Several vendors try to pack as many security features into their firewalls and UTM appliances as they can in an effort to tick all the boxes in competitive comparison tests.
In doing so they have to make many compromises to ensure compatibility and a reasonable level of performance. There are several key features that tend to get dropped which means adding a separate web filtering proxy can result in real business value by:
Detailed and easy to use reporting
With all the disparate applications to fit onto the firewall / UTM, reporting is usually one of the first things to suffer. GFI WebMonitor has comprehensive dashboards and reports that can be automated and sent via email to all who need to see them. WebMonitor also allows ad-hoc reporting via its UI and with user level access. This means that executives, Management, HR people and other non-techies can access their own departmental information without requiring the involvement of the IT Administrator
Another easy compromise many firewalls and UTMs make is to control and filter traffic without identifying which users are hogging bandwidth, trying to visit inappropriate web sites or downloading copyright protected material. In some industries this isn’t just a nice to have; it can be a legal requirement. Integration into existing active directory environments makes WebMonitor safe and easy to deploy. The ability to set up policies based on users, and groups already created in AD or just filter by IP addresses gives customers a degree of flexibility they are unlikely to get from their firewall or UTM.
Ease of use
Once web filtering is subsumed into a user interface that has to give access and control of all the features of the firewall / UTM, the granularity of control and visibility of live activity tends to be lost. GFI WebMonitor has one of the best dashboards in the business, giving an instant view of all web activity and allowing live views of bandwidth use and active downloads – even with the ability to kill bandwidth hogging downloads in real-time.
User web browsing protection
On UTMs web security is just a tick box item managed by a single anti malware scanner. Yet user web browsing is one of the main attack vectors used by cybercriminals to gain access to corporate networks via software vulnerabilities, exploits and other types of malware. GFI WebMonitor can deploy three separate malware scanners, a website reputation engine, separate feeds from ThreatTrack and Anti-phishing engines which combine to provide a much better level of web browsing protection.