Securing the Learning Environment Against Anonymous Proxies

  • 03/13/07
##AUTHORSPLIT##<--->

Ask most administrators what the biggest threat to the online learning environment is today, and you'll most likely be deafened by the resounding reply of "anonymous proxies!" Gone are the days when bandwidth, safety and budget were an administrator's primary concerns and could be easily maintained with an Internet filter. Today, students can conveniently bypass all safety measures put in place with a few strokes on the keyboard that allow them to connect to "bad" sites.

With their limited time and resources, most IT staff I know cannot compete with and keep track of the number of proxies that pop up every day. This leads to other problems: schools end up failing in their compliance with CIPA standards, students are exposed to harmful material and bandwidth is drastically diminished. Take, for example, our district, Duval County Public Schools (DCPS) in Jacksonville, FL. Although we were utilizing an Internet filter, students were still accessing MySpace.com and other "blocked" sites about 300,000 times per week. Not only were these targeted sites disrupting study time, but the traffic was hogging a significant amount of bandwidth that could have been used for more appropriate educational applications. Students were bypassing DCPS's then-filter by accessing anonymous proxies--and this was as easy for them as learning their ABCs.

We know kids are really knowledgeable about using Web proxies, so they always find a way to get to them to access sites that are otherwise blocked by school network filters. The only way to find students who attempt to access bad sites is if you identify them or if they get blocked. The fastest way to identify these users is through authentication.

We implemented 8e6 Technologies--a filtering and monitoring solution that completely eliminated any access to anonymous proxies, something our previous filter was unable to do. The first thing we did was to enable an invisible authentication feature. Authentication is a must for a safe and secure Internet environment. It prevents kids from accessing inappropriate material whether on purpose or accidental. Even though they may not do it intentionally, kids will many times type in a wrong word or misspell a word, but authentication ensures that they are being filtered. This transparent authentication is superior to others offered in the filtering industry. However, our battle against proxies did not end there.

We also had to employ a signature-based blocking feature, also from 8e6, which effectively prevents users from accessing peer to peer applications, instant messaging and anonymous proxies. This feature catches requests for anonymous proxies on the fly, giving us zero-day protection against many open-source proxies. Therefore, if the site is not categorized as a proxy in the database, the system will still be able to block access to the site based on the signature files in the Database. Not only does the "Proxy Pattern Blocking" feature identify attempts to set up proxy tunnels and prevents these connections from being made, it keeps a record of the number of times a student tries to evade the filter in this way. After a predetermined number of attempts, the would-be tunnelers are denied Internet access. This feature helps us secure the network from hacker attacks and loss of private information.

8e6's filtering and reporting solution has not only helped save the IT staff time, but it has proven to be a benefit to the entire DCPS community. Administrators benefit from increased production from their employees, teachers benefit from students staying on task, and students benefit by not being subjected to inappropriate material. Finally, everyone, including parents, benefit from a safer environment.

More info:

:: READ MORE FEATURES AND CASE STUDIES ::

About the author: Jim Culbert is an information security analyst at Duval County Public Schools in Florida.

Have any additional questions? Want to share your story? Want to pass along a news tip? Contact Dave Nagel, executive editor, at [email protected].

Featured

  • Abstract AI circuit board pattern

    Nonprofit LawZero to Work Toward Safer, Truthful AI

    Turing Award-winning AI researcher Yoshua Bengio has launched LawZero, a nonprofit aimed at developing AI systems that prioritize safety and truthfulness over autonomy.

  • stylized illustration of a desktop, laptop, tablet, and smartphone all displaying an orange AI icon

    Survey: AI Shifting from Cloud to PCs

    A recent Intel-commissioned report identifies a significant shift in AI adoption, moving away from the cloud and closer to the user. Businesses are increasingly turning to the specialized hardware of AI PCs, the survey found, recognizing their potential not just for productivity gains, but for revolutionizing IT efficiency, fortifying data security, and delivering a compelling return on investment by bringing AI capabilities directly to the edge.

  • magnifying glass with AI icon in the center

    Google Releases Learning-Themed AI Mode Features for Search

    Ahead of back-to-school season, Google has introduced new AI Mode features in Search, including image and PDF queries on desktop, a Canvas tool for planning, real-time help with Search Live, and Lens integration in Chrome.

  • sunlit classroom with laptops on every desk, each displaying a glowing AI speech bubble icon above the screen

    Copilot Chat and Microsoft 365 Copilot to Become Available for Teen Students

    This summer, Microsoft is expanding availability of its Copilot Chat and Microsoft 365 Copilot products for students aged 13 and older. Administrators will be able to grant access for students based on their institution's plans and preferences, the company announced in a blog post.