phishing. WebTitan Web security is available for all devices, including Chromebooks, Windows, and Apple devices, and the solution is quick and easy to implement and maintain.

Benefits of WebTitan

  • Create a safe and secure web browsing environment.
  • Comply with CIPA and qualify for E-Rate discounts
  • Block malicious websites and malware downloads.
  • Block material contained in the child abuse image content URL list (CAIC List) and other third-party blacklists.
  • Accurately filter web content through 53 pre-set categories and up to 10 custom categories.
  • Filter by keyword and keyword score.
  • Inspect encrypted websites.
  • Filter content in 200 languages.
  • Apply time-based filtering controls.
  • Filter the Internet across multiple WiFi hotspots.
  • Protect students when learning remotely.
  • Manage access points through a single web-based administration panel.
  • Delegate management of access points.
  • Schedule and run reports on demand with real time-views of Internet activity and extensive drill down reporting.
  • Integrate the solution into existing security and monitoring systems.

Test WebTitan for Yourself with a Free Trial

WebTitan is currently protecting 10 million students and 2.5 billion DNS requests a day with T-Mobile. With WebTitan, you can quickly and easily protect your students from inappropriate web content, ensure CIPA compliance and create a safe environment for children.

You can also take advantage of a Free Trial of the solution to see for yourself how easy it is to use and maintain, and how effective it is at blocking access to content you do not want to be accessed by students, on or off the network.

 

Ransomware Protection Tips

Ransomware Protection Tips

Oct 14, 2016 | Cybersecurity Advice, Web Filtering

There are a number of reasons why ransomware attacks have been increasing and why the crypto-ransomware has now become one of the biggest and most worrying threats. However, the main reason is ransomware is extremely profitable.

How profitable? According to a recent security report from McAfee Labs, one single ransomware author managed to pull in an incredible $121 million in ransomware payments in the first six months of 2016. Take off the expenses incurred and the author cleared $94 million in profit.

That was just one author. There are many. There are now more than 200 different ransomware families and many more variants of each. Fortunately, developing new ransomware is a complicated business that requires considerable programming skill. Unfortunately, there are many individuals who rent ransomware to conduct campaigns and take a cut of the profits.

The explosion in use of ransomware in the past two years is a cause for concern for all Internet users, especially for business owners. Unfortunately, the ransomware crisis is unlikely to be resolved any time soon. As long as it is profitable, the attacks will continue. Vincent Weafer, VP of Intel Security’s McAfee Labs, expects the revenues from ransomware infections in 2016 will be of the order of several hundreds of millions of dollars and most likely considerably more.

McAfee recorded 1.3 million new ransomware samples in the first half of 2016. The risk of infection with ransomware has increased as authors employ increasingly sophisticated methods of evading detection. Ransomware is also spreading faster and encrypting even more data to ensure victims have no alternative but to pay up.

But how is it possible to prevent ransomware attacks? Unfortunately, there is no silver bullet. Prevention requires several different strategies to be adopted. To prevent ransomware attacks, check out the ransomware protection tips below.

Ransomware Protection Tips

We have listed some ransomware protection tips below that will help you to avoid ransomware infections – And how to avoid paying a ransom should the unthinkable happen.

The first rule of ransomware avoidance is backing up your data

The no More Ransom Project is a great initiative. When ransomware variants are cracked and decryptors developed, they are being uploaded onto the No More Ransom site. Victims can then decrypt their files for free. However, there are more than 200 ransomware families and less than 10 free decryptors. You don’t need to have majored in mathematics to work out that the probability of a decryptor being available is rather small. If you want to be able to avoid paying a ransom you must have a viable backup of your data.

The second rule of ransomware avoidance is backing up your data

Without a backup, you will need to pay the ransom if you want your data back. You therefore need to make sure you have a viable backup file. However, multiple backups should be performed. You should have a backup on an external hard drive and a second backup in the cloud. Your external drive must also be disconnected once the backup has been performed.

Keep software up to date

Vulnerabilities are constantly being discovered and patches issued to plug security holes. Even if exploits have not been developed to take advantage of those vulnerabilities, patches can be reverse engineered. Once patches are released, it will only be a matter of time before exploits are developed.  It is therefore essential to apply patches and install software updates promptly. Patches should be prioritized with critical updates applied first.

Remove unnecessary software and browser plugins

If you have browser plugins installed that you never use, remove them. They are an unnecessary risk. Of particular concern are Adobe Flash, Java, and Silverlight. Vulnerabilities are regularly discovered in these plugins and for many businesses they are surplus to requirements. Remove them or at least set them to require manual activation.

Block adverts

Malvertising may not be the most common method of ransomware delivery but the risk should be mitigated nonetheless. Businesses should use an adblocker to prevent malicious adverts from being displayed. Do your employees need to see web adverts? If not, why take the risk?

Filter the Internet

Malicious websites containing exploit kits can probe for a wide range of security vulnerabilities and leverage these to silently download ransomware. WebTitan can be configured to block websites known to contain malware and block sites by category. Categories of websites known to be ‘high risk’ can be blocked, as well as sites that have no work-purpose. Blocking access to certain categories of websites can greatly reduce the risk from web-borne ransomware and malware infections.

Conduct security awareness training

Security awareness training is not just for employees. All individuals in an organization should be taught the security basics from the CEO down. Training should include phishing awareness and avoidance, ransomware and malware, and good security best practices such as never opening emails from unknown sources, not enabling macros, and avoiding clicking links in spam and suspicious emails.

Turn off macros

Macros are used in many organizations, but not by the majority of employees. Macros should be disabled on all devices unless essential, and even then, macros should be enabled manually on documents and spreadsheets if required.

Employ a robust spam filtering solution

A paid-for spam filtering solution should be installed to catch spam emails and prevent delivery. Email is one of the most commonly used ransomware delivery mechanisms. Anti-spam solutions such as SpamTitan can greatly reduce the probability of employees’ security training being put to the test.

Use anti-malware and anti-virus solutions

Employ anti-malware and anti-virus solutions that include a real-time scanning feature and set the solutions to update virus/malware definitions automatically. Full system scans should also be periodically conducted.