Sign in with
Sign up | Sign in
Your question

Client Based Web Security: Non Appliance Based

Tags:
  • Security
  • Business Computing
  • Servers
Last response: in Business Computing
Share
October 5, 2013 8:26:54 PM

I am in a tough spot. I have recently taken over our AV and web security within our company. We are a Trend Micro Officescan shop, which works really well IMO. My problem - an MPLS network with direct internet access from each location (about 50 locations - 1400 nodes). No firewalls. No filtering of any kind. My predecessor implemented a Server/Client based application called Pearl Echo. This is a client based application that talks back to the server to essentially get its "definitions/lists/etc", but internet did not go through this server - essentially feeding our a blocked/allowed list.

While this software does help with management a bit in terms of categories and types, 1400 nodes is a nightmare to manage with one person.

I am here today asking for recommendations on something very similar to Pearl Echo. I have spoken with some of the top vendors out there, all of which do something similar but are appliance based per location. Upper management wants to avoid this.

Can you help? Any recommendations on a replacement product?

More about : client based web security appliance based

October 7, 2013 8:55:32 AM

Check out Proxy filtering or Proxy Web Filtering.

A company I have previous experience with: http://www.zscaler.com/index.php

You still let them use their MPLS pipe out to the internet, but the proxy would be hosted at your primary site (HQ or whatever). Prior to the request going out to the internet, it would come back to your HQ to verify against your central location. Proxy filtering.

The zscaler solution is a web hosted proxy, all internet communication goes out through their local pipe but hits the web proxy site. This eliminates the additional WAN traffic to your HQ.

You're in a tough spot though. You're SMB and your budget is probably small. But you're at the point where you need to start investing in the tools to do your job.

You can also look at Barracuda Networks. I also have experience using them. Again, same concept, all traffic will filter through your HQ and then back out their local MPLS pipe.

https://www.barracuda.com/
m
0
l
!