That’s exactly why I suggested WebSense, as it provides things like URL filtering, which means that sites that only host legal torrents (probably) won’t be blocked. Blocking an entire protocol (a very efficient one too) is far too heavy handed, especially when it’s successfully used for legal things like distributing patches for “World of Warcraft”. I must admit I haven’t looked into WebSense properly, I only have a passing knowledge, but I might ask someone at work next week that knows more about it (or can ask the vendor), and see if I can get a definitive answer about its classification of torrent sites (you may have to add legal torrent sites as exceptions?). Essentially it saves the uni from having to provide a list of banned sites, would be viewed as a reasonable attempt to restrict access to illegal content, would also provide protection against malware hosted on websites from being introduced to your network, and it’s proactive!

I gather WebSense allows you to set policies, and certain products will work with things like Active Directory to allow user level policies to be applied. The Websense Master Database has the industry’s most accurate classification of URLs, protocols, and applications. This is maintained via a variety of proprietary classification software and human inspection techniques. It has more than 20 million websites in 90+ categories, allowing organizations to design specific internet use policies. Websense Security Labs mines and analyzes over 350 million sites per week for malicious mobile code and hacks, as well as managing a honeynet of computers to discover new threats.

//there’s an upper filesize limit//

I can understand why size limits on webcaches are in place, but if anything they’re a bit backwards, as they’ll happily store thousands of small files and pages that aren’t going to be too much of a bandwidth problem unless every user were to access it, but won’t typically cache that 4GB ISO image that a dozen computer scientists will try and download (which probably uses far more bandwidth than the entire sum of small cached downloads), and will sometimes introduce problems where users can’t see the latest versions of pages. Ideally you’d configure a cache to only cache text/html for a couple minutes, and to cache very large files for months. Sure, the cost of additional disk space would be a lot higher, but you wouldn’t have to worry about mirroring/backing it up as you can afford to lose the cached data, and it might work out cheaper in terms of bandwidth (500GB HDD for under £80 ex VAT, would hold over 160 copies of Fedora Core 6, or probably every single current Linux distro [DistroWatch lists about 220, I think]). Of course, bandwidth is less of an issue for universities; large businesses that pay per GB might find it more important.

Not really. The interesting thing about how cardiff has done this is that they’re obviously trying to make it clear that it’s the content that they have a problem with, not the technology itself - they’ve not banned bitTorrent. I’m not familiar with websense, but I’d imagine that it works by examining traffic, not content.

If that is what’s behind the reasoning, I applaud the sentiment, at least. Not so much the implementation.

//popular content could be kept on a local webcache/transparent proxy owned by the university//

I believe it already is, here, but there’s an upper filesize limit. I know Oxford don’t do any proxying at all (at the university level, anyway - departments and colleges have the option of doing pretty much what the hell they like).

The use of something like WebSense would probably be better, as this would provide some form of reasonable assurance, although it’d obviously be more expensive. For example, WebSense Enterprise can block P2P protocols on the corporate network - you could perhaps allow BitTorrent and Skype but block FastTrack, WinMX, Gnutella and eDonkey protocols. Bandwidth PG, an add-on for WebSense, blocks access to download sites and servers for P2P applications (it’d be interesting to know how configurable that is too, as some sites and trackers might be acceptable).

In many cases, legal content that people are obtaining via BitTorrent (e.g. ISO images of Linux distros) is already available from www.mirror.ac.uk (having said that, due to a lack of funding, it’s recently been announced that it’ll close from July 31st) that universities have fast access to, and popular content could be kept on a local webcache/transparent proxy owned by the university anyway.

In their defence it looks like they are only targetting ones who are a little… lax in their legality.

The fact that determined pirates will probably circumvent these measures with ease is, I think, another argument about why this is the wrong approach. Oh well.