Clearswift MIMEsweeper Web Appliance ENW

An easily deployed web content filtering solution with strong policy based controls but can Clearswift keep up with the latest productivity sapping web threats?

Web policy routes tie everything together by assigning filtering decisions to selected targets. Earlier versions of MIMEsweeper for Web could only define targets with machine lists which use IP addresses, ranges and hostname definitions. We defined our target network using an IP address range with wildcard but Active Directory is now supported so you can define LDAP servers and apply filtering policies to your AD users and groups. A feature we were expecting to see in this version was policy route scheduling but Clearswift advised that this will not be available until the next release.

Clearswift's policies are very flexible as you can also add conditions to each policy route where traffic can be allowed unless a triggering action occurs. We had a few minor problems blocking social networking sites and had to use trial and error for many. For example, FaceBook and MySpace both come under the Personal Web Sites category whereas YouTube is classed only as a Streaming Media site. It would be handy if there was an option to enter a URL in the console and just see how Clearswift categorises it making it easier to create policy routes.

Clearswift also offers its MimeSweeper for SMTP appliances and a key feature is the ability to manage them both from one console. Once you've added the mail appliance as a peer, or visa-versa, you then get all web and mail policy routes, SpamLogic options and all associated settings available from one console.

When a user attempts to access a blocked site you can send them a customised warning web page with the company logo and suitably strongly worded advisory messages. For each policy you can decide who should be notified when transgressions occur and this is where Informs come in as these define email addresses and policies can contain multiple Informs. The System Center provides access to general appliance configuration and offers a slick health page with graphs on system utilisation, threat rates and bandwidth usage along with the status of all automatic updates to the anti-virus and anti-spyware engines and URL database.

Reporting is a strong feature which provides a range of predefined reports that can be easily customised to suit. You can, for example, see who has been visiting spyware sites, check out the most popular sites, monitor which ones are generated the most network traffic and keep up to date with policy actions. The results can be viewed in a web page, exported to PDF or CSV formats and emailed to a selected user. You can also control administrative access to the appliance via the User Center where you create new users and decide what functions they are allowed to use.

Clearswift's policy based security offers a strong set of web content filtering features and support for LDAP means they can now be applied to users rather than just physical systems. Once you get the hang of the relationship of each component in the policy routes they are easy enough to configure and we found them to be very versatile.

Verdict

Clearswift delivers strong web content filtering with an easily deployed appliance based solution. The use of rules and routes allows for tough policy based access controls and although policy scheduling has still yet to be implemented the ENW looks capable of enforcing a wide range of AUPs in the workplace.

Chassis: Dell PowerEdge 1950 1U rack server

CPU: 2 x 2.33GHz Xeon E5410

Memory: 2GB 667MHz FB-DIMM

Storage: 3 x 146GB SAS hard disks in RAID-5

RAID: Dell PERC 5/i controller

Network: 2 x Gigabit Ethernet

Power: Dual hot-swap 670W supplies

Management: Web browser

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Most Popular

Why you should prioritise privileged access management
Sponsored

Why you should prioritise privileged access management

9 Oct 2020
Sopra Steria confirms it was hit by new Ryuk ransomware variant
Security

Sopra Steria confirms it was hit by new Ryuk ransomware variant

26 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020