Securing the Learning Environment Against Anonymous Proxies

##AUTHORSPLIT##<--->

Ask most administrators what the biggest threat to the online learning environment is today, and you'll most likely be deafened by the resounding reply of "anonymous proxies!" Gone are the days when bandwidth, safety and budget were an administrator's primary concerns and could be easily maintained with an Internet filter. Today, students can conveniently bypass all safety measures put in place with a few strokes on the keyboard that allow them to connect to "bad" sites.

With their limited time and resources, most IT staff I know cannot compete with and keep track of the number of proxies that pop up every day. This leads to other problems: schools end up failing in their compliance with CIPA standards, students are exposed to harmful material and bandwidth is drastically diminished. Take, for example, our district, Duval County Public Schools (DCPS) in Jacksonville, FL. Although we were utilizing an Internet filter, students were still accessing MySpace.com and other "blocked" sites about 300,000 times per week. Not only were these targeted sites disrupting study time, but the traffic was hogging a significant amount of bandwidth that could have been used for more appropriate educational applications. Students were bypassing DCPS's then-filter by accessing anonymous proxies--and this was as easy for them as learning their ABCs.

We know kids are really knowledgeable about using Web proxies, so they always find a way to get to them to access sites that are otherwise blocked by school network filters. The only way to find students who attempt to access bad sites is if you identify them or if they get blocked. The fastest way to identify these users is through authentication.

We implemented 8e6 Technologies--a filtering and monitoring solution that completely eliminated any access to anonymous proxies, something our previous filter was unable to do. The first thing we did was to enable an invisible authentication feature. Authentication is a must for a safe and secure Internet environment. It prevents kids from accessing inappropriate material whether on purpose or accidental. Even though they may not do it intentionally, kids will many times type in a wrong word or misspell a word, but authentication ensures that they are being filtered. This transparent authentication is superior to others offered in the filtering industry. However, our battle against proxies did not end there.

We also had to employ a signature-based blocking feature, also from 8e6, which effectively prevents users from accessing peer to peer applications, instant messaging and anonymous proxies. This feature catches requests for anonymous proxies on the fly, giving us zero-day protection against many open-source proxies. Therefore, if the site is not categorized as a proxy in the database, the system will still be able to block access to the site based on the signature files in the Database. Not only does the "Proxy Pattern Blocking" feature identify attempts to set up proxy tunnels and prevents these connections from being made, it keeps a record of the number of times a student tries to evade the filter in this way. After a predetermined number of attempts, the would-be tunnelers are denied Internet access. This feature helps us secure the network from hacker attacks and loss of private information.

8e6's filtering and reporting solution has not only helped save the IT staff time, but it has proven to be a benefit to the entire DCPS community. Administrators benefit from increased production from their employees, teachers benefit from students staying on task, and students benefit by not being subjected to inappropriate material. Finally, everyone, including parents, benefit from a safer environment.

More info:

:: READ MORE FEATURES AND CASE STUDIES ::


About the author: Jim Culbert is an information security analyst at Duval County Public Schools in Florida.

Have any additional questions? Want to share your story? Want to pass along a news tip? Contact Dave Nagel, executive editor, at [email protected].

Featured

  • DreamBox Math

    Discovery Education Announces Updates to Experience, DreamBox Math

    K-12 learning solution provider Discovery Education has announced enhancements to its Discovery Education Experience and DreamBox Math products, designed to create a more personalized, engaging learning experience for students.

  • abstract pattern of cybersecurity, ai and cloud imagery

    Report Identifies Malicious Use of AI in Cloud-Based Cyber Threats

    A recent report from OpenAI identifies the misuse of artificial intelligence in cybercrime, social engineering, and influence operations, particularly those targeting or operating through cloud infrastructure. In "Disrupting Malicious Uses of AI: June 2025," the company outlines how threat actors are weaponizing large language models for malicious ends — and how OpenAI is pushing back.

  • digital dashboard featuring a shield icon, graphs, a world map, and network nodes

    IBM Launches Agentic AI Governance and Security Platform

    IBM has introduced a new software stack for enterprise IT teams tasked with managing the complex governance and security challenges posed by autonomous AI systems.

  • laptop and fish hook

    Security Researchers Identify Generative AI 'Vishing' Attack

    A new report from researchers at Ontinue's Cyber Defense Center has identified a complex, multi-stage cyber attack that leveraged social engineering, remote access tools, and signed binaries to infiltrate and persist within a target network.