On 5/10/2013 3:01 a.m., Marko Cupać wrote:
One of my clients has the following requirements regarding web content
filtering:
- Active Directory is a must
- multiple access levels based on username regardless of IP
- filtering logic for each access level is blacklisting of certain
domains, extensions and mime types
- on-access scaning for viruses
For more than 5 years for this purpose I am using Squid + Dansguardian
+ Clamav, authenticating users over NTLM, and it works more or less OK.
I understand NTLM should be avoided if possible in favour of kerberos.
Also, Dansguardian didn't have refresh since ages, so I am looking for
alternatives.
Any suggestions?
Move your DG rules into squid.conf rules?
The current Squid integrate with clamav via ICAP for realtime streamed
scanning, and the rest of your policies just seem to be ways of setting
up the ACLs.
Amos
