What's most important?

Here some of the features we believe are important to consider when evaluating Internet content management solutions:

  1. Support for Pass-BY Mode
    We listed this as item number one, because we hear from many network managers that their number one priority is "Don't screw up my network!". In Pass-BY mode, traffic is monitored, then decoded, analyzed, and if appropriate, incoming reply traffic is blocked. When a unit operating in Pass-BY mode goes offline, content filtering will stop, but normal network operation can continue. CAUTION: in some implementations, a manual effort to move one or two patch cables may still be required to restore network access. Look for solutions that support full automatic "failover", which means that no manual effort is required, enabling network operation to continue with zero interruption.

  2. Support for Pass-THRU Mode
    In some environments, such as schools, it may be preferable to ensure that when content filtering is offline, the Internet is not accessible. Units that can operate in Pass-THRU mode can support this policy. Traffic literally passes through the unit. When it is offline, all Internet traffic is stopped.

  3. Comprehensive Blocking
    It's not just Web traffic (HTTP port 80) that you need to be concerned about. For the desired impact on employee productivity and bandwidth reduction, you also need to deal with content sources such as streaming video, FTP and peer-to-peer networks. Look for solutions that enable you to control more than just Web traffic.

  4. Appliance -vs- Software
    Make sure that the solution you chose is available in the format you need. Appliances typically feature superior ease of implementation and many other advantages. But if you strongly prefer to supply your own server hardware, your choice will be limited to a software-only solution.

  5. Content Filtering Method
    The method used to filter content can have a significant impact on accuracy. Different manufacturers use different methods, including Manual , Automated and Dynamic (see Methods). Overblocking can occur and is frustrating to users. Underblocking can also occur, and although usually not a practical concern to businesses, it can be a problem in certain environments. In all cases, inaccuracy certainly causes additional administrative overhead.

  6. Database Quality
    In practice, once employees become aware that content control and monitoring are in place, the vast majority completely stop attempting to access inappropriate content. It is unusual that employees will work hard and long enough to find the relatively rare omission in the filter database. But that's just omissions. Another potential problem is mis-categorizations of content, which can cause excessive administrative overhead in dealing with end user complaints. Make sure your chosen solution is not only comprehensive, but that it is also consistently accurate in its content categorizations.

  7. Database Update Frequency
    This has recently become a much more important area, as the launching of zero-hour attacks from compromised Web sites has become more commonplace. The need to quickly update database recognition of these compromised sites is critical to maintaining security.

  8. Performance
    If a Pass-BY solution cannot keep up with the traffic level (bandwidth utilized), some inappropriate content may make it through. If a Pass-THRU solution cannot keep up with the traffic level, all Internet traffic will be slowed. Make sure your solution has the capacity to perform as required, without negatively affecting any other systems.

  9. Reliability
    When evaluating hardware, look for solutions that have high quality components, and ideally, redundant hot-swappable key components. When evaluating software, look for solutions that have been proven to run for extensive periods of time without "memory leaks" and other problems that cause periodic reboots to be required.

  10. Support
    Make sure the vendor provides support during reasonable hours, has adequate staffing, and in the case of hardware solutions, can expedite repair parts and replacement units when needed.

  11. Ease of Use
    This is worth evaluating, but it is likely that you will not see a lot of differences here. In truth, all of the user interfaces take some getting used to. Once you do master the typically small learning curve, you can readily find the functionality you need.

  12. Reporting
    Summary and detailed (depending on implementation) reporting is standard with most solutions. Where you will see differences is in the ability to schedule and automate reports, and to delegate certain reporting capabilities to other non-IT departments.

  13. Remote Filtering
    More and more employees are utilizing portable computers, tablets and smartphones instead of static desktops (which are assumed to always go through the corporate gateway). These mobile devices, when away from the company's protected network, may be inadvertently exposed to Internet-borne malware, or intentionally used in violation of the company's "acceptable use policy". When these mobile devices are returned home to the corporate network, they may bring in malware or inappropriate content acquired while they were used remotely. Look for solutions that can extend continuous protection to the company's mobile devices, even when they are used outside of the corporate network.

  14. Reboot Time
    Believe it or not, this is a factor to consider. When the unit must be rebooted, there will be a period of inconvenience. In a Pass-BY mode implementation (see above), content filtering temporarily goes offline. In a Pass-THRU mode implementation (see above), all network access is temporarily offline. That's why the time required for the unit to complete its reboot matters.

  15. Anonymous Proxies
    Employees can attempt to circumvent content filtering by utilizing anonymous proxy servers. This technique has become more and more prevalent, especially in the education environment. Look for a solution that employs specific measures to effectively combat this technique.

  16. Thin Client Support
    If your company uses thin clients such as Citrix, make sure that your chosen solution works well in this environment. Without specialized support of this environment, you may lose the ability to resolve traffic to specific users, and/or lose the ability to have a single system-wide logon for users.

  17. Encrypted Traffic Support
    It is hard to categorize content when you cannot even see it! That is the challenge for products trying to manage content flowing through encrypted connection protocols such as HTTPS. But the more advanced products do exactly that. A lot of communications are now routinely encrypted, so make sure that your chosen product handles this well.

  18. Scalability
    Larger companies are often located in multiple sites, have multiple points of Internet access, and will need to deploy multiple content filtering devices. Make sure that your chosen product can help you centrally manage these devices and coordinate your policy changes across all devices. Also make sure that all your reporting can be combined, to maintain a comprehensive view of company-wide activity.

  19. User Management
    Content and access policies can typically be specified by groups, IP ranges and for ultimate precision, by individual user logon. If you are going to implement this method, look for solutions that help minimize your administrative overhead by automatically linking to facilities such as Active Directory or LDAP.