There are a ridiculous number of organizations using transparent proxying as a means to limit access to external resources. The idea is that by proxying all web traffic, they can keep employees from visiting porn sites. I’m not necessarily convinced that this does them much good. My general experience has been that the type of people looking at porn during the day will not become more productive as a result of losing the freedom to look at porn at work. They’ll still be useless employees that you have to performance review instead of firing for inappropriate use of technology.
Additionally, these proxies do very little to increase the security of the network. I’m fairly certain that by the time the Proxy Vendor is alerted to malware distributing websites, an anti-virus company has already issued an update. This is redundant. Normally, I’d fully support this redundant – ok, I’ll drop the buzzword – Defense in Depth solution.
However, piggy-backing on the heels of ay real security value, which is best described as the graph of 1/x, are made up categories of websites to deter your users from doing things that your CEO believes are inappropriate. Interestingly enough, if the CEO is involved in Fantasy Football, you’ll be hard pressed to find an IT Infrastructure that denotes that classification of sites as inappropriate. I digress.
Read the rest of this entry »
