Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Suggestions for Small Business Content Security

Posted on 2004-09-21
Medium Priority
Last Modified: 2010-04-11
Dear fellow Experts,

Our company has about 80 workstations with 7 servers.  Our two domain controllers are win2k.  We have an exchange 5.5 server on NT 4.0 server.  We are currently using Computer Associates' eTrust Secure Content Manager which includes the eTrust Antivirus for content security in out business.  However, we have had many problems with these programs since we purchased them.

We are looking for a product or multiple products that will be able to accomplish the below list:

1.  The product needs to be able to filter, monitor, and scan for viruses all HTTP, SMTP, FTP traffic.
1.  The product needs to include a proxy. This is usually common because they usually use a proxy so it can monitor and filter HTTP traffic.  Our network is arrange in a way that it needs a proxy.
2.  Detailed reporting information.  This is a must!  We need to know what sites the users are visiting, what time they went there, and how long they were there, etc.  Most of the products we have seen don't have too much reporting available.
3.  We need to filter spam from our Exchange 5.5 server.  I have found that the user configurable bayesian anylsis filters seem to work the best.
5.  We need to be able to block sites along with monitoring where users are attempted to go to.
6.  We need to implement a network wide antivirus solution that can have a central location of administration.

The Secure Content Manager that we have been using has these limitations and more:

1.  Documentation is the worst documentation I have ever seen.  It doesn't tell you jack squat!  And you can't find anything on their webpage.
2.  The reports that we can get from the SCM program don't tell us anything.  They tell us that certain catagories of webpages were visited, but they don't tell WHO visited those pages.  Or it might tell you the top 10 users of the internet, but not what sites they are visiting.  Useless!
3.  The proxy server has a problem loading large websites.  It times out and tech support does not have an answer for us.
4.  The spam configuration is complicated and doesn't work once we set it up.
5.  The program is hard to use and complex.

If anyone could give some recommendations on either several programs to accomplish what we need or maybe one single program/suite.  We basiclly need an all around content security/filter solution.  Any help would be greatly appreciated.  Thank you.
Question by:sqwasi

Author Comment

ID: 12118730
I wish I could add MORE points.

Assisted Solution

NathanBishop earned 450 total points
ID: 12120007
I don't know if this will be much help, but I hope it gives you a good start with some of the problems untill someone else gives you better tips.

Good software for the Virus Scanning and filtering on those services at an affordable price would be Norton Symantic Titled software such as Anti-Virus and Security Center plus Sygate Professional Firewalls are always a great affordability for small businesses.

Now depending on how small your business is or how small it really isn't, two great corporate software titles that have gotten great recognition are Sophos Corporate Anti-Virus and BlackICE Corporate Firewalls.

Now as for spam control and filtering, SpamAssassin seems to do great when used.  Now I don't know fully if you would be able to use it on your type of system but it is worth a look into isn't it?

I hope this provides some sort of help, these are all products we use or have used at the small business I currently work at and we have also set them up for others, so I gave this information based upon what you said you were looking for, so now I guess you need to wait for is anyone else to provide extra info on your question.

Have a good day.

Expert Comment

ID: 12120646
What's your budget considerations?  For my suggestion, you would ideally need a new server with lots of RAM and decent CPU performance.

From what you wrote, you might want to check out MS ISA Server 2004...  Application level firewall, HTTP filtering and caching capabilities, Client-side firewall, really detailed reporting, etc.  You would definitely find out more info on what it can do on either www.microsoft.com/isa or www.isaserver.org sites.  I use this software on it's own dedicated server in addition to a separate hardware firewall in front.  This machine is also setup as an SMTP relay into my EXCH 2000 server... I have ORF (www.vamsoft.com) running on it which provides SPAM filtering, attachment blocking, etc... once emails get filtered, the ISA server forwards the "clean" emails to the EXCH server (which has its own SPAM programs running).

For Anti-virus, I use Symantec Corp 9.0 (as NathanBishop mentioned).  Provides a centrally managed anti-virus server/client environment - you can do remote scans, virus definition pushes, etc.  Works great and it's simple.

Those 3 programs should cover all your bases but again, it would all depend on your budgeting requirements.  Hope this helps.
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!


Author Comment

ID: 12122522
Thank you.  I guess I thought that ISA was just a type of firewall.  We already have a sonicwall in place which handles the firewall part.  So maybe the ISA will work well for the proxy, monitoring and filtering.

Author Comment

ID: 12122634
I took a look at the ORF (vamsoft) product.  How does that do in actual filtering?  I notice that it doesn't include the bayesian filtering.  I have used GFI mail essentials in the past and it wasn't very accurate until you trained the bayesian filtering.  Have you found success without using the bayesian filtering? (Sorry, this is just a side question.)  Thanks.

Author Comment

ID: 12125597
I took a look at the ISA 2004 server.  Is this overkill for just using it as a web proxy server with web usage monitoring?  Also, I looked at the reports and there are reports for top users, but how do I get a report to show all the web pages that all the users are visiting?

Accepted Solution

LimeSMJ earned 600 total points
ID: 12128468
I use GFI on the internal mail server for additional SPAM filtering.  I just suggested ORF cause it was a very powerful and cheap solution - but if you have experience with GFI's stuff go for it, as I use it myself... and yes the Bayesian filter is quite impressive.

As for overkill... well there's a demo version out.  It's not the cheapest but it does have everything you need in a single integrated package - plus I like having a multi-layer security model (multivendor and multilayer just to make it that much harder to break through).  To be honest I can't really say that it is or isn't overkill for you since I use it and I love it - kinda biased opinion.  :)

As far as reporting goes, that's where GFI comes in.  They have a free add-on module to ISA 2004 that details real-time and past web usage per IP (user).  You can more details here: http://www.gfi.com/webmon/   I use this product too on my ISA box and it does what it says.

Hopefully another expert will suggest other products as I don't want to discount any others since I don't use them.

Assisted Solution

pkwatson earned 450 total points
ID: 12131208
It greatly depends on the budget available, but one of the best (IMHO) out there for the corporate user is Clearswift all based around their MIMESweeper product

You could also look at managed services - many companies offer this and it keeps the overheads on your network down.


Author Comment

ID: 12609298
Thanks for eveyrone's help.  You all helped some so I split out the points for you.  Have a great day.

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question