Keeping your network and your users safe (sometimes from themselves) is paramount in the IT world we live in. Filtering for malware and other threats at the client level is still a requirement, but the need to filter content that is allowed into your environment varies by organization. Many places already filter Internet traffic, and it may be something you have to implement at some point.
The Barracuda Networks Web Filter line of products are user friendly and simple to implement. In this product spotlight, I will walk through an overview of the device and point out what I have found in setting it up. Previously, I have spotlighted the Barracuda SSL-VPN product.
The Barracuda Web Filter family of products allows filtering of Internet traffic based on rules configured by the administrator. There are no requirements within the environment as these devices are plug-and-play. The different models within the family allow for different numbers of users, caching, and other features on the device. The 310 model has the following hardware specifications:
- 10Mb/sec throughput
- 10GB Cache size
- 50-200 concurrent users
- 400-800 active TCP connections
And supports the following features:
- Content Filtering*
- Application Control*
- Advanced filtering via policy*
- Network threat protection*
- Spyware Removal*
- Summary Reporting*
- Ethernet Bypass Hardware
Because the Barracuda Web Filter can be configured to sit between your clients and Internet gateway there are no OS support restrictions.
Who's it for?
The Barracuda Web Filter is a great appliance for companies large and small that allows another level of security from viruses and spyware. The consideration to keep in mind when evaluating the device is the number of users within your environment and the things you wish to filter.
What problem does it solve?
In addition to helping keep malware out of an organization, the Barracuda Web Filter helps enforce your company's Internet Acceptable Use policy and eliminate the use of non-standard applications like IM clients, gaming sites, or other material.
This Web filter keeps track of Web traffic within an organization to allow customized filtering as needed. Suppose an employee was found to be abusing the Internet Usage Policy of the organization, the IT staff could configure an exception to lock down Internet access with a message to the user explaining the situation, eliminating the need to reconfigure the firewall to prevent access.
The reporting capabilities of the Barracuda Web Filter are a great feature in my opinion. In the past, we had no really reliable method for monitoring Internet usage. Along with reporting, the ability to see how much bandwidth is being consumed out to the Internet is also helpful.
The ease of configuration and integration with Active Directory is a benefit as well. To get this working within an AD environment, simply configure the LDAP settings on the device to connect to your Domain Controllers. There is an agent that needs to be loaded on the DCs within the environment to send audit information back to the Barracuda Web Filter, however it runs as a service and is very straight forward to configure. Once these settings are modified, the Barracuda will pull in user and group information from Active Directory. This will allow you to manage groups and filtering within AD rather than configuring additional groups/users on the Barracuda Web Filter to manage the Internet.
Barracuda also offers instant replacement on its network devices with current maintenance. If your device fails, call support and they will assist you in getting a replacement out immediately. If you have backed up your configuration, setup will be a breeze on the replacement unit.
Trial of the Barracuda appliance is free of charge as demo units can be requested by contacting the company, for a 30-day evaluation. This leaves us with pricing, which depends on the number of users that the device will support.Note: The appliance is not licensed per named user but for concurrent users, and will handle the traffic for a predetermined number of users, depending on which model you purchase. The Barracuda Web Filter 310 lists for US$1999 with pricing for other models being higher or lower depending on the number of concurrent users it supports. Barracuda also sells its appliances through a large reseller channel where you might be able to get even better pricing.
(Click to enlarge images.)
Barracuda Web Filter Administrator Dashboard
Content filtering categories
Application filtering generally works pretty well, but there are exceptions. When an application is changed or reworked by the developer, it may need to be updated within the firmware of the device. Once this is completed, assuming support is current, you should be able to download and use the latest features for the filter.
There is a minimal learning curve for the device, but as you get into the administration console and discover the power of the appliance it will quickly become apparent how well the device works.
Bottom line for business
In a time when the Internet is used in almost every business, protecting systems and users from some of the content and applications found on the Web and enforcing Internet use policies can be quite the time consuming task. =Using the Barracuda Web Filter can save a great deal of time and money in the long run by aiding in the task of keeping your environment clean.
Derek Schauland has been tinkering with Windows systems since 1997. He has supported Windows NT 4, worked phone support for an ISP, and is currently the IT Manager for a manufacturing company in Wisconsin.