Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Security Readers' Choice Awards 2014: Web security products

Readers vote on the best Web security of 2014.

A shift to Web applications and services is creating an increasing demand for comprehensive Web security products to better protect enterprise systems from security incidents. As online threats continue to grow in sophistication, security vendors have to step up their game.

Two vendors received the highest scores in this year's Readers' Choice race as voters honored managed services that offer Web URL and content filtering. We congratulate both winners in the highly competitive Web Security category, which included products ranging from inbound and outbound content filtering to URL filtering and application control.

Winner: Web service, Symantec

Symantec's Web service is a software as a service that enables enterprises to block access to inappropriate websites and filter Web traffic and content by URLs, file types and Web categories. Part of the company's Web services (formerly MessageLabs), the Web URL filter continues to be a hit with readers: It received an award from voters in Web Security in our 2013 Readers' Choice Awards.

The Web service protects enterprise networks and bandwidth from high volumes of Web traffic and malicious code, using a policy engine and URL database. External HTTP and FTP over HTTP requests (including macros, attachments and executables) are directed to the Web service and checked against the database, which is continually updated, and customized policy controls.

Companies configure the service based on their own requirements using Symantec's ClientNet Web portal. Administrators can devise granular Web usage policies based on Internet usage rules, Web traffic quotas, bandwidth protections, time of day and user groups. The functionality of the basic product can be extended with Web data options or security policy enforcement for roaming and remote users outside of the corporate network.

Symantec Web service product image
Symantec's Web service received high scores across the board, especially for detection of known Web-based threats.

The Web service is designed to block spam, criminal activities, spyware and malware, and especially known viruses -- 100%, according to Symantec. Readers seemed to agree with that assessment. Symantec Web service received high scores across the board, but particularly for detection of known Web-based threats. Readers also applauded the technology's comprehensive, customizable reporting and alerting capabilities.

The Web service is hosted on servers in 14 data centers worldwide. Symantec offers service-level agreements with money back guarantees if performance levels are not met, according to the company. The SaaS can also be purchased through numerous partners that offer customized services "powered" by the

Winner: Dell SonicWall Content Filtering Service and Client, Dell

Dell SonicWall does content filtering in two fashions: the Dell SonicWall Content Filtering Service (CFS) and the Dell SonicWall Content Filtering Client (CFC). The CFS allows IT administrators to develop policies that block potentially harmful or objectionable content and websites. The service is aimed at a wide range of organizations from enterprises and government agencies to schools and libraries. The CFC, meanwhile, allows enterprises to extend the service and policies to remote or mobile users outside of their protected network. In both cases, Web-based management allows customers to configure and apply multiple custom policies -- both inside and outside the firewall -- for specific users and groups that can be scheduled for specific dates and times.

The CFS uses a dynamic rating architecture that cross checks all requested websites with a constantly updated database that categorizes and rates more than 20 million URLs, domains and IP addresses (the ratings, according to Dell, are generated by both artificial intelligence and human inspection to reduce the chances of false positives). The CFS receives the data in real time and compares it to the locally configured policy settings. In addition, the CFS features a Web caching and rating architecture that's designed to let administrators automatically block sites according to category. The service also comes with IP-based HTTPS content filtering to access websites over encrypted HTTPS; the filtering uses categorical ratings of inappropriate site types such as online gambling domains.

Dell SonicWall Content Filtering Service product image
Dell SonicWall's Content Filtering Service earned top scores from readers for its granular and flexible policy creation.

The service doesn't require additional hardware; it is controlled via the Dell SonicWall firewall and can also be run on Dell SonicWall's Unified Threat Management platform. The CFS/CFC is also designed to work with other security products such as Dell SonicWall Analyzer and Global Management System for deeper Web usage reporting and traffic analytics.

Dell SonicWall received high scores from readers for its granular and flexible policy creation as well as its detection of known Web-based threats.

Jennifer Johnson, IT manager at Combined Employees Credit Union in Warner Robins, Ga., praised the Dell SonicWall CFS and CFC for its ability to fend off dangerous content. "The level of protection it provides is great," Johnson says. "It bounces pretty much anything that's potentially harmful and it's extremely easy to use."

Send comments on this article to

Article 6 of 5

Next Steps

Which Web security products did readers recognize last year? Compare this year's results to the 2013 best of Web security.

This was last published in November 2014

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All