Security, bandwidth management, UTM ,encrypted network and everything that is implemented to make other feel that intranet network is secure but the question that arises is that do these things are really needed to make the intranets secure what probably I think is that no network in this world can actually block any specific application this does not means that any application cannot do that but the reason is doing that will definitely compromise the security of the network traffic.
Take an example if the xyz college has blocked a website that provide a default application at the port number n and also provide the same service at the the default web port in encrypted mode then no UTM can actually block it because blocking that encrypted mode means compromising with the security all the websites that are opened from inside the network on the other hand if you block the domain name then proxy from outside the network will break that blockage giving them a way to open that website from outside. Solution : 1.Go for open source application because at least they give you opportunity to do some modification and customize the application.2.Never try to block a website because practically a Google search will give intranet user more then one method to go to that website instead if you actually want to save the bandwidth go for the DOWNLOAD limit.
3.For authentication use credentials as well as the MAC address.
4.Use a centralized authentication system it means even if a student want to use the internet from the college computer then also force the student to enter the credentials so that these internet consumption is also calculated.
5.Provide the student with the essential software from the LAN itself so that students don’t have to use internet bandwidth to download these softwares. This is the best I actually can think……..