GFI WebMonitor 2011
July 12, 2011
£13.60 per seat for Unified Protection Edition (500-999 seats in first year)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy installation, policy-based web access and internet bandwidth controls, triple anti-virus scanning engines, excellent free reporting package
- Weaknesses: Basic IM app controls
- Verdict: GFI WebMonitor 2011 adds some useful new features and provides easily managed web security with multiple virus scanning engines and detailed reporting
GFI's WebMonitor 2011 is software-only, so you can pick the hardware to host it. Three versions are available. The WebSecurity Edition offers triple-engine anti-virus scanning plus phishing protection. The price we've shown includes the Norman and BitDefender engines; the Kaspersky option costs extra.
The WebFilter Edition provides URL category filtering only, while the Unified Protection Edition on review here brings everything together under one roof.
There's also a WebMonitor plug-in for Microsoft's ISA Server and Forefront TMG 2010. The former doesn't provide any web filtering services so this could be a useful tool, but TMG's Web Protection Service subscription activates its own web filtering. However, WebMonitor's reporting add-on is a lot better than TMG's.
The standalone version supports simple proxy or gateway modes where the former requires one network port and the latter needs two on the host system. We prefer gateway mode, as the simple proxy needs your router to block web traffic coming from the LAN.
We deployed WebMonitor 2011 on a Windows Server 2008 R2 host, but it can run just as easily on a Windows 7 system. The console opens with a dashboard of tables and graphs so you can keep a close eye on all web activity. You can choose which displays you want, move them around using drag and drop and select a refresh time. After installation, it starts downloading the virus engine updates and signature files. The URL category database is also downloaded and a light version is pre-packaged so basic filtering can be applied immediately. All updates are handled by WebMonitor and the default checking interval can be reduced to every hour if required. For web filtering we think it's time GFI moved into the cloud, which avoids the need to download an entire category database.
Users can be required to authenticate with the WebMonitor proxy before web browsing is permitted. The basic mode requires them to authenticate with the WebMonitor host, while the integrated option supports Active Directory using a group policy object. Policies are used extensively to control web access and can be applied to users, groups and IP addresses. The WebGrade URL database offers 76 different categories for blocking or allowing and a handy quarantine option initially blocks access and makes the user wait for administrative approval.
Time-based browsing policies have been added that allow you to decide how long selected users and groups are permitted to view particular websites or categories. Another welcome feature is support for HTTPS. WebMonitor can check secure websites for malware and a handy wizard makes light work of configuration. It can also use its host system as a web cache to improve response times for popular content.
WebMonitor's integral reporting provides real-time, searchable tables for connections, blocked sites and user activity, which can be exported to CSV files. However, GFI's ReportPack goes much further and it's a free add-on. To use ReportPack you need to give WebMonitor access to a SQL database where it can send its log data to. We tested with SQL Server 2008 R2, but smaller firms can use SQL Express 2005.
WebMonitor 2011, then, is a very good option all in all.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- HMRC launches Cyber Security Command Centre
- Updated: Hackers blow the doors off Hacking Team, expose 400GB confidential data
- The applicability of ISO 27001 across industries
- CESG gives security seal of approval for Samsung Galaxy smartphones
- Study: Critical infrastructure attacks often result in physical damage