I'm assuming you're running a network at a university or school of some kind and are using McAfee Inc.'s SmartFilter to control outbound Web access and protect against Web-based threats. SmartFilter is certainly a comprehensive Web-filtering product for controlling, filtering and monitoring Internet use. It allows customized policies by user, group, IP and IP range. Filters can be set by time of day, day the of week, file type and URL,...
using block and allow lists.
If students use their own iPhone and iPod Touch devices, however, to bypass Web filters, it's impossible to mandate what they can and can't install on their devices or which sites they can and can't visit. I'm sure, though, that you will have an acceptable usage policy covering what is and isn't permissible when students access and use the campus network. In this policy, you can state that accessing Facebook from any device via the campus network is not allowed. I accept that it is harder to dictate such a policy when users have their own devices, but if they are using your Wi-Fi to reach the Facebook site, then you have a legitimate case for expecting compliance with your usage guidelines.
The reason students want to use the campus Wi-Fi to access Facebook is because it's so much faster than using AT&T's EDGE network and much cheaper. If you use SmartFilter's reports, you can not only identify and document any inappropriate Web activity to enforce your Web-usage policies, but you can also use SmartFilter to control Web access via Wi-Fi, as well as conventional desktop/Ethernet access. You should explain why you're taking this step, though, such as to preserve bandwidth for work-related activities and reduce legal liability. Students will, of course, still be able to access Facebook from their own iPhones using EDGE, but that's not your problem.
It's worth taking steps to instill an understanding of the security threats and effects that certain activities can have on bandwidth, because you will have to contend with the next big thing: Skype, which has quickly become the most popular download at Apple's iPhone software store. Interestingly, mobile carriers in the U.S., Canada and Germany, such as AT&T, Rogers and T-Mobile, have blocked Skype from their networks so that it can be run only over a local Wi-Fi connection. These organizations defend what they see as their right to determine how their networks are used. You must do the same.
Dig deeper on Web Application Security
Related Q&A from Michael Cobb
A reported 43% of Microsoft XML users are running vulnerable versions of the software. Security expert Michael Cobb discusses how to mitigate the ...continue reading
Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own ...continue reading
While the fundamentals of securing an e-commerce website haven't changed in a few years, there are new threat vectors and security risks to be aware ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.