education · Internet · Making things work · Open Source

Internet content filtering and bandwidth management for Schools

Use of Internet in a school/educational institution


Early internet was developed from an ARPANet, later on adapted by some of the leading universities in USA and eventually became the Internet as we know it today. Since the mid-1990s, the Internet has had a revolutionary impact on culture and commerce, including the rise of near-instant communication by electronic mail, instant messaging, Voice over Internet Protocol (VoIP) “phone calls”, two-way interactive video calls, and the World Wide Web with its discussion forums, blogs, social networking, and online shopping sites. Today’s Internet has become a major backbone for all communication and electronic content distribution.

Today’s education system relies on internet for a major portion of its educational contents. Internet is also used as a distribution network of school/institution hosted contents for students for remote access.

Why do we need content filter

In an international School we have students of all ages. Internet as we know it is unregulated and requires an additional security and access layer to ensure access to age appropriate content. Teachers and administrators need to control web contents by various categories for example, social network, education, downloads, email, dating, porn, violence, hate sites etc.

What about bandwidth issues

In many part of the word internet bandwidth is insufficient. Internet contents are becoming heavy, multimedia use is growing; in an educational institution concurrent internet access request from a classrooms can be extremely demanding on bandwidth. When you multiply such usage pattern for hundreds or thousands, the user experience will suffers.

A systems level implementation of a fair share policy, quality of service and bandwidth management can provide all users with quality internet access as per the policy.

Internet Content filtering/Protect the children against inappropriate content

Internet content filtering is also known as Content-control software, content filtering software, secure web gateways, censorware, web filtering software, content-censoring software, and content-blocking software.

In an educational institution, we have students of all ages. Acceptable usage can only be implemented only after a certain age. For younger kinds age appropriate filter is required. However internet resource access monitoring of all internet traffic might be required for comply with various policies.

Usually in a policy the institution may require to list categories of content (e.g. News, sports, Travel, Shopping, Sex education, Games, Gambling, Pornography, Nudity, Illegal drugs, Violence, Hate, Virus) and list the group of users based on their age and role (e.g. children under 10, children under 18, staff, teachers). A map will be included to define who can access and or is prohibited from accessing list of contents, all time or different time of the day or week.

Such system also protects your network and users from malicious site, which may put your network, students and staffs personal accounts and identity in danger.

You will find a list of content filtering software at

Software for content filtering


Among my preferred solution, if you are looking for complete Open Source software (without any licensing cost). SquidGuard works with squid, follow this link to get a step by step implementation guide for SquidGuard for a schools network at the gateway level. Follow this link for quick squid configuration.


Untangle firewall UTM networking application. Which comes in as hardware appliance also can be installed in your local server. Among many other features untangle supports Bandwidth control for the network. Untangle is partially open source and free, basic content filtering can be used using the Open Source and free to use version. For complete content filtering option you may need to subscribe to the commercial edition. The administration of this application is web based and requires basic systems administration skill.

Following link will provide you with more information on use of untangle as a content filtering system and

Installation and administration of the content filtering software with SquidGuard with squid requires moderate to advance level of systems administration skill. On the other hand for untangle which comes with a gui, for administration, basic level of systems administration skill is sufficient.

Bandwidth management to priorities traffic for educational use

About traffic management

In many parts of the world, internet is a scarce resource and requires a fair share and priority policy to ensure its smooth access. In an educational institute with limited internet bandwidth we need to setup systems which should allow priority for important resources access based on the policy over the less important requests.  I am going to discuss several options for ensuring service quality, implement priority and stop bandwidth hoggers.

Ensuring quality of Service:

As a facility, the Internet is used for accessing webpage, email, file sharing, document collaboration, remote access etc. Internet is also used for real time communication such as chat, video, voice, conference etc. which requires real time priority; for other communication such as email, blog, web access, social network, Youtube videos can be served with mid-level priority. Finally access requirement for content such as downloads of larger files, Dropbox sync, etc. can have a lower priority. In such implementation bottle necks are minimized and quality of internet services are improves for all users.

Setup priority based on type of site and who is requesting it:

By categorizing the site and services, if we assign different level of priority to different content type e.g. educational, non-educational, and heavy download content. Priority and access level may change based who is accessing it or/and based on off and peak hour. Such policy will ensure critical access has more priority over less critical one.

Stop bandwidth hoggers:

If no one abused their Internet access! In many cases Internet works well for all until someone start downloading big files with multiple threads, a p2p downloading or access a lot of heavy content continuously. Few such users are enough to chock everyone else’s reasonable educational requirement. When we limit individual users to a predetermined amount of bandwidth or data per day, par week, effect of this type of abuse becomes limited and we make reasonable internet users out of bandwidth hoggers.

One other way of achieving a similar goal is, if a user’s use of bandwidth reaches its peak for a prolonged period of time (e.g. over 30 min or an hour) the system will automatically limit his or her bandwidth to a lower sate, so that the internet facility as a whole (for all other users) stays unaffected. Such policy can be used in conjunction with other policies we discussed.

Overhead for content filtering

Implementing the above listed policies can be used independently of in combination based to institutions requirement to have reliable access for internet in an educational environment.

Software for bandwidth management

Many software solutions to implement the above described technology as a policy for your institution based on the requirement. I am listing some of them bellow.

Linux traffic control

Linux traffic control is very powerful and support all above type of bandwidth control. You can read more about linux traffic control following this link.


Squid is an Open Source free to use proxy server which can be configured as a proxy server for the network, so that all internet traffic will pass though Squid. Squid has a feature called delay pool which can be configured. Follow the link to learn more on how to configure squid to control user bandwidth. Follow this link to learn how to configure squid quickly


Mikrotik is a router OS very reasonably priced. This can also be installed on a PC and will turn it into a router with all the necessary features included a quality bandwidth management.


As we introduced untangle earlier in this blog as a content filtering system, which also includes a bandwidth controller as a paid module.

Bandwidth Control allows you to better manage the bandwidth consumption on your network, including controlling and visualizing the use of your network at a fine-grained level. Use Bandwidth Control to assign data transfer quotas to users, guarantee bandwidth, punish unauthorized usage, and prioritize or de-prioritize sites. Read more about Untangle bandwidth control module by following this link. The administration of untangle is completely GUI based and can be done by an entry level systems administrator with basic training.

Overhead for bandwidth management

Linux router, mikrotik, and squid delay pool will require higher level of internal skills or external support for its installation and configuration. Administration can be straightforward once the process is defined but administrators will require moderate linux to advance skill level.

On the other hand untangle administration is simple gui based, a systems administrator with entry-level skillsets can easily manage it, once implemented.

For future help with managing your internet resources

If you need help with consultancy or implementing content filtering and bandwidth management for your educational institutions or any other type of organization feel free to contact me directly or visit and for various open source software solution and educational consultancy including managing your network.

Tag: content filter, bandwidth control, bandwidth controller, internet, resource, school, educational institution, management.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s