Hardware that blocks hardcore
Bloxx Tru-View could be on the list of organisations worried about what their staff are downloading from the web.
According to market-watchers IDC, 30-40 per cent of Internet use in the workplace is unrelated to business - meaning employee productivity is being seriously affected by the accessing of websites or services unrelated to primary, specified working activities on a daily basis.
Potentially even scarier for employers is that it - the employer - can be held legally responsible for the any inappropriate Web material downloaded by workers while in the office.
All of this highlights the value for effective Web filtering solutions like Bloxx Tru-View - a family of dedicated appliances loaded with an application that automatically monitors and controls users' Internet access based on pre-defined security group membership.
The devices also incorporate anti-spyware, anti-virus and anti-phishing tools, and can additionally block file downloads and specific Instant Messaging (IM) and peer-to-peer applications, while basic reporting tools that give IT managers a summary of users Internet activity in up to 120 different views, and a Web management interface.
Building on existing keyword and URL scanning techniques, Tru-View is based on automated site parsing using Bloxx's Live Classifier and Sensibility Manager systems. These examine and classify website content dynamically rather than relying solely on a blacklist of URLs, using algorithms to detect certain words or word patterns to assess the nature of the site, classifying them in one of 50 available categories, then applying filters accordingly. The Bloxx Web filter is online 24 hours a day, continuously adding and classifying new sites as and when it finds them, updating the device as required.
IT administrators can fine-tune these filters and 'white list' sites manually if they choose; but in doing so they will miss out on one of the major advantages of the Bloxx solution, which is the fact it can be maintained with minimum intervention. Some degree of user configurable protection and control is provided by an inbuilt keyword list that allows IT staff to block sites according to the content defined in the list, however. Requested URLs and HTML pages are scanned for these keywords, and if a preset score is exceeded, the URL is blocked.
Web filtering software designed to run on standard server operating systems abound, but there are distinct advantages in deploying this type of application on a dedicated appliance. First, it is easy to install, simply plugging into the LAN through the attached Ethernet port and integrating with existing directory structures (such as Windows active directory) via lightweight direct access protocol (LDAP). Processing performance is another benefit, as the software does not have to share memory, CPU and network resources with other applications.
Given that the appliance operates as a separate server, it is - in theory, at least - less likely to suffer from downtime due to operating system faults or problems caused by other applications running alongside it. Because the appliance includes a Web proxy, it can filter out a large amount (up to 50 per cent, Bloxx itself claims) of Internet traffic before it gets onto the LAN, thereby improving bandwidth performance in some cases.
Moreover, while it is not necessarily cheaper to buy and maintain a Web filtering appliance in either the short or the long term, it does simplify purchasing by eliminating per user license costs characteristic of server based software solutions.
Perhaps the biggest disadvantage of deploying a Bloxx Tru-View device approach is scalability, however. Server-based software can be extended to cover larger networks simply by buying additional licenses, or installing the application onto an additional server if performance problems are encountered - but scaling up a Bloxx Web filtering solution involves buying a completely new bit of hardware, something that may prove too expensive for some.
Bloxx counters this problem to a certain extent by offering a wide range of devices equipped to tackle the Web filtering needs of different size networks from the start. The basic model in the range for example, the TVT-100, supports up to 100 PCs. It is a 2U appliance that can be rack-mounted or left free standing, which is equipped with an Intel Core 2 Duo 4300 1.8GHz CPU, 512MB RAM, a single hard-drive and a 10/100Mbps Fast Ethernet port.
At the top of the range is the Impresa-3, which supports over 2500 PCs. This 2U device features a pair of Intel Xeon E5335 2GHz quad core processors each with 8MB cache, 4GB RAM, three hard-drives and gigabit Ethernet port, and adds 'passthru' availability (the ability to examine data originating from a virtual private network client or from behind a firewall).