Review: NetOp Offers Precision Filtering With An Intelligent Twist
Netfilter from NetOp aims to take policy-driven filtering to the next level by filtering out those Web pages that deliver hidden malware. Netfilter combines several technology elements to block unwanted browser content and offers granular control to administrators to enforce browsing policies.
One of the biggest problems with filtering technology is that most Web filters rely on a list of Web sites to block or allownot the actual content of the Web page. That is one area in which Netfilter drastically differs from the competition. The product combines five different technologies into a single content-scanning engine to guarantee accuracy. VARs will find an image analysis tool that identifies offensive content by dissecting the image-to-text ratio, along with analysis to block offensive or inappropriate content. By examining a range of features in an image such as shape, color and other details, Netfilter correctly blocks unwanted images while non-offensive images are allowed. The product also employs realtime text analysis and supports many languages, including English, Spanish, German, French and the Nordic languages. Individual words as well as sentences and page setup are analyzed for maximum precision. The product also leverages PICS (Platform for Internet Content Selection) labels to further identify content. Further filtering precision comes from behavior analysis, which uses historical behavior of the individual user to determine if browsing does not fit the individual's browsing profile. Filtering capabilities are driven by the product's artificial intelligence engine, which accurately distinguishes between the different categories and becomes more accurate over time. Those features enable NetOp Netfilter to analyze Web content in realtime without consulting a blacklist of disallowed pages. By using a dynamic engine, Netfilter can block existing Web content and automatically adapt to cope with new threatsall without requiring constant updates or white- and blacklist controls.
The product does more than just block Web pages, however. An application control allows administrators to block IM, chat, peer-to-peer (P2P) and other specified .exe programs. Application blocking prevents users from starting any of those programs and eliminates the risks associated with using IM, chat and P2P. What's more, the blocking technology can be applied to streaming audio and video to prevent the misuse of bandwidth.
Netfilter works in a client-server style of implementation, with a server application controlling the filtering by acting as a network proxy. Client systems are then configured to use the Netfilter proxy server for Internet connectivity. The product is readily scalable, simply based upon the power of the server deployed and the number of licensed users.
Installation is straightforward and consists of little more than launching the installation program from a CD onto the server system. Setup also is quite easy, with administrators basically defining ports and proxy elements, all of which is a snap for anyone with basic networking knowledge. The product can be configured to work with existing proxy servers and fully integrates with Microsoft's Active Directory.
Setup begins with pushing down proxy information to the Web browsers on each workstation. Active Directory users can create a policy object to automate the browser configuration process. Groups can be created for which users must use filtering and which users can bypass filtering. For those not familiar with Windows group policy definitions, excellent documentation is included to make setup a simple chore.
Netfilter also includes a client application named eclient.exe, which is installed on each client system. Although eclient is not required in order for filtering to work properly, it is required for name logging, P2P blocking and chat blocking features.
Administrators will find the product's management console a nice departure from other filtering products. The console is laid out in a logical manner and speeds setup and definitions with its step-by-step wizards. A statistics module provides both historical and realtime statistics for administrators looking to monitor network traffic. Administrators can drill down through the information to identify users and sites visited.
VARs will find Netfilter's non-signature based approach to filtering a welcome alternative to the other filtering products on the market. The elimination of updates and downloading of signatures make the product ideal for sites looking for simplicity.
VARs can purchase the product directly from NetOp's Web site or via a distribution partner. The company offers a complicated partner program with six levels that range from occasional sellers to full-scale distributors. Each level offers increasing support and variable margins. Simply put, the more a VAR sells, the more a VAR makes.
A partner portal brings VAR-specific content to members and helps to escalate support issues and gives partners access to beta and upgrade information. Partners also can download trial versions of the company's products for customer demonstrations.