Network Composer puts network usage, threat data in SMB admins' hands
Cymphonix's latest offering is strong on reporting and malware filtering but light on QoS
Network Composer doesn’t participate in QoS tagging as defined by existing routers but does its own internal traffic prioritization. For example, I was able to give HTTP/HTTPS traffic a higher priority than IM traffic as the packets passed through the DC30X. This kind of prioritization takes effect when Network Composer reaches a certain level of internal congestion.
If this was an enterprise appliance, the lack of QoS would be a big deal; as it is, most SMBs won’t have a full QoS system in place (if they have one at all), so Network Composer’s setup works OK. It’s constantly monitoring the traffic stream -- it just doesn’t enforce the prioritization until its threshold is reached.
Scrub that Internet traffic
Content filtering is another subtly powerful feature. Based on Fast Data’s URL libraries and Cymphonix’s detection engine, Network Composer includes a large list of categorized sites and can easily enforce just about any acceptable use policy. Admins can block access to Web sites based on category, a specific URL, file type (such as .rar and .exe), and MIME type (such as video/mpeg). A whitelist facility is also included to make sure specific URLs, such as business partner portals, are never blocked.
Network Composer really shines when it comes to reporting. It can display usage information based on hardware or user profile. Hardware profiles don’t require any special configuration, but to log usage based on user, special LDAP settings must be defined in the box along with the addition of a client-side executable.
Defining the LDAP connection is no harder than most other types of network devices. The LDAP client application must be run on each user’s PC -- in my case, launched from a Group Policy log-in script. The program takes up less than 3MB of system memory and I experienced no trouble while running it.
What I really like about Network Composer’s reports is the accessibility of the collected data to the administrator. A customizable dashboard shows at-a-glance recent activity, including a summary of application traffic, bandwidth by user and blocked malware and Web requests. I can click on any graph or traffic category and quickly drill down into the specific data behind the graph --- very cool. Although not nearly to the level of Network Physics’ NP-500, admins can dig into the traffic and get a good idea of how their network bandwidth is being consumed.
One thing missing is the capability to drill into a specific traffic type on a device or user basis and see the conversation details. For instance, I wanted to know if the HTTP traffic attributed to a server was inbound or outbound traffic. In this release, that level of detail is not available, but I was told that it will be included in future releases.
The Network Composer DC30X is a very good tool at a terrific price. I really like how much information is available from the intuitive UI and how easy it is to set up and use. Traffic shaping and content filtering are good and the malware and virus scanning kept out all of the bad stuff I could throw at it. There’s not much more you can ask of an SMB threat management box.