St. Joan of Arc School

A Brief Description

Network Isolation
St. Joan of Arc School’s Intranet is fire walled off the public Internet. Also, public Domain Name Service (DNS) is inaccessible from internal clients so direct access to external network services is not possible. The internal DNS server can only resolve names of nodes internal to the SJA network. Access to the SJA Intranet from the public Internet is impossible. (An intranet is a private computer network that uses Internet protocols, network connectivity to securely share part of an organization’s information or operations with its members.)

Proxy
An internal caching and filtering proxy is provided for all internal nodes to access the Internet. All traffic must pass through this proxy. This proxy is based on Squid and Squidguard. All URLs, Domain Names and IP addresses accessed are checked against two databases. The first is a database maintained by the K12 LTSP project. The SJA proxy synchronizes its internal copy with the master copy at squidguard.mesd.k12.or.us every night. The second database is maintained and updated locally by the SJA Staff and includes all the popular social networking sites, and a large number of other sites deemed inappropriate.

The proxy also provides a number of URL rewriting rules that forces “Safe Search” to be turned on for the popular search engines, regardless of the “Safe Search” settings on the user’s browser.

Outside regular school hours, access to the Internet through the proxy is automatically turned off. Access is granted only with the use of a user name and password for the benefit of the staff.

Monitoring
The proxy logfiles can be viewed in real-time by the SJA staff. This can be used as an additional deterrent to inappropriate use of the Internet.
*A big thanks to Mr. Kapauan who helps out with the tech program on a regular basis - without him we wouldn’t be where we’re at today.