M86 Web Filtering and Reporting Suite

M86 Web Filter
(Previously the R3000)

Free Trial Register Now

The M86 Web Filtering and Reporting Suite offers high-performance, enterprise-level filtering with the M86 Web Filter. An appliance optimized for speed and scalability, the M86 Web Filter provides over 90 categories and millions of Web sites in the M86 Security Database. Deployed in pass-by/SPAN port or transparent mode, the M86 Web Filter resides outside the flow of network traffic to "watch" rather than "stop and check", delivering unmatched network compatibility and performance.

Benefits:

  • Improves productivity by eliminating time wasted on unauthorized Web sites, Instant Messaging (IM) and Peer-to-Peer (P2P) applications.
  • Mitigates filtering and reporting issues and frees up IT management for mission-critical projects.
  • Provides management with tools to enforce an organization's Acceptable Use Policy
  • Complies with filter-enforcing laws such as CIPA, HIPAA and Sarbanes-Oxley
  • Protects against damaging and costly legal liabilities due to exposure to inappropriate or offensive Web content
  • Secure confidential information against spyware, phishing agents and peer-to-peer transfers
  • Controls access to bandwidth-intensive sites

Product Features:

  • "In it's most basic configuration the M86 WFR does everything that we need and more. We now have a total enterprise solution that blocks, filters, and reports on all of our Internet usage with minimal effort."   > Read More...

    Mike Saur
    Network Engineer
    U-Haul International, Inc.
  • Filters the Internet: Includes URLs and/or IP addresses, file types (e.g. MP3, MPEG, .zip), HTTP, HTTPS, FTP, Newsgroups (NNTP), and TCP Ports.
  • Blocks Internet Threats: Including spyware, malicious code and phishing sites.
  • Blocks Instant Messaging and Peer-to-Peer: Utilizes M86 Security's Intelligent Footprint Technology (IFT) to block IM and P2P servers by signature or pattern.
  • Real-Time Probes: Allow administrators to monitor user Internet activity as it happens.
  • "X-Strikes" Blocking: Locks down a user's workstation when administrator-defined thresholds for accessing inappropriate Web sites are exceeded.
  • Proxy Pattern Blocking: Blocks anonymous proxies using signature-based/network pattern detection.
  • Google/Yahoo! SafeSearch Enforcement: Forces the SafeSearch mode "on" for all searches, including images within the Google or Yahoo! search engines.
  • Customer Feedback Module: Sends frequent, non-categorized URLs from participating customers back to M86 on a daily basis. Selected URLs are reviewed and added to M86 Web Filter Database.
  • Synchronization Central Management Console (SCMC): Allows administrators to synchronize and manage multiple M86 Web Filters without independently configuring each unit.
  • Directory-based Authentication: Utilizes directories such as Windows Active Directory, Windows NT and LDAP.

How It Works

Filtering technologies are divided into two types: Pass-through (server plug-in based) and Pass-by (standalone-based). Many networks operate in a pass-through environment that creates "slow" points in the flow of data. Filtering solutions placed within a pass-through environment creates additional speed bumps and even a choke point if network traffic exceeds certain capacity levels. Pass-by solutions such as the M86 Web Filter are placed outside the flow of network traffic. It "watches" rather than "stops and checks" Web site requests. The result: no slowdown, even in heavy traffic situations. Most importantly, it doesn't create a point of failure.

M86 Web Filter Diagram

This diagram illustrates the M86 Security's Pass-by filtering technology that removes the M86 Web Filter from any inclusion in the network connection path.

  1. Inappropriate request is sent by user
  2. M86 Web Filter monitors request as it passes through the hub/switch
  3. M86 Web Filter matches the request against its database
  4. If the Web site requested finds a match in the database, a TCP reset is sent to the Web server to kill the session (request) and a block page is sent to the client

M86 Web FilterPass-Through Filtering Diagram

The diagram above describes the Pass-through filtering products that represent an additional network device in the connection path. When users (Client PCs) make Internet requests, the traffic flows (1) through the network control points such as a proxy server or a firewall. All user requests (2) are redirected to the Pass-through filtering product, where it determines the action to either block (3) or redirect the requests back out (3) to control points. If the Pass-through filtering product determines to pass the user's request, the return traffic is returned from the Internet to the control points, and (4) then back to the user.

The M86 Web Filter filtering engine allows filtering of network traffic at an IP packet level. This eliminates any need for proxy settings, and allows the M86 Web Filter to operate totally invisible to the connections it filters. It "monitors" the packets flowing through the network, and can "intercept" the TCP session once inappropriate activity is detected. The M86 Web Filter will either not appear in the path of the connection, or will appear as an IP router, depending on the configuration.

