With today's web consisting of tens of billions of pages, content-based filtering is the only reliable way to protect against the unexpected. Guardian employs a wide range of intelligent content-based filtering techniques to control web access and protect users. The diagram below illustrates how these different techniques interact with each other - and your policy settings to accurately block all undesired material.
technology is used to screen the content, context and construction of web pages in detail. In this way, all inappropriate, objectionable and dangerous content can be detected and blocked, as well as the Anonymous Web Proxies that are often used to circumvent web filters. Sites are classified into categories and then blocked or allowed based on your policy settings. All this happens instantaneously, thanks to an intelligent algorithm that is capable of scanning an entire encyclopedia in just a fraction of a second.
Guardian's intelligent filtering technology is backed up by URL blocklists, which incorporate content from the Internet Watch Foundation database and are updated on a daily basis. Blocklists can be configured to operate in Whitelist mode where a Group of Users can be restricted to only being able to view a pre-configured list of web sites.
Every file can be identified from its MIME type property, allowing Guardian to block the download of music, video and executable files from web sites. This is a far more reliable technique than checking the file extension which is often forged to disguise dangerous files containing Spyware or Trojan Horse programs.
Files downloaded from web sites are not scanned by most anti-virus software, which provide email rather than web security. Guardian will anti-virus scan all such downloads, using either its inbuilt ClamAV engine or any ICAP compliant anti-virus engine running on an external system.
Guardian detects and removes in-page executable code from web pages, such as Active-X controls, Java Applets and Scripts. Such executable code is not recognized by traditional anti-virus software, yet is often used to install spyware, viruses and Trojan horse software on user PCs. Sites that legitimately use executable code, (such as Microsoft's use of ActiveX in their Windows Update facility), are catered for by the provision of a Trusted Sites list which can be maintained by the system administrator.
When security vulnerabilities are discovered in web components like Microsoft's Internet Explorer browser, there is a window in time between discovery and fix when everybody is extremely vulnerable to attack. Guardian closes this vulnerability window by detecting and blocking such browser exploits, protecting systems until the security updates are available.
Malicious URL detection helps to prevent users falling victim to phishing scams, where they are directed to bogus websites by emails containing spoof URLs that appear to come from banks and other legitimate senders.
The Guardian software checks all received web pages for the presence of PICS codes (Platform for Internet Content Selection). Many websites include PICS codes in their web pages to indicate the nature and severity of the content. Guardian checks for sixteen different PICS categories, including "Sexual language", "Illegal drugs", "Violence", "Chat" and "Gambling".
Multiple filtering categories and rule sets can be used to allocate different access rights and restrictions to different groups of users with different priveliges. Filter rules can be time-controlled (e.g. different rules for lunchtime) and particular users can be configured to not be subject to any filtering.
Guardian's User Authentication integrates with existing authentication systems such as Microsoft Active Directory®, Novell eDirectory™, LDAP and RADIUS to determine user identity and thus set appropriate filtering policies. User authentication also makes reports much more useful by the inclusion of user names rather that just workstation IP addresses, for both user and group activity reporting.
All web browsing activity is recorded to an SQL database that can be either be viewed on screen or exported for external analysis. Instantaneous activity (including Instant Messaging applications) is monitored in real time using AJAX logs and traffic graphs. An extensive range of detailed report templates can be utilized to show anything from 'most visited domains' and 'top blocked categories' to time spent browsing and bandwidth utilization. Where authentication is enabled, reports can also be customized by user or group so that the worst offending users (in terms of requesting pages that were blocked by Guardian) can be quickly identified. Reports can be automatically scheduled and stored in familiar formats (PDF, HTML and Excel) or exported to Crystal Reports®.
The Web Proxy Cache reduces Internet bandwidth utilization by storing and retrieving frequently accessed web pages from local disk storage. Configuration options allow the cache performance to be optimized for the environment in which it is being used, along with the facility to prevent particular domains from being cached, either because they are subject to frequent change or for security reasons. The logic remembers "clean" pages (i.e. pages that have already been checked by Guardian) for 15 minutes so that if somebody else asks for the same page again then Guardian does not need to re-scan the page.
The "Site Blocked" page can be customized with your own message and if necessary can include buttons to unblock the page, either permanently or on a temporary basis. Other information displayed can include the IP address of the user, their Login name, the reason for blocking, the page score, configurable text messages and logo.
|
|
|
» FAQ & Knowledge Base
» Hardware Compatibility 
