Starting at
		$ 549.00
		BUY NOW
		Evaluate
		Demo

SmoothGuardian

SmoothGuardian is available as an add-on module that integrates directly with the SmoothWall Corporate Firewall and Advanced Firewall products and provides comprehensive web content security.

Dynamic Content Analysis

SmoothWall's Dynamic Content Analysis technology is Guardian's primary filtering mechanism. It is what makes Guardian fundamentally different to and better than most web filtering products, as Guardian examines the actual content of web pages rather than where they appear to come from. Every day, approximately half a million new pages are added to the web, making the traditional 'URL blocklist' filtering technique increasingly unreliable. With Guardian's Dynamic Content Analysis, the entire content of each requested web page is checked against categorised word and phrase lists. Each match increments a page score until the configurable threshold is reached, whereupon the page is blocked; no portion of the blocked page will reach the user's computer. The presence of positive work-related phrases will reduce the page score, to avoid the false blocking of medical related pages for example.

Dynamic Content Analysis works for every one of the 4 billion or more web pages in existence, there being no need for SmoothWall to have first seen and categorised the web page; Guardian does this dynamically upon first encountering the web page. The word and phrase lists are regularly updated as part of the subscription service and there is also the facility to add one's own words and phrases to custom word and phrases lists.

 

Domain/URL/IP Address Blocklists

Categorised URL/Domain/IP Address blocklists are used as a secondary filtering mechanism, principally to block non-work related content like news and sport. Categories including adverts, gambling, pornography, violence, virus infected, drugs, racial hatred, news and sport. A custom blocklist facility allows the system administrator to configure their own domains, URLs, IP address or regular expression URLs that take precedence over the default SmoothWall blocklist. The software will resolve complex URLs where special characters have been included in the URL to try and defeat URL blocking software or to try and hide the true identity of the website. Blocklists can be configured to operate in Whitelist mode where a Group of Users can be restricted to only being able view a pre-configured list of web sites. The blocklists are updated weekly and one year's subscription is included in the initial Guardian software licence price.

MIME File Type and Extension Checking

Every file can be identified from its MIME type property, allowing Guardian to block the download of music, video and executable files from web sites. This is a far more reliable technique than checking the file extension which is often forged to disguise dangerous files containing Spyware or Trojan Horse programs. Guardian can also be configured to block ZIP archives which may contain hidden executables and in page executables like Java. The administrator can create their own lists of MIME types that should be blocked or always allowed; likewise lists can be created for the blocking of files with specified file extensions.

PICS Code Checking

The Guardian software checks all received web pages for the presence of PICS codes (Platform for Internet Content Selection). Many websites include PICS codes in their web pages to indicate the nature and severity of the content. Guardian checks for sixteen different PICS categories, including "Sexual language", "Illegal drugs", "Violence", "Chat" and "Gambling".

Filter Groups

Eight independent filter rules sets can be used to allocate different access rights and restrictions to different groups of users. Particular users can also be configured to not be subject to any filtering.

User Authentication

In order to apply the appropriate filter rule-set it is necessary to identify users. Several methods are supported by the Guardian software, including:

With LDAP/Active Directory authentication, the user enters the same ID and password to identify themselves to Guardian as they use to log-on to Microsoft Windows servers and application. The ID and password are transmitted in encrypted format to the Windows server, which responds with a valid/invalid status and a list of the Windows groups the user is a member of. Guardian is configured with a table that matches these Windows groups to Guardian filter groups, from which it determines the filter rule-set to apply for each user. For system administrators this has several benefits, principally due to the fact that User IDs and passwords only have to be maintained on the Windows Server. Adding new users or changing the filter rule-set for a user can be done solely from the Windows server.

Reporting and Logging

All web browsing activity is recorded to disk log files that can be either be viewed on screen or exported for external analysis. The report generator analyses the log files to produce a variety of reports including the most visited domains, bandwidth utilisation by user and the worst offending users in terms of requesting pages that were blocked by the Guardian software. The reports will include the IP address of the user PC and the user name if configured to be used.
Reports can also be dynamically generated from user entered criteria. A drill-down facility allows managers to explore data to a greater depth - for example, from a list of blocked sites that users have attempted to access, drill-down to find out which users have been trying to access any particular site. Many reports can also be produced in a graphical format appropriate to the report contents, such as pie charts and bar graphs.

Proxy Cache

The Web Proxy Cache reduces Internet bandwidth utilisation by storing and retrieving frequently accessed web pages from local disk storage. This is of particularly benefit in a classroom style environment where many of the users will be looking at the same material. Configuration options allow the cache performance to be optimised for the environment in which it is being used, along with facility to prevent particular domains from being cached, either because they are subject to frequent change or for security reasons. The logic remembers "clean" pages (ie pages that have already been checked by Guardian) for 15 minutes so that if somebody else asks for the same page again then Guardian does not need to re-scan the page.

The "Site Blocked" Page

The system administrator can configure what information is displayed on the "Site Blocked" page that is sent to the user's computer. One of these options controls if the "Site Blocked" page includes buttons to unblock the page, either permanently or on a temporary basis, allowing an administrator to view the page and decide if to add a rule that would override the default blocking of the page. Other information displayed can include the IP address of the user, their Login name, the reason for blocking, the page score, configurable text messages and customer logo.
All information about web access is recorded to disk log files, unless privacy options are used to suppress the recording of Username and IP address. Additions or deletions to the custom block lists can be made by simply selecting entries from the log files. All reports are generated from the raw information in the log files.

Blocklists and Word/Phrase Lists

A twelve (12) month subscription to weekly updates of the Word/Phrase lists and the Domain/URL/IP Address blocklists is included in the initial purchase of the Guardian licence. For the second year onwards, a separate block/phrase-list subscription must be purchased in order to keep the word/phrase lists and blocklists up to date. Subscription prices are fixed at 25% of the Guardian software licence price.

System Requirements:

Minimum:	500 MHz Processor, 256 MBytes RAM, 8 GBytes Disk
Recommended:	2 GHz Processor, 512 MBytes RAM, 20 GBytes IDE or SCSI Disk
Optimal:	2GHz+ Dual Processor AMD Opteron or Intel Xeon system, 512 Mbytes DDR RAM, 40 GBytes SCSI RAID Disk