.

Web filtering

<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Tue May 04, 2010 3:20 pm

Web filtering

I would like to ask you what web/url filtering application/solution do you use/recommend? I know that there are more than one question here but I would like to hear different opinions.

Best regards,
L.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Tue May 04, 2010 3:31 pm

Re: Web filtering

I have experience with ISA server.  The nicest thing about it is that it integrates with Active Directory seamlessly.  The Watchguard content blocker is also decent.  I haven't used these myself, but people swear by the Barracuda appliances. 
~~~~~~~~~~~~~~
Ketchup
<<

Dengar13

User avatar

Sr. Member
Sr. Member

Posts: 380

Joined: Tue Sep 20, 2005 8:43 am

Location: The Steel City

Post Tue May 04, 2010 6:27 pm

Re: Web filtering

We use Websense and it is a pretty decent product.  We block Skype traffic and sometimes legit traffic gets tagged as Skype which causes problems.  The support is a mixed bag.  For example, I live in the States and sometimes I will get a support team from Asia, which is a 12 hour difference making the communication tedious.  You may get lucky and get a more local team if you ask for it while opening the ticket.

I have heard Palo Alto has an appliance that I was interested in a a few years ago and would be curious to see what other people's opinions are.

I used ISA in the past, but not for filtering web traffic.  It is a huge plus that it integrated with AD like Ketchup had mentioned.
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Tue May 04, 2010 6:50 pm

Re: Web filtering

My school uses lightspeed systems TTC, http://www.lightspeedsystems.com/
Knowledge Resource is Power.
<<

inf3kt1d

User avatar

Newbie
Newbie

Posts: 21

Joined: Mon Nov 09, 2009 8:59 pm

Post Thu May 06, 2010 11:18 am

Re: Web filtering

I've had good experiences with Sonicwall.
CEHv7
MCSA:Security
CompTIA Security+
CompTIA A+
<<

bamed

Newbie
Newbie

Posts: 48

Joined: Thu Mar 19, 2009 7:05 pm

Location: Joplin, MO

Post Thu May 06, 2010 12:51 pm

Re: Web filtering

I've always been a fan of Dansguardian.  The original developer of the OSS project has gone to work for Smoothwall and they offer a really slick commercialized version of it now too.  But as long as you don't mind editing configs with vim/emacs and grepping through logs, then the FOSS versionis great.  The commercial version pretty much just gives you a nice GUI and advance reporting.  The commercial version also does nice/easy LDAP integration, though that can also be done with the FOSS version, just not quite so easy to setup.
chown -R bamed ./base
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu May 06, 2010 1:41 pm

Re: Web filtering

alucian wrote:I would like to ask you what web/url filtering application/solution do you use/recommend? I know that there are more than one question here but I would like to hear different opinions.

Best regards,
L.


My comment is, it depends on the environment to be bluntly honest. Not all solutions work in all environments, so this question is likely going to get you a mixture of answers. Not all wrong, not all right. I could assume you want low-cost (Open Source models) but I don't like to assume. You could want an enterprise solution in which event, a solution like Dans Guardian is seriously lacking.

Where I work I recently replaced all of my FW-1's with a combination of Juniper's SRX and SSG's. The SRX's have the capability to work with Websense so we no longer needed Bluecoat. (Sayanora!) All works just fine however, I work at a SoHo/Mid-Sized corporate environment which works just fine for us.

On my managed security side of things (customers of ours), I mainly use Juniper SSG's most of the time, since the costs involved with deploying an SRX at a small company is almost always intolerable. For these setups it also depends on a few factors before decisions are made, and almost always, they're different. How much time I want to spend configuring and deploying something, how creative I want to be, what's the tolerance of the client: Do they want pretty "Warning you shouldn't be seeing this" pages or would they settle for customization (aka default ugliness (Dan's Guardian default page is ugly)). For logging (do they want pretty or am I the one looking at the logs (when I do I pass them through Splunk and OSSIM filtering))

Plenty of questions each unique to each location. If it is a small office, you can take a look at Untangle which does web-filtering as well (http://www.untangle.com/) if you don't want to go with Squid/Dans Guardian. If you want to do some creative-filtering with IPS/IDS/EPS (Extrusion Prevention System), you could cobble together a neat NSM using Squid, Sguil (http://nsmwiki.org/Main_Page), pads, etc
<<

MicroJay

User avatar

Full Member
Full Member

Posts: 101

Joined: Wed Feb 04, 2009 4:19 pm

Post Thu May 06, 2010 1:58 pm

Re: Web filtering

Ahh...I went through this a couple years ago.  We had a Internet Web Security Suite (IWSS) by Trend Micro.  They stated it was a solid product...until...people were in google searching anonymous proxy and clicking until they got through.  TM then stated it was not meant to be a true proxy server.
So - we had to switch to protect our network.  We switched to 8e6 (now M86 Security).  This product is solid.  Can't recommend it enough.  It works directly with AD.  It throws up 'blocked' pages on those that should not be viewed.  Also - it allows the user to click on a link to email the info if the page is needed for 'business' use.
If you would like more info on this, let me know and I can get more specific on the use of it (no finders fee - just truth!).
GSEC - GCIH - GSNA - GPEN
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Fri May 07, 2010 9:28 am

Re: Web filtering

Thank you for the answers.
Actually I am doing a research for a potential employer. The case is for a medium size company (500 employers, 3 locations) so I looked at commercial products, and I my finalist are Mcafee 500E, Symantec 8450 and M86. I am looking for the price of M86, but the others are arround 2500$.
I saw that Cisco Iron Port does an excellent job, but the company in the case study supposed to do business in the transport biz, so they will not spend 7500$ just for this (I supose :) ).
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

MicroJay

User avatar

Full Member
Full Member

Posts: 101

Joined: Wed Feb 04, 2009 4:19 pm

Post Fri May 07, 2010 9:55 am

Re: Web filtering

CDW sells the M86 product.  You might want to contact them to see if there are any deals.  Plus - M86 does an eval unit as well just to make sure it works for your needs.
GSEC - GCIH - GSNA - GPEN
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Fri May 07, 2010 10:33 am

Re: Web filtering

I think I'll go with M86, because it is very possible that they already have an AV solution from McAfee or Symantec, so they will only benefit from the combination of them.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP

Return to Web Applications

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software