alucian wrote:I would like to ask you what web/url filtering application/solution do you use/recommend? I know that there are more than one question here but I would like to hear different opinions.
My comment is, it depends on the environment to be bluntly honest. Not all solutions work in all environments, so this question is likely going to get you a mixture of answers. Not all wrong, not all right. I could assume you want low-cost (Open Source models) but I don't like to assume. You could want an enterprise solution in which event, a solution like Dans Guardian is seriously lacking.
Where I work I recently replaced all of my FW-1's with a combination of Juniper's SRX and SSG's. The SRX's have the capability to work with Websense so we no longer needed Bluecoat. (Sayanora!) All works just fine however, I work at a SoHo/Mid-Sized corporate environment which works just fine for us.
On my managed security side of things (customers of ours), I mainly use Juniper SSG's most of the time, since the costs involved with deploying an SRX at a small company is almost always intolerable. For these setups it also depends on a few factors before decisions are made, and almost always, they're different. How much time I want to spend configuring and deploying something, how creative I want to be, what's the tolerance of the client: Do they want pretty "Warning you shouldn't be seeing this" pages or would they settle for customization (aka default ugliness (Dan's Guardian default page is ugly)). For logging (do they want pretty or am I the one looking at the logs (when I do I pass them through Splunk and OSSIM filtering))
Plenty of questions each unique to each location. If it is a small office, you can take a look at Untangle which does web-filtering as well (http://www.untangle.com/
) if you don't want to go with Squid/Dans Guardian. If you want to do some creative-filtering with IPS/IDS/EPS (Extrusion Prevention System), you could cobble together a neat NSM using Squid, Sguil (http://nsmwiki.org/Main_Page
), pads, etc