Barracuda Web Filter

Overview

March 26, 2008

Alan Pearson, Monroe County School District

Marcus Burge, Network Engineer

2

Barracuda Web Filter

Complete protection of client PCs 57 Category Content Filtering Spyware Download Blocking Virus Download Blocking Spyware Phone Home Blocking Spyware Removal P2P Blocking Skype Blocking

3

Advanced Content Filtering Controls Internet usage policy controls

Content Filter (category) Application blocking URL blocking (domain and pattern) MIME type blocking Image safe search

Time-based controls Daily time ranges

Customizable user and group policies Guest users versus authenticated users User and group policy exceptions LDAP and Windows Domain Controller integration

4

Spyware Protection

Preventative, reactive and proactive measures

Blocks access to known spyware sites Stops spyware & virus downloads

Including drive-by downloads that are unknown to the user often through ActiveX Blocks .CAB, .OCX, .EXE and .DLL files

1. Detects & blocks spyware access to the Internet Finds and blocks existing spyware installations

2. Facilitates spyware removal Informs Administrator of infected machines and infection type

3. Removes spyware from previously infected computers Includes Spyware Removal Tool packaged as ActiveX control for Windows computers

5

Barracuda Web Filter Detailed Features Network Threat Protection

Spyware Site Blocking Spyware Download Blocking Dual-Layer Virus Protection Detection of Infection Activity Spyware Protocol Blocking

Spyware Removal Remove Spyware from Windows

Computers ActiveX Control

Administration Features Web-Based Interface Statistical Reports Comprehensive Logging Secure Remote Administration

Content Filtering Category Filtering URL Filtering Image Safe Search File Type Blocking

Application Blocking IM Blocking Internet Application Blocking IP and Port Blocking

Advanced Policy Creation Default Guest and User Policies User and Group Policy Exceptions LDAP Directory Server Integration Windows Domain Controller Integration Local Users and Groups Network IP Address Policies Time-of-day Policies

Architecture Overview

7

Barracuda Web FilterModel Comparison

HTTPS (SSL) Content Filtering

Uses DNS No certificates or agents to install on clients

8

Open Proxies Open proxies are typically unsecured public methods of forwarding

Web traffic – used by students and employees in an attempt to bypass content filtering methods

Hundreds of new open proxies are made available every day The Barracuda Web Filter utilizes a variety of methods to identify,

block and deny access to open proxies The BWF looks for traffic patterns that are likely to be proxy usage

and blocks this type of traffic (through Application Blocking) Blocks IP addresses of positively identified P2P proxy clients, such as

TOR nodes (http://tor.eff.org)

9

In-line deployments

10

Support for unobtrusive audit mode User activity logging without changing Internet usage experience

WCCP for Enterprise Deployments Support for WCCP (Web cache communication protocol)

Enterprise configuration option for networks with Cisco infrastructure

Does not require Web Filter to sit in-line Does not require changes to end user Web browsers Router redirects flow to a Web Filter (or cluster of Web Filters) Built-in load balancing for clusters Fails safe – router passes traffic if cluster is not available

11

12

Barracuda Spyware Removal ToolBarracuda Spyware Removal Tool• Removes spyware from Removes spyware from

previously infected previously infected Windows computersWindows computers

• Packaged as an ActiveX Packaged as an ActiveX downloaddownload

• Updated through Updated through Energize UpdatesEnergize Updates

• Will be updated for Will be updated for Windows VistaWindows Vista

Barracuda Web Filter Increasing the feature setIncreasing the feature set

3.1.0 Advanced LDAP Support, Soft Block

3.1.5 Skype control, FTP Proxy, Audit mode

3.2 Comprehensive Reporting, WCCP

3.3 HTTPS, Custom Categories, P2P/application control, Dashboard

3.4+ Performance enhancements, Increased e-Directory integration, Desktop/Remote

client, Unified multi-site administration

Web Filter 3.3Web Filter 3.3 HTTPS Content Filtering (via dns)HTTPS Content Filtering (via dns) Custom Content CategoriesCustom Content Categories Increased P2P/application controlIncreased P2P/application control New DashboardNew Dashboard Time-based Quotas, Policies, and ReportingTime-based Quotas, Policies, and Reporting

Time-based QuotasTime-based Quotas Set time limits (quotas) on policySet time limits (quotas) on policy

i.e. Limit teachers to 20 minutes of online shopping per day

Report on user/group time-based usageReport on user/group time-based usage

3.4 and Beyond3.4 and Beyond Unified management portalUnified management portal

Useful for remotely management multiple Web Filters/appliances in different sites

Enhanced e-Directory integrationEnhanced e-Directory integration Similar to our Windows DC Agent approach for Novell services

Desktop/remote clientDesktop/remote client Solves the “remote user problem” Resolves Terminal Services issues or desktops with multiple users

Public IM logging/filteringPublic IM logging/filtering Log and store client’s public IM traffic Integrate IM policy

AdministrationInterface

Demonstration

http://webfilter.barracuda.comlogin: guest

password: guest

Q & A