sqwasi
asked on
Suggestions for Small Business Content Security
Dear fellow Experts,
Our company has about 80 workstations with 7 servers. Our two domain controllers are win2k. We have an exchange 5.5 server on NT 4.0 server. We are currently using Computer Associates' eTrust Secure Content Manager which includes the eTrust Antivirus for content security in out business. However, we have had many problems with these programs since we purchased them.
We are looking for a product or multiple products that will be able to accomplish the below list:
1. The product needs to be able to filter, monitor, and scan for viruses all HTTP, SMTP, FTP traffic.
1. The product needs to include a proxy. This is usually common because they usually use a proxy so it can monitor and filter HTTP traffic. Our network is arrange in a way that it needs a proxy.
2. Detailed reporting information. This is a must! We need to know what sites the users are visiting, what time they went there, and how long they were there, etc. Most of the products we have seen don't have too much reporting available.
3. We need to filter spam from our Exchange 5.5 server. I have found that the user configurable bayesian anylsis filters seem to work the best.
5. We need to be able to block sites along with monitoring where users are attempted to go to.
6. We need to implement a network wide antivirus solution that can have a central location of administration.
The Secure Content Manager that we have been using has these limitations and more:
1. Documentation is the worst documentation I have ever seen. It doesn't tell you jack squat! And you can't find anything on their webpage.
2. The reports that we can get from the SCM program don't tell us anything. They tell us that certain catagories of webpages were visited, but they don't tell WHO visited those pages. Or it might tell you the top 10 users of the internet, but not what sites they are visiting. Useless!
3. The proxy server has a problem loading large websites. It times out and tech support does not have an answer for us.
4. The spam configuration is complicated and doesn't work once we set it up.
5. The program is hard to use and complex.
If anyone could give some recommendations on either several programs to accomplish what we need or maybe one single program/suite. We basiclly need an all around content security/filter solution. Any help would be greatly appreciated. Thank you.
Our company has about 80 workstations with 7 servers. Our two domain controllers are win2k. We have an exchange 5.5 server on NT 4.0 server. We are currently using Computer Associates' eTrust Secure Content Manager which includes the eTrust Antivirus for content security in out business. However, we have had many problems with these programs since we purchased them.
We are looking for a product or multiple products that will be able to accomplish the below list:
1. The product needs to be able to filter, monitor, and scan for viruses all HTTP, SMTP, FTP traffic.
1. The product needs to include a proxy. This is usually common because they usually use a proxy so it can monitor and filter HTTP traffic. Our network is arrange in a way that it needs a proxy.
2. Detailed reporting information. This is a must! We need to know what sites the users are visiting, what time they went there, and how long they were there, etc. Most of the products we have seen don't have too much reporting available.
3. We need to filter spam from our Exchange 5.5 server. I have found that the user configurable bayesian anylsis filters seem to work the best.
5. We need to be able to block sites along with monitoring where users are attempted to go to.
6. We need to implement a network wide antivirus solution that can have a central location of administration.
The Secure Content Manager that we have been using has these limitations and more:
1. Documentation is the worst documentation I have ever seen. It doesn't tell you jack squat! And you can't find anything on their webpage.
2. The reports that we can get from the SCM program don't tell us anything. They tell us that certain catagories of webpages were visited, but they don't tell WHO visited those pages. Or it might tell you the top 10 users of the internet, but not what sites they are visiting. Useless!
3. The proxy server has a problem loading large websites. It times out and tech support does not have an answer for us.
4. The spam configuration is complicated and doesn't work once we set it up.
5. The program is hard to use and complex.
If anyone could give some recommendations on either several programs to accomplish what we need or maybe one single program/suite. We basiclly need an all around content security/filter solution. Any help would be greatly appreciated. Thank you.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What's your budget considerations? For my suggestion, you would ideally need a new server with lots of RAM and decent CPU performance.
From what you wrote, you might want to check out MS ISA Server 2004... Application level firewall, HTTP filtering and caching capabilities, Client-side firewall, really detailed reporting, etc. You would definitely find out more info on what it can do on either www.microsoft.com/isa or www.isaserver.org sites. I use this software on it's own dedicated server in addition to a separate hardware firewall in front. This machine is also setup as an SMTP relay into my EXCH 2000 server... I have ORF (www.vamsoft.com) running on it which provides SPAM filtering, attachment blocking, etc... once emails get filtered, the ISA server forwards the "clean" emails to the EXCH server (which has its own SPAM programs running).
For Anti-virus, I use Symantec Corp 9.0 (as NathanBishop mentioned). Provides a centrally managed anti-virus server/client environment - you can do remote scans, virus definition pushes, etc. Works great and it's simple.
Those 3 programs should cover all your bases but again, it would all depend on your budgeting requirements. Hope this helps.
From what you wrote, you might want to check out MS ISA Server 2004... Application level firewall, HTTP filtering and caching capabilities, Client-side firewall, really detailed reporting, etc. You would definitely find out more info on what it can do on either www.microsoft.com/isa or www.isaserver.org sites. I use this software on it's own dedicated server in addition to a separate hardware firewall in front. This machine is also setup as an SMTP relay into my EXCH 2000 server... I have ORF (www.vamsoft.com) running on it which provides SPAM filtering, attachment blocking, etc... once emails get filtered, the ISA server forwards the "clean" emails to the EXCH server (which has its own SPAM programs running).
For Anti-virus, I use Symantec Corp 9.0 (as NathanBishop mentioned). Provides a centrally managed anti-virus server/client environment - you can do remote scans, virus definition pushes, etc. Works great and it's simple.
Those 3 programs should cover all your bases but again, it would all depend on your budgeting requirements. Hope this helps.
ASKER
Thank you. I guess I thought that ISA was just a type of firewall. We already have a sonicwall in place which handles the firewall part. So maybe the ISA will work well for the proxy, monitoring and filtering.
ASKER
I took a look at the ORF (vamsoft) product. How does that do in actual filtering? I notice that it doesn't include the bayesian filtering. I have used GFI mail essentials in the past and it wasn't very accurate until you trained the bayesian filtering. Have you found success without using the bayesian filtering? (Sorry, this is just a side question.) Thanks.
ASKER
I took a look at the ISA 2004 server. Is this overkill for just using it as a web proxy server with web usage monitoring? Also, I looked at the reports and there are reports for top users, but how do I get a report to show all the web pages that all the users are visiting?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for eveyrone's help. You all helped some so I split out the points for you. Have a great day.
ASKER