Invisible mode

This is the simplest mode of the M86 Web Filter. The unit can invisibly filter all network traffic that it "sees" on the Ethernet without being involved in the path between the client and the Internet. It has the ability to "intercept" a session when necessary if it determines something inappropriate is done, and return a message to the client and server. Although the original request packets are transmitted in all cases, the M86 Web Filter will return a "block page " to the client if the request was inappropriate.

This allows the M86 Web Filter to be totally uninvolved in the routing of packets from client to Internet, allowing for automatic redundancy, and automatic fail-safe. If the M86 Web Filter should fail and filtering stops, the network traffic is unaffected.

M86 Web Filter Installation Diagram

Above diagram illustrates how the M86 Web Filter is connected to the managed switching hub. The M86 Web Filter port is configured with the "port monitoring" function enabled. This allows the port to mirror the port that is connected to the router.

Router Mode

This mode allows the M86 Web Filter to act as an Ethernet router, passing packets from one card to the other. As the packets pass through the M86 Web Filter, they are filtered. Only outgoing packets need to be routed, not the return packets, allowing the M86 Web Filter to appear only in the outgoing path of the network.

M86 Web Filter Pass-Through Filtering Installation Diagram

In this mode, the original packets from the client are allowed to pass in all cases, but if the request is inappropriate, a block page is returned to the client to replace the actual requested web page. All packets are allowed to pass just as if the M86 Web Filter was only an Ethernet router.

Firewall Mode

This mode is a modification of Router Mode. It provides for 100% assurance that filtering will take place regardless of the loading of the M86 Web Filter. To accomplish this, all original packets are "blocked" from routing through if they are a filtered service. The filtering takes place, and if the request is appropriate, the original packet is allowed to pass unchanged. The overall affect is that the outgoing request is delayed slightly to allow filtering to take place before it leaves the gateway router of the network, but return traffic is still unaffected.

M86 Web Filter Firewall Installation Diagram

In this set-up, a local caching proxy will not affect the M86 Web Filter, even if it is unfiltered and contains cached "bad" pages, since no request can pass until after it is filtered.

M86 Web Filter Firewall Installation Diagram 2

In this set-up, a local caching proxy will affect the M86 Web Filter, if the caching proxy contains cached "bad" pages. It is always recommended to clear or expire the cached content after the installation of the M86 Web Filter.

Does the M86 Web Filter work with our firewall, cache server or proxy server?

The M86 Web Filter is compatible with any Ethernet network. Additionally, the M86 Web Filter has flexible installation modes that allow it to be introduced into almost any network with little or no change in configuration.

Why is the M86 Web Filter faster than competitive products?

Most competitive filtering solutions are shared offerings. In other words, they share functionality with a firewall, caching, proxy or other type of server. This approach forces the device to now share its originally intended use with filtering (as well as reporting), causing poor performance and in some cases server overload-- especially when it comes to competing with real-time applications. In addition, these solutions usually filter in "pass through" mode which requires it to stop and check every Web request creating a slow flow of data as well as an additional point of failure. The M86 Web Filter, on the other hand, is a standalone appliance dedicated to the task it was designed for filtering. It offers scalability and performance without compromising other server/networking functions and filters in "pass by" mode which allows it to watch traffic and intervene only when necessary. This methodology does not create additional points of latency or failure and gives the M86 Web Filter superior performance over competitors.

Does the M86 Web Filter work with PIX, Checkpoint, or other vendor firewalls?

If there is a firewall on the network, the M86 Web Filter will work in that environment. It will not, however, interface with the firewall to provide filtering. The M86 Web Filter is a standalone filtering device and achieves its performance by not having to tie in with any devices such as a firewall.

Does the M86 Web Filter work with PIX, Checkpoint, or other vendor firewalls?

If there is a firewall on the network, the M86 Web Filter will work in that environment. It will not, however, interface with the firewall to provide filtering. The M86 Web Filter is a standalone filtering device and achieves its performance by not having to tie in with any devices such as a firewall.

Does the M86 Web Filter work with NT Proxy/Squid Proxy/Novell Cache/Stratacache/Other Proxy or cache servers?

If there is a proxy/caching server on the network, the M86 Web Filter will install and filter without problems. It will not, however, interface in any way with the proxy/caching server to provide filtering. There are special considerations to consider in a situation where a proxy/cache server is involved.

Does the M86 Web Filter allow a customized block page?

Yes. There is a function in the M86 Web Filter's GUI that allows the administrator to set up an HTTP-redirect to their block page.

What operating system does the M86 Web Filter use?

The M86 Web Filter operates on Red Hat Linux. It's a stable, fast and resource-efficient OS that provides an excellent base for higher throughput. M86 has made some changes to the kernel for increased operating efficiency.