Barracuda Web Filter 310 protects network depths from spyware, viruses

Barracuda Networks is building on the success of its Spam Firewall product line by delivering a similarly engaging Barracuda Web Filter 310 appliance. The device contains more features and customization than any other I’ve seen for the money.

Administrators familiar with the Barracuda Spam Firewall’s user interface will find a near-exact copy on the Web Filter, with its own feature-rich, multi-tabbed Web pages. (Web Filter was formerly known as the Spyware Firewall, until Barracuda extended its feature set and reach.) Although the device’s strength still lies in blocking spyware, it also blocks unauthorized Web sites, viruses, adware, malicious Web content, and unauthorized applications.

True Blue Appliance

Arriving as a 1U unit with LAN and WAN ports, the Web Filter 310 should be placed as an inline device to scan all incoming monitored content before passing it to the end-user. Content filtering begins with more than 50 separate predefined categories, ranging from the blatant (adult and porn content) to personal choices such as gambling, auctions, and finance.

Content can be blocked or whitelisted by domain, category, URL patter, or MIME type. Spyware and malware are blocked if they come from URLs previously determined by Barracuda Networks as malicious, as well as if they’re caught by the real-time binary content scanning.

The Web Filter can block peer-to-peer services, IM, file downloads, Web-based e-mail, music sites, proxies, and chat sites. Most of the popular services (AIM, iTunes, Weatherbug, MySpace, etc.) are already listed and can be allowed or blocked on a per-service basis. Preventing users from downloading and using unauthorized applications can significantly decrease malicious risk and increase productivity (infoworld.com/4304).

I want to stand up and applaud Barracuda’s capability to block third-party desktop toolbars -- such as those of Yahoo and MSN -- and applications that potentially pose a security risk -- such as instant messaging (a popular avenue for malware spreaders) and Citrix’s GoToMyPC.

One of my favorite features, in the content filtering section, allows an administrator to test a newly modified filtering category immediately, using a browser within the Web Filter interface. This allows the administrator to test for desired outcomes when trying to block or allow a particular site, although I did find some differences between what the test revealed and what occurred on the client.

Administrators can easily submit new sites and rogue applications to Barracuda Networks for addition to the built-in content categories. You can also block access manually using any of the Web Filter’s customized block options.

Local clients identified as infected by the Web Filter will be automatically blocked and directed to download and run the Barracuda Spyware Removal tool. Although I can’t recommend its use more than I can some of the better-known and lab-tested spyware removal tools, it’s nice to be able to give users an automatic option based upon malicious activity detection.

Nearly every feature includes whitelisting, blacklisting, exemptions, and authentication overrides, where an end-user can be allowed more access if he or she provides valid credentials.