GFI WebMonitor 2013 UnifiedProtection Edition
GFI’s WebMonitor 2013 delivers stiff web content security but without the price premium of an appliance.
GFI's WebMonitor 2013 provides web content security software that allows you to choose your own host platform. This will appeal to SMBs that baulk at the idea of coughing up for full blown UTM appliance as they can end up paying for features they won't use.
WebMonitor supports any version of Windows from XP and Server 2003 upwards so you can keep costs even lower. It amalgamates web filtering, anti-virus, anti-malware, phishing protection plus IM controls and has ease of deployment as a top priority.
Three versions are available with the WebFilter Edition enforcing policies for web content filtering, browsing time and media streaming. The WebSecurity Edition provides anti-virus scanning, phishing protection, IM app controls plus GFI's ThreatTrack whilst the UnifiedProtection Edition on review combines everything together.
GFI has been very busy as WebMonitor 2013 delivers a heap of new features including a revamped admin interface. This is much smarter than previous versions and provides a lot more information.
WebMonitor supports two deployment methods which use either one or two network ports on the host
Deployment and the new Dashboard
You have two deployment options with the simple proxy mode requiring one network port on your host and your router configured to block all web traffic coming from the LAN. We opted to load it in gateway mode on a Windows Server 2012 system with two network ports as this doesn't require any router changes.
The revamped WebMonitor Dashboard view shows bandwidth and activity trends along with the top web categories, domains and users. A handy sidebar keeps you posted on detected threats along with general filtering and anti-virus activity.
There's much more information about web activity with graphs and tables showing the top categories, bandwidth consumption and user activity. Under the real-time traffic tab, you can keep an eye on users and if you think anyone is hogging too much bandwidth you can terminate their connection.
The Dashboard is much smarter than previous versions and reveals more real time security information
AV and proxies
You get dual anti-virus scanning engines as standard from BitDefender and VIPRE with the former currently enjoying an A-List status for its exceptional malware detection in our sister title, PC Pro. You can add Kaspersky antivirus as well but it'll add to the cost per seat.
Users must be pointed at the WebMonitor proxy service and you can set this manually, via Windows Group Policy Object or WPAD. You can also request proxy authentication before users are permitted web access.
Basic mode requires them to authenticate with the WebMonitor host using local user accounts. The preferred method is Integrated mode which uses Active Directory credentials transparently.
GFI's web filtering performs very well and will also monitor and scan client file downloads
Policies control all web access and can be applied to local or AD users, groups and IP addresses. For web filtering you can choose from over eighty WebGrade categories and block, allow or quarantine them.
You can also add policy exceptions and use schedules to determine when the policy is active. Quota policies allow selected users to browse certain web categories but restrict how long they can access them for and limits can be based on daily, weekly or monthly usage or you can apply download limits.
Virus scanning policies define which engines to use and whether infections should be deleted or quarantined. When downloading files, users can be sent a web page showing their progress and only when the file is deemed safe will they be allowed to save it.
WebMonitor supports multiple polices for a wide range of different web activities
Remote agent and IM security
Mobile workers can't escape either as GFI's new remote agent extends control to their laptops. It doesn't provide virus protection but enforces predefined web filtering rules using GFI's WebGrade cloud service when they're on the road.
The remote agent is downloaded directly from the console where it loads as a lightweight service. Separate web filtering policies are created for remote users and whenever users leave the LAN these come into play. The agent collects data on activity and uploads it to the WebMonitor server when the user is back in the building.
IM controls are fairly basic as policies only enable or disable all access to a small range of apps including MSN Client and Facebook Chat. The same applies to social networking sites and you'll also need to enable the HTTPS scanning feature for these.
Reporting has been spruced up and is now integrated into the main WebMonitor software
For reporting, GFI has done away with the separate ReportPack and amalgamated it into the console. You get the same level of detailed reports but no longer have to set up a separate SQL database and link it to WebMonitor.
We found the reports much more accessible and WebMonitor provides a heap of customisable predefined ones which can be run manually or scheduled regularly and emailed in PDF, DOC or XLS formats. You can also define security for the console and decide what functions a user can access.
This latest version of WebMonitor sees some major upgrades and its host demands are quite low so you don't need a big system to run it on. Installation is swift, reporting features are much improved and its policy based security makes it very versatile.
SMBs that want tough web content security will find WebMonitor 2013 better value than most appliances. Enhancements include a redesigned Dashboard and remote client support while reporting is much more informative and easier to use.
Windows XP SP3 or Server 2003 upwards; Remote Agent – Windows Vista SP2, 7, 8
Choosing a collaboration platform
Eight questions every IT leader should askDownload now
Performance benchmark: PostgreSQL/ MongoDB
Helping developers choose a databaseDownload now
Customer service vs. customer experience
Three-step guide to modern customer experienceDownload now
Taking a proactive approach to cyber security
A complete guide to penetration testingDownload now