Something to think about...
There exists what are termed anonymous proxies
on the Internet. Some of which are encrypted SSH sessions, much like a VPN. If any of your students happen to be sly enough to use them, your problem has grown or will grow by an order of magnitude. To stop something like this, you will have to maintain some sort of blacklist database and use fairly complex packet inspection to take apart the encapsulated packets--all straight overhead that will degrade network performance.
It's a tough call. If you eliminate the obvious, you'll push a portion of the abusers towards tactics that are much harder to stop without adversely impacting the entire network. If I was in your shoes, I would probably just attempt to document the abuse, without actually eliminating it. Take the information to the dean and tell him what you're up against and let him decide the proper course of action. Advise him that going to the next level will have an impact on the network that goes beyond a simple inconvenience.
Good luck on the project.