I wanted to update this thread with my experiences in controlling my teens and their devices over the past year. My daughter just got her cell phone back after having it taken away for close to a year. I had to get police involved with an issue that required I take her phone away. I won't go into details but I'm sure you can imagine what I'm referring to. My daughter is a honor student as well, so don't let the shy introverted personality fool you when raising your own children. I've taken an approach to block everything except for approved access only. This includes times, numbers of friends, downloaded apps, email, etc... I set restrictions on her phone so that only apps can be deleted by me. Apps can also only be installed with a password but there is a flaw in iTunes setup that allows you to download a previously purchased app without the password. So at least I'll see what has been installed when reviewing phone use.
My son will still waste his entire day playing games online if I let him. Hence the reason for this update. I recently had to upgrade a clients Sonicwall to a new model after some changes in their network. I kept the old unit and decided to renew the security suite license and install it at my house. Imagine the look of horror on my son's face when I came home and set it on the kitchen table.
He is 17 now and has been helping me do some work in the field like cabling and basic network stuff so he hears me talk to clients about network security and knows what a Sonicwall is because they use them in the schools. I first installed it and did not set any policies other than putting him on his own subnet. I can only imagine the garbage his computer has on it. I don't touch it, it's all his. If it breaks, he figures out how to fix it. If it's infected, the only help I will offer is "I guess you need to wipe and reload". He was previously subnetted with his own router because I caught him changing his MAC address to get around the Gargoyle restrictions. I admit I was proud he took initiative to learn but disappointed it was for the wrong reasons. Anyway, looking through the Sonicwall logs I see a bunch of VPN activity and anonymizer activity. After a couple of days of watching I set the policies.
The first policy I set was CFS for a bunch of categories he doesn't need access to. I then added a slew of URL's I don't like and don't want him visiting. I then set a schedule of when his subnet has WAN access. 12-4pm and 6-11pm. This is more than I want to allow but it is summer so I'm being generous. When school starts back, it will be restricted a lot more. I also added some bandwidth throttle because he will consume 100% if I let him. When reviewing the App Flow monitor I notices a lot of torrent traffic. Blocked! The last thing I wanted to restrict is bandwidth quota. The Gargoyle was great for this since I can set a GB limit and it will track it on a period I specify. Sonicwall is lacking in this aspect. The only way I could do it is with Guest Services. It's not ideal but it works. Setting up Guest Services basically requires a browser login for Internet Access. It then provides a session length with a MB quota, currently set to 999MB. A session can't have more than 1GB.
I also have the wifi setup with VLAN's for both kids subnets. I use a Ubiquiti AP which works real well with Sonicwall VLAN's.
So that's basically it, for now. Interested in what others are using to control their kids or clients kids.