EXPERT RESPONSE
To provide granular access to specific Internet sites for specific users, you need to augment your existing proxy server, or firewall, with a Web filtering appliance. While you can tune proxies and firewalls to block certain kinds of traffic and Web sites, they don't work as well for individual user profiles.
Web filtering products, such as Websense, Blue Coat and 8e6, operate as appliances meshed into your firewall system, but unlike firewalls, they are deployed to block specific content. You can tailor Web filters to your company's particular policies for employee Internet use. They can use white and black lists to control what users can and cannot access.
The obvious targets, like pornography and gambling sites, would most likely be on most companies' hit list for the deployment of Web filtering proxies. However, if your company has a policy against employees accessing personal email accounts on company time, these products can do the job.
Again, unlike firewall rules, which are based on traffic, these products can be adjusted to allow selective access to individual employees or groups of employees that may need special access for business reasons.
Websense, for example, has a User Service software component that calls your directory service, whether Active Directory (AD) or LDAP, to filter users based on any size and type of organizational unit from domains down to individual users. Blue Coat and 8e6 both offer similar user authentication schemes in their products that work with AD and LDAP, as well.
Although these filtering products don't store profiles, they do work with the profiles in your existing authentication systems to allow or block individual and group access. That's why it's important to check how these products work with your directory services, before purchasing one.
For More Information
Visit our resource center and learn how to improve your enterprise Web access controls..
|
