The Barracuda Web Filter is an integrated content filtering, application blocking and malware protection solution that is powerful, easy to use and affordable for businesses of all sizes.
It enforces Internet usage policies by blocking access to Web sites and Internet applications that are not related to business, and it easily and completely eliminates spyware and other forms of malware from your organization. No more productivity loss trying to repair computers or make computers usable again.
While many Web sites targeted at business usage provide safe and secure business environments, an increasing number of Web sites and Internet applications targeting personal usage are hosts to spyware, viruses, and other Internet threats. As such, unauthorized personal Web browsing poses not only a threat to personal productivity but to the security of the network as a whole. The Barracuda Web Filter includes award-winning protection against Internet threats.
Comprehensive Content Filtering
The Barracuda Web Filter combines multiple techniques, including URL filtering, URL rewriting, and MIME type blocking to provide powerful control over policies covering Web site usage. Capabilities include:
- URL filtering by content category. You can define policies that restrict or allow Web sites based on their categorization. The Barracuda Web Filter includes definitions for 58 content categories, including pornography, violence, hacking, sports, news, dating, and chat sites.
- URL filtering by domain name or URL pattern. You can customize your content filtering policy to restrict certain Web sites, or look for specific patterns in Web site addresses. Advanced administrators can specify URL patterns to block using the very powerful UNIX regular expression (regexp) syntax.
- Image Safe Search integration (URL rewriting). The Barracuda Web Filter takes advantage of the “safe search” content filtering capabilities built into image search engines, such as Google, Yahoo, and MSN. If enabled, the Barracuda Web Filter Image Safe Search feature rewrites URLs for these image search engines to include the URL parameters that restrict display of objectionable content in cached image search results.
- File type blocking. You can define policies to restrict downloading of files over the Web based on their MIME types. For example, to block downloads of executables, you can block MIME type application/octet-stream.
- Filtering off-network computers. Barracuda Web Filters now use Barracuda Web Security Agents compatible with Windows PCs and Macs to provide Web filtering on off-network computers.
These controls can be combined to govern Internet usage to increase productivity, reduce exposure to offensive material, and to prevent visits to sites that could compromise security.
Internet Application Blocking
Beyond the standard HTTP proxy solution, the Barracuda Web Filter also enables you to enforce policies governing usage of applications that access the Internet. Features include:
- Instant Messaging (IM) Blocking. The Barracuda Web Filter enables you to set policy governing usage of public IM clients, including AIM, ICQ, Yahoo! Messenger, and MSN Messenger, and ICQ. These public IM clients can not only provide means for unmonitored communications, but their security vulnerabilities are often the target of those in the hacking community. Blocking public IM communications outright is one strategy to secure information flow and increase network security.
- Application Blocking. In addition to IM applications, the Barracuda Web Filter includes policies for popular applications that access the Internet, including Internet music applications, software updaters, and popular browser toolbars.
- IP and Port Blocking. You can customize your own IP blocking policies based on any combination of source or destination network IP address ranges and ports. One common usage of this feature is to prevent compromised machines from accessing the Internet.
The combination of Web and other Internet application blocking techniques enables you to define and implement complete Internet usage policies for your organization.
Advanced Policy Creation
Because different rules may apply to different constituencies in your organization, the Barracuda Web Filter supports extremely granular applications of policies by user, group, or IP address range. It also supports time-based policies. Features include:
- Default guest and user policies. For rapid deployment, the Barracuda Web Filter comes preconfigured with default guest (unauthenticated user) and known user (authenticated user) policies. You can easily customize default policies for content filtering and application blocking with simple easy-to-use Web forms.
- User and group policy exceptions. You can customize policies by defining exceptions on top of the default policies. Policy exceptions can apply to content filtering and application blocking rules, and they can apply to specific users, groups, or network IP address ranges. For example, you can set a default policy to block Web access to job sites but create an exception for the Human Resources group to allow them.
- Integration with LDAP directory servers. The Barracuda Web Filter integrates with popular LDAP directory servers, including Microsoft Active Directory, IBM Lotus Domino Directory, and Novell eDirectory. This integration provides the Barracuda Web Filter with real-time access to user and group membership managed by the directory server. You can define policies that apply to LDAP users and groups.
- Integration with Windows Domain Controllers. Included with the Barracuda Web Filter is the Barracuda DC Agent, software that can be installed on your Windows Domain Controller. This software provides the Barracuda Web Filter with the username logged at each IP address, and it enables proper application of policy without requiring any user intervention and without a separate login.
