While the Web has certainly proven to be a powerful tool and technology, organizations worldwide have recognized the need to create policies around its usage in the workplace. Analysts estimate that 70% of browsing to pornography sites happens during normal business hours and about 30-40% of overall Internet usage in the workplace is not related to business. While many Web sites targeted at business usage provide safe and secure business environments, an increasing number of Web sites and Internet applications targeting personal usage are hosts to spyware, viruses, and other Internet threats. As such, unauthorized personal Web browsing poses not only a threat to personal productivity but to the security of the network as a whole. At the same time, the Firewall Web Filter includes protection against Internet threats.
Comprehensive Content Filtering
The Firewall Web Filter combines multiple techniques, including URL filtering, URL rewriting, and MIME type blocking to provide powerful control over policies covering Web site usage. Capabilities include:
- URL filtering by content category. You can define policies that restrict or allow Web sites based on their categorization. The Firewall Web Filter includes definitions for 58 content categories, including pornography, violence, hacking, sports, news, dating, and chat sites.
- URL filtering by domain name or URL pattern. You can customize your content filtering policy to restrict certain Web sites, or look for specific patterns in Web site addresses. Advanced administrators can specify URL patterns to block using the very powerful UNIX regular expression (regexp) syntax
- Image Safe Search integration (URL rewriting). The Firewall Web Filter takes advantage of the “safe search” content filtering capabilities built into image search engines, such as Google, Yahoo, and MSN. If enabled, the Firewall Web Filter Image Safe Search feature rewrites URLs for these image search engines to include the URL parameters that restrict display of objectionable content in cached image search results.
- File type blocking. You can define policies to restrict downloading of files over the Web based on their MIME types. For example, to block downloads of executables, you can block MIME type application/octet-stream.
These controls can be combined to govern Internet usage to increase productivity, reduce exposure to offensive material, and to prevent visits to sites that could compromise security.
Internet Application Blocking
Beyond the standard HTTP proxy solution, the Firewall Web Filter also enables you to enforce policies governing usage of applications that access the Internet. Features include:
- Instant Messaging (IM) Blocking. The Firewall Web Filter enables you to set policy governing usage of public IM clients, including AIM, ICQ, Yahoo! Messenger, and MSN Messenger, and ICQ. These public IM clients can not only provide means for unmonitored communications, but their security vulnerabilities are often the target of those in the hacking community. Blocking public IM communications outright is one strategy to secure information flow and increase network security.
- Application Blocking. In addition to IM applications, the Firewall Web Filter includes policies for popular applications that access the Internet, including Internet music applications, software updaters, and popular browser toolbars.
- IP and Port Blocking. You can customize your own IP blocking policies based on any combination of source or destination network IP address ranges and ports. One common usage of this feature is to prevent compromised machines from accessing the Internet.
The combination of Web and other Internet application blocking techniques enables you to define and implement complete Internet usage policies for your organization.
Advanced Policy Creation
Because different rules may apply to different constituencies in your organization, the Firewall Web Filter supports extremely granular applications of policies by user, group, or IP address range. It also supports time-based policies. Features include:
- Default guest and user policies. For rapid deployment, the Firewall Web Filter comes preconfigured with default guest (unauthenticated user) and known user (authenticated user) policies. With easily customize default policies for content filtering and application blockin.
- User and group policy exceptions. You can customize policies by defining exceptions on top of the default policies. Policy exceptions can apply to content filtering and application blocking rules, and they can apply to specific users, groups, or network IP address ranges. For example, you can set a default policy to block Web access to job sites but create an exception for the Human Resources group to allow them.
- Integration with LDAP directory servers. The Firewall Web Filter integrates with Microsoft Active Directory. This integration provides the Firewall Web Filter with real-time access to user and group membership managed by the directory server. You can define policies that apply to LDAP users.
- Integration with Windows Domain Controllers. Included with the Firewall Web Filter is the Firewall DC Agent, software that can be installed on your Windows Domain Controller. This software provides the Firewall Web Filter with the username logged at each IP address, and it enables proper application of policy without requiring any user intervention and without a separate login.
- Local users and groups. For sites that do not use directory servers or who wish to define policies for users and groups not managed by the directory server, the Firewall Web Filter supports the creation of local users and groups on which to apply policy.
- Network IP address groups. You can define policies that only apply to certain network IP address ranges or subnets.
- Web traffic monitoring. You can define policies for monitoring specific Web site categories, domain names, or URL patterns without presenting block pages to users or preventing access. Monitoring is useful to assess the potential impact of new policies prior to implementing access restrictions on the user community.
- Time-based policy exceptions. You can define policy exceptions for both content filtering and application blocking based on time-of-day. For example, you can set a default policy to block access to sports sites but to allow browsing during non-working hours.
The Firewall Web Filter was designed with ease of deployment in mind. With default policies, even organizations new to Web filtering can get started quickly. Organizations with more advanced filtering requirements can take advantage of advanced policy exceptions and integration with enterprise infrastructure.
Integrated Spyware and Virus Protection
The Firewall Web Filter includes best-of-breed spyware and virus protection leveraging its heritage as a leading anti-spyware solution. Capabilities include:
- Blocking access to known spyware sites. As a first line of defense against spyware, the Firewall Web Filter blocks access to sites known to host spyware.
- Blocking spyware downloads. The Firewall Web Filter blocks spyware installed without the user's knowledge or consent - also known as drive-by installs or downloads - as well as any installations from known spyware Web sites.
- Integrated anti-virus protection. In addition to blocking spyware, the Firewall Web Filter provides complete virus protection for all downloads. By utilizing dual layer virus blocking, decompression of archives and file-type blocking, the anti-virus engine in the Firewall Web Filter further protects your network from crippling threats.
- Detection and blocking of spyware activity. The Firewall Web Filter secures the organization by detecting spyware access to the Internet, blocking it, and notifying the administrator.
By combining anti-virus and anti-spyware at the gateway with desktop spyware removal, the Firewall Web Filter offers a unique approach to providing universal network protection from malware in a simple, easy-to-use appliance.
Simplified and Centralized Administration
The Firewall Web Filter features an easy-to-use Web interface allowing for easy and cost effective administration of the appliance. The Web interface allows you to define, manage and control corporate spyware and Web security policies from one central place.
- Firewall Energize Updates. A team of security engineers at Hart Computer Technology, Inc. continuously monitors the Internet for trends in spyware and virus attacks. As they detect trends, updates are created for the Firewall Web Filter. The Firewall Web Filter is then automatically updated with new spyware Web sites, spyware rules, spyware algorithms, and virus definitions. These updates require zero administration and ensure that your network has comprehensive and accurate protection even as the spyware methods of distribution change.
- Logs and Graphical Reports. System administrators can view log reports to provide visibility within the organization. The Firewall Web Filter can provide information on top blocked users. The Firewall Web Filter support summary reports, including top blocked, monitored, and warned Websites, top Websites by hits and bandwidth utilized, and top clients by hits and bandwidth utilized.
- No Per User Charges. Firewall Web Filter pricing is simple. Each of the Firewall Web Filters is designed to handle an approximate number of users. The Firewall Web Filter includes a robust feature set at one fixed price with no per user charges. This means the system administrator no longer has to worry about keeping track of new accounts.