David Attard, Product Manager for GFI 
WebMonitor, talks about what’s new in GFI WebMonitor 2013.
Q: What’s special about the latest version of GFI WebMonitor?
A: We have enabled web filtering using agents in the latest version of GFI WebMonitor. Basically, a small version of the GFI WebMonitor server is installed on business assets such as laptops and notebooks. This enables the administrator to monitor and block web activity on assets that are not connected to the corporate network. A lot of employees have a company laptop that they take home with them or on their travels. Since these are company owned, we recommend that they are protected even when ‘roaming’, that is away from the office. The level of protection for company assets is the same with the GFI WebMonitor agent whether they are on the network or not.
Q: What if I don’t want to have the same level of blocking at the office and when the user is at home?
A: You don’t have to. You can create different policies for users in the office and when they are working at home or elsewhere. Although you can choose to block, for example, Facebook for certain users in the office, there is no harm in allowing access Facebook on the company’s assets when they are at home or travelling. On the other hand, some “personal” browsing should always be blocked. Apart from adult material, you should always block those websites that may cause security issues. GFI WebMonitor provides several security related categories and others such as Hate and racism, Violence, Illegal, Gross and Cheating.
Q. How does the filtering occur? What changes do I need to make to my network infrastructure?
A: The GFI WebMonitor agent is a self-contained, small footprint version of the web filtering functionality. It uses the WebGrade categorization service in the cloud to determine the category and reputation of a website. Once that information has been obtained, the policies in place for that user are checked to see if the request to access a website should be allowed or denied. This ensures that the agent does not need to be routed through the on-premise serve when users are browsing, thereby reducing the risk of network bottlenecks. This ensures that no changes in the network infrastructure are necessary, and no internal services need to be exposed outside of the firewall.
Q. Are websites accessed over HTTPS also monitored and filtered?
A: Yes, the GFI WebMonitor agent can monitor and block websites which use HTTPS. This is done using technology that does not intrude on the privacy and security considerations when browsing HTTPS sites.
Q. Does the agent have an impact on browsing?
A: Although in theory there is an impact on browsing, it is minimal. GFI WebMonitor agents caches (stores a local version) many of the categorizations requests for websites which are visited often so that the web browsing experience is not impacted negatively.
Q: Are there any other updates in GFI WebMonitor?
A: Yes. GFI WebMonitor (server) now allows you to use hosted email servers to send email notifications. This means that customers who are not using their own email servers can also make use of the monitoring, bandwidth, security and other alerts in GFI WebMonitor. Performance has been optimized as well to reduce the overall impact of the service particularly when there are large numbers of simultaneous users. The configuration of logging capabilities and the ability to monitor full URLs visited by users have been improved.
Christina Goggi on June 18, 2013
