Contact Us Now 

Events  |  News  |  Press  |  Support  |  Training  |  Promotions  |  Locations  |  Careers  |  User Groups

  >   Shortcuts
 

Table of Contents

 

News Bulletin - AEC Edition

News Bulletin - MCAD Edition

New Bulletin - Archives

Customer Profiles

Industry News & Comment

Product Reviews

Cadtales

CRM News

Data Management & Consulting

Technical Perspective

Tips & Tricks

News & Events

Promotions
 
  Archives:
 

Technical Perspective Archives

 
   
 


 		  

 Technology Bulletin

Advanced Web Protection:
World Class Web filtering available now.

A couple of years ago, I wrote about a hardware appliance that I felt would revolutionize the elimination of SPAM email. For Hagerman & Company, the Barracuda Spam Firewall did just that. In the two years since it has been in place, the device has successfully filtered more than 90 percent of SPAM from reaching our mailboxes, virus / malware / worm infected email has been stopped in its tracks and all with very low (less than .5% false positives at the onset and even less today with the smart learning technology of the device). So even though SPAM is a problem, our biggest problem today was web traffic. There are just too many sites that have infection from viruses’ and worms, errant code, bots and redirection that puts the machines in our enterprise at risk of infection and the company at liability. The task I set out on was to find a way to do for our web traffic what the Barracuda had done for SPAM control. But where to look? I checked my technical publications looking for a suggestion or a trend. The Gartner group was saying that “The Internet and Internet applications have become the primary source of malware infections in the enterprise... yet less than 15 percent of organizations have secured their internet gateway from these threats.” Even though I knew it was happening, seeing it in print was surprise, but knowing we were not alone in having the problem provided little comfort.

What Are The Choices?
The challenge I had was a big one: Implement a solution that would allow us to control access to infected sites, effectively blocking them and to operate from a central location. There are many products that can do site filtering at some level from the desktop, but administration is complex when dealing with hundreds of machines across a nationwide enterprise and these solutions are really not designed for the enterprise environment. Service based solutions are available too from big name companies, but in many cases, the desktop and service solutions add a client that put an additional load on already burdened individual systems. No, what I needed was a hardware appliance solution, a product that I could put inline in my infrastructure that would act as a gate, swinging open to allowing safe, business related traffic and swinging closed to block the threats. Does such a product even exist?

Webgate from Mi5 Networks
It turns out that the Webgate from Mi5 was exactly what I was looking for, and more! And it had a perfect name for what it does, acting as a gate to allow and restrict web traffic. Mi5 Networks recognized that simple URL filtering solutions like we were using and like so many home computer solutions used did provide some protection for users but they simply do not do enough. Those solutions can’t inspect files and traffic across all ports & protocols without noticeably slowing down the user’s browsing experience.Mi5’s award-winning Webgate allows enterprises to defend their web perimeter using URL Filtering, web anti-malware detection, application control and more on a single, high performance platform. I was like a kid in a candy shop! This all seemed too good to be true! The marketing literature showed that the Mi5 Webgate was built on a real-time inspection engine that scans traffic on-the-fly, without the slowdown associated with proxy-based architectures. In addition to this real-time engine, the Webgate adds multi-layer defenses including QuickScan™, DeepScan™ and MultiScan™ technologies –in order to block inappropriate or malicious websites, active content, applications (IM, P2P, etc.),file downloads, “phone home” traffic, and attacks. They had my attention! I had to get my hands on one of these for a trial in my enterprise and see if it was true. The implications for increased productivity and PC reliability notwithstanding, I was intrigued with what I had found out about this device.

What are the specifics?
The Webgate from Mi5 Networks brings a lot to the table. Mi5 Webgate offered some industry firsts and capabilities I saw in no other product offering. These include:

  • Highest Throughput: up to 1Gbps of traffic on a single appliance

  • Lowest Latency: < 2 m/sec per packet latency inline (zero in port span/tap)

  • Widest Coverage: scans all ports and protocols

  • Deepest Protection: blocks inappropriate and malicious websites, active
    content, file downloads, “phone-home” traffic and attacks

  • Most Useful Reporting: identifies what has been blocked, who is infected, and
    prioritizes by severity

  • Automatic Spyware Removal: pinpoint spyware removal dispatched
    from gateway

  • Most Flexible Deployment Options: monitor or block inline or from
    a port span/tap

  • Most Flexible Licensing Options: pay for only the modules you need

The only thing left for us was to really put the device through its paces in an all-out trial, and that is just what we did!

Trial Results
All too often, when you do a trial of hardware / software offerings, there are things that are scaled back on that evaluation hardware / software during the trial period. Not so with the Webgate. It was configured with all the options. After less that 24 hours in monitor only mode, we put the device into inline “blocking” mode. The performance was amazing. We could not see or perceive a difference in speed while on the web. We then did some speed benchmarks and discovered something weird; the speed of access to the Internet was actually FASTER than it was without the Webgate. Then we found something interesting. What we discovered was that even with all of our defenses, the Webgate had determined we had some systems that were infected with Malware, some of which was trying to ‘phone home’. The Webgate blocked that traffic and then performed remediation of the infections on those machines. I could suddenly see time to clean infected systems being freed up. But was it too good to be true? No, and the awards the Webgate has one speak volumes for this world class product!

Mi5 Webgate – Just as represented
It really was that good. We put it through its paces, to see if we could get around it and the filtering by going through proxy sites. Nope, it blocked them. IP addresses instead of text. Blocked them too. In fact, the Webgate blocked access, right out of the box not only to known sites infected with Malware, pre-scanned file downloads for infections and blocked access to sites about weapons, illegal drugs, pornography and more, straight out of the box. Two weeks into the trial, we bought the device. We are seeing more machines up and not having the pesky problems caused by malware and are also enjoying an increase of almost 20 percent in recovered Internet access bandwidth. The Webgate from Mi5 Networks truly does for web traffic what the Barracuda did for SPAM.

How can I get more information on this subject?
Where can you get more information about this subject? I would suggest you take a look at their web site ( http://www.mi5networks.com).  Check out the documentation on the Mi5 Networks site, located at the following URL (http://www.mi5networks.com/products/literature.htm).  Look at the case studies. Contact us! If you have questions or comments about this article, contact me.
 

All product names / logos, company names / logos are copyrights of their respective holders. John Boline is an MCSE, CNE, USE and a member of the Network Professional Association. The content herein is often based on late-breaking events. Much of the material is based on information from sources that are believed to be reliable. Hagerman & Company, Inc. disclaims all warranties as to the ultimate accuracy or completeness of the information. Hagerman & Company, Inc. and its employees shall have no liability for errors, omissions or inadequacies in the information contained within this article or for any interpretations thereof. The recommendations, positions and best practice policies outlined herein represent Hagerman & Company, Inc. initial analysis and therefore are subject to change as further information which may have bearing on these positions is made available. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Entire contents © 2006 Hagerman & Company, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden

top

 

 

This page last edited on Wednesday, September 17, 2008
 

e-vol. 70, August 2008

by John Boline
Service Manager,
MCSE, CNE, USE

 


print version

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  Anaheim, CA  |  Chicago, IL  Cincinnati, OH  Evansville, IN  Glendale, CA  |  Indianapolis, IN  |  Knoxville, TN  |  Louisville, KY |  Memphis, TN  |  Mishawaka, IN  |   Mt. Zion, IL   Nashville, TN  | 
Sacramento, CA  |  San Diego, CA  |  San Jose, CA  |  San Ramon, CA |  Schaumburg, IL  St. Louis, MO   

Copyright © 2008
Hagerman & Company, Inc.