Clearswift MIMEsweeper Web Appliance ENW
An easily deployed web content filtering solution with strong policy based controls but can Clearswift keep up with the latest productivity sapping web threats?
For many employees it's now a way of life to while away their hours at work on the internet for personal use. Social networking sites alone are costing companies massively in lost productivity making it imperative they control internet misuse with clearly defined AUPs (acceptable use policies). Clearswift has traditionally had a strong presence in the web filtering market with its MIMEsweeper products and in this review we see whether its latest ENW appliance can deal with this costly problem.
Clearswift moved to appliance based filtering solutions last year and has a strong partnership with Dell so the hardware comprises a good quality PowerEdge 1950 1U rack server. This is kitted out with a decent specification, which offers good redundancy as it has a triplet of 146GB SAS drives in a RAID-5 array and a pair of 670W hot-plug power supplies. The server has a couple of Gigabit Ethernet ports but you'll only be using the first one as the appliance is designed to function as a straightforward web proxy.
For URL filtering, Clearswift has opted for a third-party product with over forty categories available and customised it fit in with the appliance's hardened Linux kernel. Kasperksy handles all anti-virus functions but Aluria has now been dropped in favour of Sunbelt Software for anti-spyware scanning duties
Initial installation in the lab was easy enough as we just connected the appliance to the main network and configured our clients to use it as their proxy. We did this manually on each system but for larger user bases this can be achieved swiftly using an AD group policy or proxy auto-configuration scripts. On first contact with the appliance it runs a browser based setup routine where you provide basic information including your licenses, network addresses, mail server details plus proxy settings and finish up by securing administrative access.
Now it's over to the main management console where you're greeted with a very well designed browser interface. This opens with an informative display showing a graphical overview of system health, a list of alerts and swift access to the various Centers. The latter are used to create and deploy web filtering policies, configure system settings, create reports and manage administrative access. All very straightforward but it's worth taking some time out here to understand how Clearswift's access policies work before setting them up.
The appliance employs a three-phase concept for web filtering where each policy uses collections of rules and routes. Essentially, these tell the appliance what to look for, how any suspect content should be handled and who should be notified. The content rules define what you want to look for in web traffic and also include other functions such as limiting upload and download file sizes, virus scans and spyware blocking. Internet zones are used to create groups of web filtering categories and can contain a mix of protocols, URL categories and lists of specific sites. It's worth noting that along with HTTP and FTP scanning, HTTPS support is now offered as an optional feature.