Using Squid Proxy to Replace Border Manager Proxy

We have used Novell Border Manager for our web proxy servers and for web access control since we had office Internet connections. Novell is phasing out Border Manager in favour of a new product called Novell Security Manager. Security Manager is a Linux software appliance that does a whole bunch of border functions, like proxy, vpn, intrusion detection, malware detection, virus scanning, etc. We have recently made a corporate decision to go to hardware devices for a lot of that stuff, but one thing our selected hardware devices don’t do is web proxy.

We started out using a web proxy to provide a huge performance increase to our users’ web experience when lots of users were sharing a slow connection. This is becoming less necessary now that most of our sites are moving to (very) broadband connections. However, another nice feature of using a web proxy, is that you can set it up so your users must authenticate to it, and then you can log the activity by user ID. We have a corporate acceptable use policy for the web that says that we may monitor usage at any time, and users are responsible for following the acceptable content policy. If we suspect we are having some inappropriate use, we monitor activity automatically and then manually review the logs. This is very easy when using an authenticating web proxy.

We no longer need all the other functionality that makes up Border Manager so James and I decided to try to setup a Squid proxy server with LDAP authentication, so our users could use their every-day login IDs to authenticate, and we could monitor activity when necessary. We built an OES Linux server (since we have a site license and can build as many OES servers as we need) and installed Squid on it. Getting authentication working was very straightforward. I then installed Webalizer, a web server log analysis tool, which is also compatible with Squid. I built a cron job to automatically review the logs from Squid, and present it via a web page right on the proxy server. It’s very easy to use and shows some good data about your traffic. When we activate our sites on the new Telus VPN, we’ll put the Squid proxy into production.

Sample output from Webalizer