We have seven school district buildings which includes an administration
building. Each school has it's own server set on NW6.5SP5 and BM3.8SP4 as
well as Zen 7. The admin bld has two servers, one for the building and one
is our web/e-mail server using GW 7.0.2HP and Apache2. It also has GWava
running with Kaspersky A/V (e-mail) and both servers are our DNS servers.

If I set the default filters (to lock down the system) with BM, all
connectivity is lost, which it should be. However, I've not been able to
figure out the correct filters to set to allow traffic into and out of the
web server and e-mail, i.e., if I lock down the building server no one can
get to their e-mail or access the web server but can access the Internet via
the BM proxy.

I have Craig's books but guess I need a little more detail and pictures. Is
there a book out there for those of us with A.D.D. that will walk me through
creating a filter one-step-at-time including saying what each step is
for/doing or what will be accomplished?

I need to lock down each of the servers, but can't because, although users
can get out to the Internet via the BM Proxy, they still don't have access
to GroupWise from the client and / or Novell's iFolder, and Instant
Messaging, of course. If I go to iManager 2.6 and attempt to creating
exceptions for GW, iFolder and IM, the filter exceptions are created but
don't make a difference.

Sorry to drag on so long, but we've had an incident happen in the last month
and we need to make the network more secure but still allow users to such
things as the Internet, GW, iFolder, etc.

Any suggestions and/or ideas would be appreciated,