Filtering port 443

By mchampion ·
In an educational environment, we are using key word blocking on the firewall for specific Web sites, and generally improper locations.

Does anyone have a possible solution that will allow me to block port 443 for specific sites such as vtunnel, meebo, and kproxy, but still allow access for other sites that use this port?

We are running Windows XP pro on the workstations and Windows 2000 Advanced Server in conjunction with a Netgear VPN Firewall.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

You realy need to go to a content filtering proxy

by robo_dev In reply to Filtering port 443

Most firewalls do not make it easy to filter the content, and the more complex the rules, the slower the internet access for everybody.

Proxy servers:
Websense or BlueCoat are the best.

RhinoSoft AllegroSurf is low cost, and works very well.

Squid proxy with DansGuardian is free.

Collapse -


by mchampion In reply to You realy need to go to a ...

Thanks for the input.

I may have found what could be a viable solution utilizing a combination of Group policy and individual workstation configurations.

Since we are a relatively small (72 workstations) enterprise, it may work out.

Collapse -

But when you say 'education' it sent a chill down my spine

by robo_dev In reply to Thanks

If those beings called 'students' are using the PCs, you've got an uphill battle against a well-armed and significantly wiser opponent.

Collapse -

More truth to that than you know

by mchampion In reply to But when you say 'educati ...

Since these "students" are technically adults with juvenile minds, it's a never ending battle to keep our computers free from "internet garbage" and unwanted solicitations for "spyware removal software".

My intention is to make it difficult for them to get to the places they usually go.

Collapse -

Complete Content Filtering over Web

by anima.palshikar In reply to More truth to that than y ...

I would urge you to take a look at Cyberoam ( We use it in an environment very similar to yours (100+) users and Cyberoam has worked miracles for us.

You want URL filtering and Cyberoam does it wonderfully, it filters URLs on port 80, 21 and 443 (HTTP, FTP and HTTPS). These guys have about 60 million URLs in their database and they are categorized into 82 categories. You can also make your own categories and define your own URLs that need to be blocked (Based on the URL and keywords).

Cyberoam also had fantastic reports that show you 'who is doing what?' on your network, e.g. which websites are a user visiting, how many times, how much data has been transferred and several other useful details.

I looked at other solutions like Websense but they were way out of my budget and pretty complicated to use, mostly meant for large networks. I mean they are really nice but buying one of them would be like buying a semi when I need a sedan.

Cyberoam is a UTM so it also has other features like anti-virus scanning, anti-spam, IDP and VPN. One of the features that I really like is their spyware detection system. They detect spywares coming into my network and not only that?check this out?? as soon as I deployed Cyberoam in my network it detected several spywares that were trying to contact their home servers from my network. That was the feature that turned the trial into a sale for me.

Needless to say that I simply love this little box. We have a CR 100i in our network but for 70+ users I think the CR 50i should be enough.

All the best.

Related Discussions

Related Forums