One of my clients has the following requirements regarding web content filtering: - Active Directory is a must - multiple access levels based on username regardless of IP - filtering logic for each access level is blacklisting of certain domains, extensions and mime types - on-access scaning for viruses For more than 5 years for this purpose I am using Squid + Dansguardian + Clamav, authenticating users over NTLM, and it works more or less OK. I understand NTLM should be avoided if possible in favour of kerberos. Also, Dansguardian didn't have refresh since ages, so I am looking for alternatives. Any suggestions? -- Marko Cupać