- Integration with Terminal Service Environments. The Barracuda Web Filter provides several methods of integration with Citrix/Terminal services environments. The Barracuda Web Filter can seamlessly integrate with LDAP/Active Directory, NTLM and Kerberos authentication mechanisms to provide single-sign-on authentication in a variety of network environments. Terminal Services users have a choice of using LDAP/Active Directory with Virtual IP support or native Windows Authentication through NTLM or Kerberos integration. This will allow per-user/per-group policy management and reporting in both CITRIX and Windows Terminal Services environments.
- Local users and groups. For sites that do not use directory servers or who wish to define policies for users and groups not managed by the directory server, the Barracuda Web Filter supports the creation of local users and groups on which to apply policy.
- Network IP address groups. You can define policies that only apply to certain network IP address ranges or subnets.
- Warning policies. The Barracuda Web Filter enables you to define policies for Web access that present users with a block page but allow them to proceed after being warned. Warning policies are useful for reminding users about sites which may violate corporate Internet usage policy without blocking them outright.
- Web traffic monitoring. You can define policies for monitoring specific Web site categories, domain names, or URL patterns without presenting block pages to users or preventing access. Monitoring is useful to assess the potential impact of new policies prior to implementing access restrictions on the user community.
- Time-based policy exceptions. You can define policy exceptions for both content filtering and application blocking based on time-of-day. For example, you can set a default policy to block access to sports sites but to allow browsing during non-working hours.
The Barracuda Web Filter was designed with ease of deployment in mind. With default policies, even organizations new to Web filtering can get started quickly. Organizations with more advanced filtering requirements can take advantage of advanced policy exceptions and integration with enterprise infrastructure.
Integrated Spyware and Virus Protection
The Barracuda Web Filter includes best-of-breed spyware and virus protection leveraging its heritage as a leading anti-spyware solution. Capabilities include:
- Blocking access to known spyware sites. As a first line of defense against spyware, the Barracuda Web Filter blocks access to sites known to host spyware.
- Blocking spyware downloads. The Barracuda Web Filter blocks spyware installed without the user's knowledge or consent - also known as drive-by installs or downloads - as well as any installations from known spyware Web sites.
- Integrated anti-virus protection. In addition to blocking spyware, the Barracuda Web Filter provides complete virus protection for all downloads. By utilizing dual layer virus blocking, decompression of archives and file-type blocking, the anti-virus engine in the Barracuda Web Filter further protects your network from crippling threats.
- Detection and blocking of spyware activity. The Barracuda Web Filter secures the organization by detecting spyware access to the Internet, blocking it, and notifying the administrator.
- Spyware Removal. The Barracuda Web Filter includes the Barracuda Spyware Removal Tool, an ActiveX download that removes identified threats from Windows computers.
By combining anti-virus and anti-spyware at the gateway with desktop spyware removal, the Barracuda Web Filter offers a unique approach to providing universal network protection from malware in a simple, easy-to-use appliance.
In addition to protecting the network, the Barracuda Web Filter provides the Barracuda Web Security Agent (WSA), a downloadable client that be installed on remote, off-network Windows computers. With the WSA installed, Web traffic from remote client computers will be transparently filtered through a central Barracuda Web Filter appliance to ensure that Web browsing policies applied to users within the network are also enforced to off-network users. The Barracuda WSA can be centrally configured and deployed and is tamper-proof once installed on client computers. This enables organizations to implement a consistent Web security policy across localized and distributed workforces without the need to invest in or manage additional solutions.
Simplified and Centralized Administration
The Barracuda Web Filter features an easy-to-use Web interface allowing for easy and cost effective administration of the appliance. The Web interface allows you to define, manage and control corporate spyware and Web security policies from one central place.
- Barracuda Energize Updates. A team of security engineers at Barracuda Central continuously monitors the Internet for trends in spyware and virus attacks. As they detect trends, updates are created for the Barracuda Web Filter. The Barracuda Web Filter is then automatically updated with new spyware Web sites, spyware rules, spyware algorithms, and virus definitions. These updates require zero administration and ensure that your network has comprehensive and accurate protection even as the spyware methods of distribution change.
- Logs and Graphical Reports. System administrators can view logs or generate graphical reports to provide visibility within the organization. The Barracuda Web Filter can provide information on infected clients, downloaded spyware and viruses, and top blocked users. The Barracuda Web Filter models 310 and higher also support summary reports, including top blocked, monitored, and warned Websites, top Websites by hits and bandwidth utilized, and top clients by hits and bandwidth utilized.
- No Per User Charges. Barracuda Web Filter pricing is simple. Each of the Barracuda Web Filters is designed to handle an approximate number of users. The Barracuda Web Filter includes a robust feature set at one fixed price with no per user charges. This means the system administrator no longer has to worry about keeping track of new accounts.