REVIEW: GFI WebMonitor 2009

With companies routinely equipping staff with easy access to the Web, it comes as little surprise to discover many abusing the facility and spending large amounts of time browsing sites unrelated to their work. Indeed, according to some reports, up to 40% of Internet access can be classified as non-work related, not only wasting time and money but opening the door to myriad potential security threats, data leaks and even litigation.

Given this background, some means of monitoring and policing Internet access is fast becoming a must-have for businesses of all type and size, with a number of tools available to do just that. Some are hardware based while others, like GFI’s WebMonitor 2009, come as software for installation on a standard Windows server or PC.

What is WebMonitor 2009 and who is it for?

Designed to run on industry standard hardware, WebMonitor 2009 can be scaled to suit small companies with just a handful of users all the way up to those with a thousand employees or more. The target market, however, is the smaller organisation looking for a flexible and affordable solution to policing Internet access.

With this market in mind WebMonitor 2009 is relatively easy to mange and can be employed in several ways, starting with simple monitoring of browsing activity – to find out what sites users are accessing, how much time they spend browsing those sites, the bandwidth involved, what they download and so on.

GFIWebMonitor_2
Limit when and what users can do online

Having profiled Web access, you can then control access both by blacklisting particular URLs and by use of a database of categorised Web sites to, for example, block connections to adult content, gambling, social networking, online auction sites and other inappropriate timewasters popular with bored workers.

At the same time Web traffic can be inspected for viruses, spyware and other threats and specific types of download blocked altogether.

Pricing & setup

WebMonitor 2009 is available in three editions, licensed by subscription according to the number of user seats involved. The cheapest is the WebFilter Edition delivering the core URL filtering and Web site categorisation functionality, and starting at £13.60 (ex. VAT) per seat for 10-49 users on a one-year subscription.

Alternatively, there’s the WebSecurity Edition which simply provides anti-virus and anti-phishing protection from £12 (ex. VAT) per seat, again, for 10-49 seats for one year. And, lastly, the UnifiedProtection Edition which combines the two starting at £23.20 (ex. VAT) per seat.

Discounts apply on larger seat volumes with the UnifiedProtection Edition, for example, available for as little as £11.20 (ex. VAT) for 1000 seats or more. Plus there are further discounts on renewal and subscriptions of more than one year.

Installation is straightforward but WebMonitor 2009 isn’t a tool for the novice, with a good grasp of the underlying technologies required to get the software up and running. Plus a fair few decisions required along the way.

GFIWebMonitor_1
A site categorisation database enables you to manage what sites users can browse

For companies already running Microsoft’s ISA firewall it’s relatively easy, as WebMonitor can be had as an ISA plug-in. Otherwise there’s a standalone version that can be deployed in a couple different ways, one of which is as an Internet gateway using a host PC or server equipped with two network interfaces, one for the protected local network the other, the Internet. The other is as a proxy server in combination with a firewall supporting port blocking and forwarding, although some client changes may be needed to direct traffic via the proxy server.

On the plus side there’s plenty of supporting documentation with examples to guide you through the decisions and processes involved, including how to setup common firewalls to work with WebMonitor 2009. Setup wizards also help here but it’s far from simple and smaller companies, with limited in-house expertise, may need to pay a specialist reseller to handle deployment for them.

Does it do it well?

Once up and running we found WebMonitor 2009 easy to use with an uncluttered Web-based management console that was quickly learned. Using this we were able to create our own policies, specifying what types of site we wanted to block, who the polices applied to and any exceptions we wanted to grant. Usefully, we could also specify when we wanted our policies to be applied, enabling us to, for example, give users more freedom outside core working hours.

GFIWebMonitor_3
Control which file types users can download

We then tested by trying to visit barred sites, the WebMonitor software successfully blocking all such attempts, displaying a custom warning message in the user’s browser and sending an alert email to the designated administrator. Likewise the software successfully blocked attempts to access and download viruses – WebMonitor 2009 employs a combination of BitDefender, Kaspersky and Norman technologies to enforce this option.

A dashboard display provides a quick overview of what the software is up to and reporting can also be added. With only a limited number of users we noticed no impact on Internet access speeds. Moreover, because it’s software based, should WebMonitor 2009 become a bottleneck it’s easy enough to throw resources at it in terms of extra processing power, memory and network bandwidth.

Where does WebMonitor 2009 disappoint?

Initial deployment proved to be the biggest bugbear, with client changes also required for some proxy deployments. Added to which, although easy enough to manage, we also had an issue with the need to specify separate policies to control different aspects of Internet access.

For example, we had to create one set of policies to manage Web browsing, another to control downloads, and yet another to manage instant messaging, with a totally separate policy required for virus and spyware protection. Admittedly these all make for a very flexible solution, but there’s a lot of duplication involved and it all takes time and effort to configure.

Would we recommend WebMonitor 2009?

In our tests WebMonitor 2009 did everything we expected of it, blocking access to inappropriate Web sites and protecting users against malicious downloads. Once installed it proved reasonably easy to manage, plus it’s well within the financial reach of the smaller company. However, it’s important not to forget the cost of the host PC/server hardware, and the Windows OS, all of which can bump the price up considerably.

We’d certainly have no hesitation in recommending WebMonitor 2009 to small businesses looking for an affordable solution to monitor and manage Internet access. However, it’s not the only product on the market, with other software-based products available both for Windows and Linux deployment offering similar features and more. Furthermore, hardware appliances requiring far less setup work are available, which are possibly better suited to organisations with limited in-house expertise. [7.5]

Our latest thought leaders