+20Hi,
We sent a profile to "trying to limit access to adult websites" on our student MacBook Airs. The result is that it works on Safari, but Firefox and Chrome are unusable.
The two browsers get constant prompts for SSL sites, and requires admin rights to add the sites.
How are you guys using the profile? Is there an update to fix the big, or workaround? We are looking at Global HTTP Proxy, but JAMF doesn't offer it natively -- so we are looking at the script too.
Thanks for any tips,
Michael
Best answer by damienbarrett
Good grief, yes. You need a real filter, either a proxy like Lightspeed, or a web filter like WebSense that sits on your network and does the filtering and updating for you. You're going to have a very hard time trying to manage the blacklisting of websites using configuration profiles.
+17I'd suggest looking at putting a real web filter in line. I can't imagine trying to manage web traffic for students without one.
+19Good grief, yes. You need a real filter, either a proxy like Lightspeed, or a web filter like WebSense that sits on your network and does the filtering and updating for you. You're going to have a very hard time trying to manage the blacklisting of websites using configuration profiles.
+5We use iboss with 1:1 in my district. It has a tiny mobile client that is invisible to the students so they get filtered off site as well. Virtually set and forget.
+22OpenDNS gets the vote from me for filtering.
+27Agreed with all of the above. You need filtering and there are many good options. With the understanding that there is no such thing as fool poof way to block all of the bad things from getting to the students eyes. Trust me, we do everything we reasonably can to block our students from getting to the 'bad' stuff, but there is a point of diminishing returns.
Get a good web filter (or a few) and call it a day. Proxying has it's own issues and so we avoid it here. However, it's also important to teach your teachers and the parents to keep an eye out and help their students avoid this sort of thing. Coming from a long running 1:1 edu we keep the following in mind at all times: There is not always a technological solution for a social issue!
Having been a student at a 1:1 high school many years ago I also remember that I got my start in IT, as a student... looking for the 'bad' stuff ;-)
P.S. If I'm going to give a recommendation I'll give a shot out to my friends at Fortinet. Love our Fortigate and Forticlient if we do need VPN/Proxy.
+10Don't forget to block apps like Puffin Browser for your iPads (and the website for your MacBooks et. al.). These types of sites allow unlimited access to filtered/blacklisted sites if they them selves, are not blacklisted in your system
+20Thanks a bunch, folks. Really helpful.
Much appreciated.
+1I am wondering if anyone can share how they pushed out iboss agent in a 1:1 MacOS environment? Thanks, Jon
+17@jon.snell it's been awhile, but this might help you. When I was a new iBoss customer I asked support to walk me through it.
https://support.ibosscloud.com/hc/en-us/articles/115008399368-Mac-Agent-Configuration-Guide
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.