Solved

Suggestions for Small Business Content Security

Posted on 2004-09-21
9
307 Views
Last Modified: 2010-04-11
Dear fellow Experts,

Our company has about 80 workstations with 7 servers.  Our two domain controllers are win2k.  We have an exchange 5.5 server on NT 4.0 server.  We are currently using Computer Associates' eTrust Secure Content Manager which includes the eTrust Antivirus for content security in out business.  However, we have had many problems with these programs since we purchased them.

We are looking for a product or multiple products that will be able to accomplish the below list:

1.  The product needs to be able to filter, monitor, and scan for viruses all HTTP, SMTP, FTP traffic.
1.  The product needs to include a proxy. This is usually common because they usually use a proxy so it can monitor and filter HTTP traffic.  Our network is arrange in a way that it needs a proxy.
2.  Detailed reporting information.  This is a must!  We need to know what sites the users are visiting, what time they went there, and how long they were there, etc.  Most of the products we have seen don't have too much reporting available.
3.  We need to filter spam from our Exchange 5.5 server.  I have found that the user configurable bayesian anylsis filters seem to work the best.
5.  We need to be able to block sites along with monitoring where users are attempted to go to.
6.  We need to implement a network wide antivirus solution that can have a central location of administration.


The Secure Content Manager that we have been using has these limitations and more:

1.  Documentation is the worst documentation I have ever seen.  It doesn't tell you jack squat!  And you can't find anything on their webpage.
2.  The reports that we can get from the SCM program don't tell us anything.  They tell us that certain catagories of webpages were visited, but they don't tell WHO visited those pages.  Or it might tell you the top 10 users of the internet, but not what sites they are visiting.  Useless!
3.  The proxy server has a problem loading large websites.  It times out and tech support does not have an answer for us.
4.  The spam configuration is complicated and doesn't work once we set it up.
5.  The program is hard to use and complex.

If anyone could give some recommendations on either several programs to accomplish what we need or maybe one single program/suite.  We basiclly need an all around content security/filter solution.  Any help would be greatly appreciated.  Thank you.
0
Comment
Question by:sqwasi
9 Comments
 
LVL 2

Author Comment

by:sqwasi
ID: 12118730
I wish I could add MORE points.
0
 

Assisted Solution

by:NathanBishop
NathanBishop earned 150 total points
ID: 12120007
I don't know if this will be much help, but I hope it gives you a good start with some of the problems untill someone else gives you better tips.

Good software for the Virus Scanning and filtering on those services at an affordable price would be Norton Symantic Titled software such as Anti-Virus and Security Center plus Sygate Professional Firewalls are always a great affordability for small businesses.

Now depending on how small your business is or how small it really isn't, two great corporate software titles that have gotten great recognition are Sophos Corporate Anti-Virus and BlackICE Corporate Firewalls.

Now as for spam control and filtering, SpamAssassin seems to do great when used.  Now I don't know fully if you would be able to use it on your type of system but it is worth a look into isn't it?

I hope this provides some sort of help, these are all products we use or have used at the small business I currently work at and we have also set them up for others, so I gave this information based upon what you said you were looking for, so now I guess you need to wait for is anyone else to provide extra info on your question.

Have a good day.
0
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 12120646
What's your budget considerations?  For my suggestion, you would ideally need a new server with lots of RAM and decent CPU performance.

From what you wrote, you might want to check out MS ISA Server 2004...  Application level firewall, HTTP filtering and caching capabilities, Client-side firewall, really detailed reporting, etc.  You would definitely find out more info on what it can do on either www.microsoft.com/isa or www.isaserver.org sites.  I use this software on it's own dedicated server in addition to a separate hardware firewall in front.  This machine is also setup as an SMTP relay into my EXCH 2000 server... I have ORF (www.vamsoft.com) running on it which provides SPAM filtering, attachment blocking, etc... once emails get filtered, the ISA server forwards the "clean" emails to the EXCH server (which has its own SPAM programs running).

For Anti-virus, I use Symantec Corp 9.0 (as NathanBishop mentioned).  Provides a centrally managed anti-virus server/client environment - you can do remote scans, virus definition pushes, etc.  Works great and it's simple.

Those 3 programs should cover all your bases but again, it would all depend on your budgeting requirements.  Hope this helps.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 2

Author Comment

by:sqwasi
ID: 12122522
Thank you.  I guess I thought that ISA was just a type of firewall.  We already have a sonicwall in place which handles the firewall part.  So maybe the ISA will work well for the proxy, monitoring and filtering.
0
 
LVL 2

Author Comment

by:sqwasi
ID: 12122634
I took a look at the ORF (vamsoft) product.  How does that do in actual filtering?  I notice that it doesn't include the bayesian filtering.  I have used GFI mail essentials in the past and it wasn't very accurate until you trained the bayesian filtering.  Have you found success without using the bayesian filtering? (Sorry, this is just a side question.)  Thanks.
0
 
LVL 2

Author Comment

by:sqwasi
ID: 12125597
I took a look at the ISA 2004 server.  Is this overkill for just using it as a web proxy server with web usage monitoring?  Also, I looked at the reports and there are reports for top users, but how do I get a report to show all the web pages that all the users are visiting?
0
 
LVL 7

Accepted Solution

by:
LimeSMJ earned 200 total points
ID: 12128468
I use GFI on the internal mail server for additional SPAM filtering.  I just suggested ORF cause it was a very powerful and cheap solution - but if you have experience with GFI's stuff go for it, as I use it myself... and yes the Bayesian filter is quite impressive.

As for overkill... well there's a demo version out.  It's not the cheapest but it does have everything you need in a single integrated package - plus I like having a multi-layer security model (multivendor and multilayer just to make it that much harder to break through).  To be honest I can't really say that it is or isn't overkill for you since I use it and I love it - kinda biased opinion.  :)

As far as reporting goes, that's where GFI comes in.  They have a free add-on module to ISA 2004 that details real-time and past web usage per IP (user).  You can more details here: http://www.gfi.com/webmon/   I use this product too on my ISA box and it does what it says.

Hopefully another expert will suggest other products as I don't want to discount any others since I don't use them.
0
 

Assisted Solution

by:pkwatson
pkwatson earned 150 total points
ID: 12131208
It greatly depends on the budget available, but one of the best (IMHO) out there for the corporate user is Clearswift all based around their MIMESweeper product
http://www.mimesweeper.com/products/default.aspx

You could also look at managed services - many companies offer this and it keeps the overheads on your network down.

Paul.
0
 
LVL 2

Author Comment

by:sqwasi
ID: 12609298
Thanks for eveyrone's help.  You all helped some so I split out the points for you.  Have a great day.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question