So this morning me & our inhouse "IT guy" went up against our Director, again, over the matter of having Firefox at work.

Pesonally I can't use IE. It's not a case of it being flakey, Microshaft, or whatever hatred campaign against it is the rage these days - I have just never enjoyed using it. FF, however, just works.

I'm not alone, and there are other's who'd rather Chrome, so in the pursuit of productivity me and our inhouse "IT guy" have installed them... but "apparently" Firefox usage bypasses Censornet (?) - which worries our security & control conscious director. Since I don't really understand what goes on behind a router, I can only think this spurious, and a simple (personal) hatred of Firefox.

So how/what/can I suggest to support it's use?

Only if he's doing it wrong.

I can't understand how it could be bypassing Censornet either as surely it is using port 80 just like IE would?

Possibly there's a group policy setting that forces IE to use the censornet system as a proxy, which Firefox isn't respecting?

If it is that by the way, however much money you paid/are paying to censornet you might as well have flushed down the boy, because it was patently 'written' by a 12 year old in his school lunch break and that any other child in his class could bypass in seconds.

Jon

I wouldn't be suprised.
Turns out, it's not a case of FF being the devil, it's that our external IT guys haven't written FF into their things-to-do list, so IE gets it proxy assigned, but FF installs miss out... amusingly, since we've taken box-building off their hands, it turns out the IE on our most recent machines isn't setup either.

We've people who struggle with turning on a computer - so we've no worry about internal hacks - but given your comments, have you any "better" (cost comparable) alternatives?

To be honest, I wouldn't want to do that without taking a proper look at how your setup is, because it's very likely there are some solutions that would be an equal waste of money for you or interfere too much with the things you do that actually make the money. I'm sorry, it's just that that's a question that can open a whole can of worms and I'd rather give no advice than advice that turns out to be useless or counterproductive.

The best thing I can suggest is to get someone in to give you a security audit and go from there, rather than me telling you something after making a bunch of assumptions that may well be wrong.

Jon

if its for web filtering then i would suggest openDNS
its off site and very hard to bypass once set up
i have the openDNS addressing hardwired within my router firmware

also has white and black listing above and beyond the standard filtering ...

I was going to say this as well.

If they can't even snoop on port 80 properly, then someone needs to ask serious questions about security. But that probably won't happen in an IT department where such things are allowed to happen in the first place.

I'm not sure I know what to suggest - sorry.

OpenDNS works well.

Or stick a Cyberoam UTM device in. It'll do web filtering, gateway andtivirus & antispam as well as providing SSL VPN