When it comes to defending the integrity and reputation of a corporation, one of the primary lines of defense will be your Acceptable Use Protocols (AUP). The diligence and attention you dedicate to your AUP, however, can be completely sidestepped by just one missed packet. So how can you remain vigilant, defend your AUP and enforce it without missing a packet?
Overcoming Human Error
Programs are only as strong as their programming. Whether you employ a software or hardware appliance for your network-filtering device; you will need to update it. There are virtually thousands of sites created weekly. Many of those sites are just one step ahead of the law and when you consider the measures they are willing to undertake, it is not inconceivable that they may be one step ahead of your filter.
The temptation to handle personal business while at work can be too great for some employees. Communication, for example, with relatives and friends while at work via Instant Messages or email are part of the corporate record just as any other business communication transaction that takes place. Employees may not be aware of the impact of their actions, but the responsible corporation should be.
Since it is possible for just a single typo to send an employee to a website of questionable intent, you have to compensate for human error. While the majority of your employees will abide by the AUP, making a typo is not about intent. If your filtering appliance is not capable of verifying the requested web site against an object list of questionable or acceptable sites – then your employee may find themselves staring at a site filled with pornography or worse, coping with an automatic download that implants questionable material or viruses onto your network.
Clogged Arteries of Communication
Software-based filters may have to run several checks and re-checks when they receive a website request. The checking and rechecking consumes valuable bandwidth and, depending on the number of employees trying to use the network at the same time, packets can get dropped or missed when the network arteries become clogged.
Unfortunately, the very nature of software checking requires the use of excessive bandwidth. If the network lines become too clogged, you may be faced with a network outage or failure. The latency caused by software operations is bad enough; however, the software failure can leave even more packets missed or skipped. Employees could find themselves staring at sites that violate their company’s AUP.
To deal with these complications, a self-contained hardware-based filter can help your network avoid missed packets and maintain optimum throughput time. In particular, an Interent filtering appliance that employs Kernel-Level Filtering can give you the speed of pass by and the accuracy of pass through technologies. Such a system would have its own hardened and optimized OS so that latency and missed packets aren’t a problem with which you must contend.
Hardware is Hardwired
A true hardware solution is far more accurate than software solutions that rely on heuristic-based filtering to do the job. First of all, a true hardware appliance is not limited by bandwidth. Requests are sent directly to the hardware device and filtering and reporting are all on-box.
Because all the action takes place on the hardware device, the end user is not limited by network capacity nor are they clogging the network up with repeated checks and cross checks.
Hardware filtering devices can also be updated daily and customized to a corporation’s specific AUP standards. The daily updates allow corporations to compensate for the hundreds of new sites created daily that can’t be as readily updated with software-based applications. Another important distinction would be to have critical security sites updated hourly. This would ensure maximum protection for your organization. A hardware-filtering device is the best defense for your AUP against objectionable content, IM, P2P and spyware.
iPrism internet filters and web filters provide internet monitoring and network security.
http://internet-filters.stbernard.com
