Filtering the content of e-mail messages coming into and out of your organisation, Web sites being accessed by your company computers, IM conversations and other data that travels on your network makes business sense because it can save money that might be lost to lawsuits or reduced employee productivity.
Regardless of the size and nature of your business, keeping inappropriate material out of your network and keeping sensitive business information from going out of your network have to be top priorities in today's business climate. Lawsuits can happen at the drop of a hat, and good intentions aren't enough to protect you. Let an employee glimpse a sexually provocative photo on a co-worker's computer and you could find yourself sued for creating a "hostile workplace". Have an employee who inadvertently lets slip personal information about one of your customers and you could find yourself in violation of privacy laws. And even if you escape litigation, having the wrong content come in or go out can result in reduced productivity or loss of your competitive edge. That's why it makes sense to get a content filtering strategy in place as early as possible -- and it makes even more sense to choose solutions that can grow with your company.
Beyond packet filtering
You may think you have all the protection you need because
your network is behind a firewall. After all, that's what a firewall does: it
sits between the Internet and your internal network and filters inbound and
outbound traffic. Unfortunately, traditional firewalls filter at the packet
level; that is, they filter data packets based on IP addresses and port
numbers, the information that's added in headers at the network and transport
levels of the OSI model.
The good news is that most modern firewalls go beyond packet filtering and add some degree of application layer filtering. With ALF, a firewall can analyse higher layer information and recognise the protocols used by specific services, and validate that the data inside the packet is valid. Content filtering is a form of application layer filtering, in which the actual data itself is examined and can be compared against a database of text strings, for example, that is prohibited.
Some ALF firewalls, such as ISA Server 2004, can perform this rudimentary form of content filtering "out of the box." However, an effective content filtering strategy generally requires more sophisticated filtering than can be done with an ALF firewall alone. Better content filtering programs go beyond lists of keywords to block, and can use heuristics and other methods to analyse the context in which words are used to determine whether the content should be blocked.
Content filtering solutions for small to large businesses
The smallest businesses may not even have business-class
firewalls in place, since such firewalls tend to be costly. For example, ISA
Server 2004 Standard Edition costs US$1499 (per processor). Firewalls from Cisco,
CheckPoint and other vendors that have ALF
functionality often cost even more. Many small businesses rely on inexpensive
firewall appliances designed for telecommuters or SOHO (Small Office Home
Office) models such as those made by SonicWall and Watchguard for under US$500. Others can't afford to spend
extra on a firewall at all; they may use open source firewalls on Linux boxes
at the network edge, or rely on the Windows firewall built into XP/Server 2003.
Those without ALF firewalls will need to use a third party solution for content filtering. If you're on a tight budget and you only have a few computers to protect, you might be tempted to use a consumer level content filtering program. The most basic content filtering packages are those intended primarily for parental control of children's Internet activities, such as NetNanny or CyberPatrol. Many of these programs are available for under US$50.
Drawbacks to consumer-level solutions
Although the low price looks attractive, there are some
drawbacks to going this route. These are client-side programs. Since you'll
need to install the software on every computer, as you add more systems, you'll
have to buy more copies of the content filtering program, creating a hidden
cost as your company grows. At the same time, you have no centralised control
or centralised reporting -- which become more important as your network gets
bigger and more complex. Finally, these consumer-level packages don't offer the
same degree of sophistication as content filtering packages that are designed
for businesses, and may either allow harmful content to get through or, more
likely, block more than you intend to and thus hamper workers' ability to use
the Internet to get their jobs done.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to firewalls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
Ã,©2006 TechRepublic, Inc.
