Upload
victor-watts
View
218
Download
2
Tags:
Embed Size (px)
Citation preview
Barracuda Web Filter
Overview
March 26, 2008
Alan Pearson, Monroe County School District
Marcus Burge, Network Engineer
2
Barracuda Web Filter
Complete protection of client PCs 57 Category Content Filtering Spyware Download Blocking Virus Download Blocking Spyware Phone Home Blocking Spyware Removal P2P Blocking Skype Blocking
3
Advanced Content Filtering Controls Internet usage policy controls
Content Filter (category) Application blocking URL blocking (domain and pattern) MIME type blocking Image safe search
Time-based controls Daily time ranges
Customizable user and group policies Guest users versus authenticated users User and group policy exceptions LDAP and Windows Domain Controller integration
4
Spyware Protection
Preventative, reactive and proactive measures
Blocks access to known spyware sites Stops spyware & virus downloads
Including drive-by downloads that are unknown to the user often through ActiveX Blocks .CAB, .OCX, .EXE and .DLL files
1. Detects & blocks spyware access to the Internet Finds and blocks existing spyware installations
2. Facilitates spyware removal Informs Administrator of infected machines and infection type
3. Removes spyware from previously infected computers Includes Spyware Removal Tool packaged as ActiveX control for Windows computers
5
Barracuda Web Filter Detailed Features Network Threat Protection
Spyware Site Blocking Spyware Download Blocking Dual-Layer Virus Protection Detection of Infection Activity Spyware Protocol Blocking
Spyware Removal Remove Spyware from Windows
Computers ActiveX Control
Administration Features Web-Based Interface Statistical Reports Comprehensive Logging Secure Remote Administration
Content Filtering Category Filtering URL Filtering Image Safe Search File Type Blocking
Application Blocking IM Blocking Internet Application Blocking IP and Port Blocking
Advanced Policy Creation Default Guest and User Policies User and Group Policy Exceptions LDAP Directory Server Integration Windows Domain Controller Integration Local Users and Groups Network IP Address Policies Time-of-day Policies
Architecture Overview
7
Barracuda Web FilterModel Comparison
HTTPS (SSL) Content Filtering
Uses DNS No certificates or agents to install on clients
8
Open Proxies Open proxies are typically unsecured public methods of forwarding
Web traffic – used by students and employees in an attempt to bypass content filtering methods
Hundreds of new open proxies are made available every day The Barracuda Web Filter utilizes a variety of methods to identify,
block and deny access to open proxies The BWF looks for traffic patterns that are likely to be proxy usage
and blocks this type of traffic (through Application Blocking) Blocks IP addresses of positively identified P2P proxy clients, such as
TOR nodes (http://tor.eff.org)
9
In-line deployments
10
Support for unobtrusive audit mode User activity logging without changing Internet usage experience
WCCP for Enterprise Deployments Support for WCCP (Web cache communication protocol)
Enterprise configuration option for networks with Cisco infrastructure
Does not require Web Filter to sit in-line Does not require changes to end user Web browsers Router redirects flow to a Web Filter (or cluster of Web Filters) Built-in load balancing for clusters Fails safe – router passes traffic if cluster is not available
11
12
Barracuda Spyware Removal ToolBarracuda Spyware Removal Tool• Removes spyware from Removes spyware from
previously infected previously infected Windows computersWindows computers
• Packaged as an ActiveX Packaged as an ActiveX downloaddownload
• Updated through Updated through Energize UpdatesEnergize Updates
• Will be updated for Will be updated for Windows VistaWindows Vista
Barracuda Web Filter Increasing the feature setIncreasing the feature set
3.1.0 Advanced LDAP Support, Soft Block
3.1.5 Skype control, FTP Proxy, Audit mode
3.2 Comprehensive Reporting, WCCP
3.3 HTTPS, Custom Categories, P2P/application control, Dashboard
3.4+ Performance enhancements, Increased e-Directory integration, Desktop/Remote
client, Unified multi-site administration
Web Filter 3.3Web Filter 3.3 HTTPS Content Filtering (via dns)HTTPS Content Filtering (via dns) Custom Content CategoriesCustom Content Categories Increased P2P/application controlIncreased P2P/application control New DashboardNew Dashboard Time-based Quotas, Policies, and ReportingTime-based Quotas, Policies, and Reporting
Time-based QuotasTime-based Quotas Set time limits (quotas) on policySet time limits (quotas) on policy
i.e. Limit teachers to 20 minutes of online shopping per day
Report on user/group time-based usageReport on user/group time-based usage
3.4 and Beyond3.4 and Beyond Unified management portalUnified management portal
Useful for remotely management multiple Web Filters/appliances in different sites
Enhanced e-Directory integrationEnhanced e-Directory integration Similar to our Windows DC Agent approach for Novell services
Desktop/remote clientDesktop/remote client Solves the “remote user problem” Resolves Terminal Services issues or desktops with multiple users
Public IM logging/filteringPublic IM logging/filtering Log and store client’s public IM traffic Integrate IM policy
AdministrationInterface
Demonstration
http://webfilter.barracuda.comlogin: guest
password: guest
Q & A