• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 317
  • Last Modified:

Suggestions for Small Business Content Security

Dear fellow Experts,

Our company has about 80 workstations with 7 servers.  Our two domain controllers are win2k.  We have an exchange 5.5 server on NT 4.0 server.  We are currently using Computer Associates' eTrust Secure Content Manager which includes the eTrust Antivirus for content security in out business.  However, we have had many problems with these programs since we purchased them.

We are looking for a product or multiple products that will be able to accomplish the below list:

1.  The product needs to be able to filter, monitor, and scan for viruses all HTTP, SMTP, FTP traffic.
1.  The product needs to include a proxy. This is usually common because they usually use a proxy so it can monitor and filter HTTP traffic.  Our network is arrange in a way that it needs a proxy.
2.  Detailed reporting information.  This is a must!  We need to know what sites the users are visiting, what time they went there, and how long they were there, etc.  Most of the products we have seen don't have too much reporting available.
3.  We need to filter spam from our Exchange 5.5 server.  I have found that the user configurable bayesian anylsis filters seem to work the best.
5.  We need to be able to block sites along with monitoring where users are attempted to go to.
6.  We need to implement a network wide antivirus solution that can have a central location of administration.

The Secure Content Manager that we have been using has these limitations and more:

1.  Documentation is the worst documentation I have ever seen.  It doesn't tell you jack squat!  And you can't find anything on their webpage.
2.  The reports that we can get from the SCM program don't tell us anything.  They tell us that certain catagories of webpages were visited, but they don't tell WHO visited those pages.  Or it might tell you the top 10 users of the internet, but not what sites they are visiting.  Useless!
3.  The proxy server has a problem loading large websites.  It times out and tech support does not have an answer for us.
4.  The spam configuration is complicated and doesn't work once we set it up.
5.  The program is hard to use and complex.

If anyone could give some recommendations on either several programs to accomplish what we need or maybe one single program/suite.  We basiclly need an all around content security/filter solution.  Any help would be greatly appreciated.  Thank you.
3 Solutions
sqwasiAuthor Commented:
I wish I could add MORE points.
I don't know if this will be much help, but I hope it gives you a good start with some of the problems untill someone else gives you better tips.

Good software for the Virus Scanning and filtering on those services at an affordable price would be Norton Symantic Titled software such as Anti-Virus and Security Center plus Sygate Professional Firewalls are always a great affordability for small businesses.

Now depending on how small your business is or how small it really isn't, two great corporate software titles that have gotten great recognition are Sophos Corporate Anti-Virus and BlackICE Corporate Firewalls.

Now as for spam control and filtering, SpamAssassin seems to do great when used.  Now I don't know fully if you would be able to use it on your type of system but it is worth a look into isn't it?

I hope this provides some sort of help, these are all products we use or have used at the small business I currently work at and we have also set them up for others, so I gave this information based upon what you said you were looking for, so now I guess you need to wait for is anyone else to provide extra info on your question.

Have a good day.
What's your budget considerations?  For my suggestion, you would ideally need a new server with lots of RAM and decent CPU performance.

From what you wrote, you might want to check out MS ISA Server 2004...  Application level firewall, HTTP filtering and caching capabilities, Client-side firewall, really detailed reporting, etc.  You would definitely find out more info on what it can do on either www.microsoft.com/isa or www.isaserver.org sites.  I use this software on it's own dedicated server in addition to a separate hardware firewall in front.  This machine is also setup as an SMTP relay into my EXCH 2000 server... I have ORF (www.vamsoft.com) running on it which provides SPAM filtering, attachment blocking, etc... once emails get filtered, the ISA server forwards the "clean" emails to the EXCH server (which has its own SPAM programs running).

For Anti-virus, I use Symantec Corp 9.0 (as NathanBishop mentioned).  Provides a centrally managed anti-virus server/client environment - you can do remote scans, virus definition pushes, etc.  Works great and it's simple.

Those 3 programs should cover all your bases but again, it would all depend on your budgeting requirements.  Hope this helps.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

sqwasiAuthor Commented:
Thank you.  I guess I thought that ISA was just a type of firewall.  We already have a sonicwall in place which handles the firewall part.  So maybe the ISA will work well for the proxy, monitoring and filtering.
sqwasiAuthor Commented:
I took a look at the ORF (vamsoft) product.  How does that do in actual filtering?  I notice that it doesn't include the bayesian filtering.  I have used GFI mail essentials in the past and it wasn't very accurate until you trained the bayesian filtering.  Have you found success without using the bayesian filtering? (Sorry, this is just a side question.)  Thanks.
sqwasiAuthor Commented:
I took a look at the ISA 2004 server.  Is this overkill for just using it as a web proxy server with web usage monitoring?  Also, I looked at the reports and there are reports for top users, but how do I get a report to show all the web pages that all the users are visiting?
I use GFI on the internal mail server for additional SPAM filtering.  I just suggested ORF cause it was a very powerful and cheap solution - but if you have experience with GFI's stuff go for it, as I use it myself... and yes the Bayesian filter is quite impressive.

As for overkill... well there's a demo version out.  It's not the cheapest but it does have everything you need in a single integrated package - plus I like having a multi-layer security model (multivendor and multilayer just to make it that much harder to break through).  To be honest I can't really say that it is or isn't overkill for you since I use it and I love it - kinda biased opinion.  :)

As far as reporting goes, that's where GFI comes in.  They have a free add-on module to ISA 2004 that details real-time and past web usage per IP (user).  You can more details here: http://www.gfi.com/webmon/   I use this product too on my ISA box and it does what it says.

Hopefully another expert will suggest other products as I don't want to discount any others since I don't use them.
It greatly depends on the budget available, but one of the best (IMHO) out there for the corporate user is Clearswift all based around their MIMESweeper product

You could also look at managed services - many companies offer this and it keeps the overheads on your network down.

sqwasiAuthor Commented:
Thanks for eveyrone's help.  You all helped some so I split out the points for you.  Have a great day.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now