Well, we're in a different predicament that most, as most users are K-12 students. Their excuses range from "I didn't know" to "I didn't do that". Their parents sign an AUP, but I doubt that hardly any of the students have ever even seen it. Last year, to attempt to remind them of it, I printed out a double-sided sheet for every high school student that contained their username/password, along with a copy of the AUP. I later found out that the office threw the entire stack away because it wasn't sorted in homeroom order. Watching the real-time monitor shows that there is an attempt to access a blocked site about every 5-6 seconds. If we attempted to prosecute every attempt, we could turn that into a full-time job. So, we watch the logs for suspicious activity, and report the serious offenders only. So no, they don't have much to lose by trying... We normally don't hear much at all from the students about blocked sites, they seem to accept that and amuse themselves trying to get around the block. That is, until the other day, when we blocked the web journaling sites... Boy, did that raise an uproar... So, I've spent most of this morning creating a custom denied page reminding them that they (or their parents) signed the AUP, along with a link to copies of them. -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Friday, April 29, 2005 08:50 To: [ISAserver.org Discussion List] Subject: [isalist] RE: A Question? Or just an observation... http://www.ISAserver.org Hi Dan, What kind of error page do they get? Do you let them know that they're being watched? What type of users do you have? Are they not stakeholders of any kind? They have nothing to lose by violating network security policy? Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls