Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Corporate Web Filtering

  1. #11
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by Thorn View Post
    What? Someone using the "i" on a non-Apple product? How dare they! Jobs better alert his lawyers!
    Actually I think Compaq started the i thing.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  2. #12
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Pfsense has squid and lots of other features for network monitoring and Traffic shaping and tons of other stuff. I highly recommend it.

  3. #13
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    7

    Default

    for a free solution i recommend untangle and for commercial pay usage i would recommend webwasher over websense anyday. well except maybe now that mcafee bought webwasher man they suck.

  4. #14
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    There's tonnes of commercial products out there for this sort of thing. As Thorn mentioned none can tell you how long a website was in focus on a screen. Some (such as the Astaro product) try and do some funky things with their reporting where they assume that each set of page requests from a site means a three (or maybe five) minute usage period for that site. Its not really accurate however, especially when you consider that some site auto refresh their content without user intervention. On a proxy this looks like multiple requests to the site. We have had had usage reports get wildly skewed when users leave their machine logged on overnight with a news page open in the browser.

    The best choice depends on the features you are after, including stuff such as:
    • Categorisation of sites
    • Malware scanning
    • Content type protection
    • SSL inspection
    • Phishing protection
    • Blocking of compromised hosts
    • Authentication of users
    • etc


    Personally I have been using the Clearswift MimeSweeper for Web software product for years and I really like it. It has its problems though, it has performance problems for large sites, SSL inspection is an addon and doesn't work very well, reporting is not terrific, and its well renowned for being extraordinarily difficult to configure, especially if you want high security. Its also gone end of life just recently.

    It is however (in my humble opinion) one of the best products out there for filtering web traffic based on content, it actually analyses the contents of traffic and determines file type based on the contents of the file (rather than on MIME Type headers or file extensions as most other products do), it can look inside zip files, office documents etc for embedded files, etc. It can provide excellent security if you know how to configure it well - its saved us from many a web based malware infection.

    We are about to replace it with the MimeSweeper for Web appliance, which apparently fixes many of the issues with performance, reporting, ease of use etc. I don't know yet whether the security will be of the same high level, but I'm hopeful.

    Some other well regarded products in the space which I have looked into are:
    • WebMarshall
    • ContentKeeper
    • The Sophos product (cant remember the name)
    • BlueCoat
    • Barracuda
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #15
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by lupin View Post
    Some other well regarded products in the space which I have looked into are:
    • WebMarshall
    • ContentKeeper
    • The Sophos product (cant remember the name)
    • BlueCoat
    • Barracuda
    These guys make awesome anti virus products.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  6. #16
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    Thanks all for your input.

    I know the active windows monitoring in going to be an issue but that's the law in Irish.

    I'll have to research all the suggestions this week.

  7. #17
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by BOFH139 View Post
    I know the active windows monitoring in going to be an issue but that's the law in Irish.
    Just out of curiosity (I want to kill a cat. ), what exacly does the law say?
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #18
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by BOFH139 View Post
    I know this is a BackTrack Forum but I’d like to get you expert advice on this topic.

    The company I work for are looking to introduce a web filtering/reporting system.

    One of the main features the system need is the ability to know if the website is in focus and for how long not just that the site was visited x amount of times. This is because the laws in Ireland are very grey to say the lest.

    The setup is as follows, all Windows XP systems on an intranet that has two separate dedicated links to two different data-centres, are external Internet gateways are then split out over the data-centres backbone connection.
    So what systems do my brethren BoFH’s use in their realms or suggest I look at using?
    Sonicwalls do this well.
    dd if=/dev/swc666 of=/dev/wyze

  9. #19
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by Barry View Post
    These guys make awesome anti virus products.
    Yeah, they are pretty good. We have been using them on our mail gateway and web gateway at work for approx 7 years now. Successive Virustotal scans of some new virus samples we were receiving via email about 6 months ago always showed Sophos being amongst the first to offer detection.

    We were having some issues a while back where Sophos were not detecting certain web based malware dropper programs that Symantec (running on our desktops) was detecting. Haven't had that happen for about a year now though, so either Sophos have gotten better or Symantec have gotten worse
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #20

    Default

    2 words...Clark Connect. Just about every school in my state uses it. We have students trying to bypass our filtering 24/7. The only thing that I have seen get by it is Tor. However, with a quick Snort rule, you can easily detect it and deal with the user. BTW, we tried websense, but dropped it for CC.
    "You can get more with a kind word and a gun than you can with a kind word alone."
    - Al Capone

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •