iPrism Web Security offers a combination of robust features designed to deliver unmatched protection from Internet-based threats such as malware, botnets, viruses, spyware, circumvention tools, anonymous browsing, IM, P2P, and inappropriate content. As a self-contained appliance-based solution, iPrism offers universal interoperability on any platform and in any network environment, delivering Internet security at the gateway, to help enforce your Internet acceptable use and security policies. iPrism seamlessly integrates with your directory services to automate authentication for fast and easy deployment across your organization:
Multi-Layered Security Threat Protection iPrism's unique combination of enforcement methods assures powerful protection from botnets, malware, viruses, phishing and other threats. These methods include integration with ThreatSTOP's outbound anti-botnet technology, the 100% human-review iGuard URL database, integrated AV engine, and iPrism's unique Circumvention Defense Network. Together they deliver unrivalled protection to your organization and are easily enabled via simple check boxes, rather than complex multi-dimensional rule sets.
Proprietary Technology iPrism technology is port-agnostic providing comprehensive coverage across your network. Its exclusive transparent bridge deployment won't introduce latency to your network traffic no matter how busy your network gets. With filtered traffic throughput speeds over 500 Mbps, even networks with the largest pipelines are easily managed by iPrism's combination of in-line deployment and kernel-level filtering technology.
Hybrid Remote Filtering Requiring no VPN or Hardware in the DMZ With iPrism's exclusive hybrid technology, you can manage remote users easily with no VPN tunnels, no DMZ proxy deployments and no browser-specific PAC files required, assuring bandwidth conservation and no latency. iPrism's hybrid technology uses a location-aware remote filtering client and the Amazon Web Services distributed data center to ensure enforcement of your AUP across all users, on or off-premises.
Most Comprehensive and Accurate URL Database EdgeWave maintains its own URL database, with 80 categories containing millions of websites. This allows you to easily customize your filtering to fit the exact requirements of your acceptable use policy. iPrism assures automatic, daily database updates, and crucial security categories, including anti-botnet and anti-circumvention defense, are updated hourly.
FEATURES Exclusive Transparent Bridge Mode Deployment iPrism's standard deployment and proprietary port-agnostic, kernel-level filtering combine the accuracy and security of pass-through filters with the speed and coverage of a pass-by or sniffer-type solutions, giving you the best of both worlds. Unlike proxy-based user-level filtering solutions, our kernel-level filtering means latency is never introduced. However, the iPrism appliance can still function as a direct proxy when deployed in Transparent Bridge Mode, working seamlessly in a wide range of network scenarios involving mixed platforms, legacy systems and other variants. iPrism h-Series appliances include a built-in, high-speed network failover circuit to mitigate introducing a single point of failure, and load balancing is supported.
iGuard Database with iPrism Automated Rating Protocol (iARP) The iPrism 100% human-reviewed iGuard database includes the iARP feature, which further refines Web filtering by sending your most frequently-accessed unrated URLs to the iGuard team automatically to be added to your and all our customers' database.
Exclusive iPrism Hybrid Remote Filtering iPrism's new Remote Filtering extends comprehensive, flexible Web security to your corporate laptop and other remote or roaming users with an exclusive hybrid technology that makes deployment simple and seamless. Unlike any other remote filtering solution on the market, iPrism's proprietary technology delivers powerful Web security to your remote users without using your VPN and without adding any hardware in your DMZ or requiring browser-specific PAC files. Using a combination of iPrism Remote Filtering Client (for both Windows and Mac) and proven Amazon WS Data Center cloud service, iPrism Remote Filtering delivers comprehensive Internet security to your employees no matter where they are located. iPrism Remote Filtering's centralized administration and reporting assures AUP and security policy enforcement as well as comprehensive reporting across your organization.
Outbound Anti-Botnet and Inbound Antivirus Protection iPrism Web Security provides continuous defense against dangerous botnets by leveraging the ThreatSTOP Botnet Threat List to stop the "phone-home" mechanism that enables stealth, bot-related malware to steal identities or data and commit illegal or malicious actions within and outside your network. When combined with our four-factored antivirus engine that blocks malicious inbound traffic, you get multi-layered protection from damaging botnets, viruses and malware to protect your organization without incurring false positives or latency.
Centralized, Multi-User Admin and Reporting with Granular Override Management and SSO iPrism gives you the flexibility to define roles for policies, reports, and other facets of administration with eight pre-defined and customizable roles that you can delegate to any person within the organization (local or authenticated users). And unlike any other solution, iPrism has a granular override feature that allows you to delegate override privileges to a secondary administrator or even provide self-override roles to some end-users. iPrism's browser-based user interface offers single sign-on (SSO) access for comprehensive administration and reporting capabilities via any browser. In addition, multiple delegated administrators can log into the UI simultaneously for increased efficiency. This is ideal for situations requiring more flexible policy enforcement, or for large organizations trying to optimize resources.
Application Controls iPrism offers application controls that reduce the risks associated with unsanctioned application communications. These applications, which include popular IM and P2P protocols, not only erode productivity and drain bandwidth; they can open serious security gaps where bot-related malware and viruses can invade your network. iPrism allows you to monitor and block IM and P2P applications such as Skype and FTP with a simple set-and-forget check box.
Enhanced Directory Integration Unlike some competitors, iPrism employs on-box user authentication rather than user identification giving you significant advantages. Because iPrism complies with Microsoft Best Practices and does not require a separate off-box agent, you achieve automated authentication with more security, less bandwidth drain and no latency. iPrism authentication incurs no OS conflicts and eases your administration duties by integrating seamlessly with all major network directories including Novell Netware Directory Services (NDS), Windows Active Directory (including one-way outgoing trust support) for Window 7 and also Mac clients using AD 2003/2008 and Mac OSX Snow Leopard. In addition, as an LDAP variant, it is possible to integrate iPrism Web Filter with OSX Server Open Directory (LDAP v2/v3).
iPrism iLearn Center - Embedded Video Tutorials The iPrism iLearn Center offers exclusive video tutorials that are embedded in the new iPrism user interface. This enhanced user support feature allows you to manage your Web filter configuration and policy settings on-the-fly, shaving hours off the time you spend on IT administration tasks. The iLearn Center houses a series of short video tutorials that walk you through specific iPrism tasks without requiring you to log out and access a manual or knowledgebase. These concise, easy-to-use materials include text as well as videos covering a wide range of iPrism capabilities. The iLearn Center tutorials are conveniently accessible through the new iPrism Web-enabled user interface from a central help page and also via icons located at relevant points throughout the iPrism UI.
Seamless Terminal Server Integration iPrism's unique auto-login feature allows terminal server users to maintain their productivity without incessant authentication requests. iPrism's unique "session based" authentication technology lets you use Auto-login to simplify the authentication process without installing any software on your terminal or AD servers. This seamless integration is verified by the fact that iPrism is the only Citrix Ready appliance-based Web Filter on the market, assuring consistent policy application whether your users are Web surfing from their desktops or via Citrix or other terminal server systems.
Comprehensive Logging, Real-Time Monitoring and Reporting On-Box iPrism's comprehensive on-box reporting requires no additional hardware or software and includes real-time monitoring and email alerts that give you highly accurate and timely visibility on Internet activity across your organization. Historical reports can be generated using a variety of available templates or you can customize reports to suit your needs. Reports can be scheduled by day week or month and can run in the background ? freeing you to take care of other projects while your reports are automatically generated. You can also assign designated users the right to run the Reports Manager, allowing you to use your IT resources more efficiently. Email alerts are generated when security problems are detected allowing you to quickly mitigate threats before they cause damage.
If you have multiple iPrisms deployed across your large enterprise and distributed network, the iPrism Enterprise Reporting Server (ERS) delivers comprehensive aggregate reports on all Web activity quickly and easily.
Anti-Circumvention and Anonymous Browsing Protection Employees who try to get around your Web security measures by using circumvention tools, proxies or anonymizer websites, will have their attempts blocked at every turn by iPrism's multi-layered approach:
Circumvention Defense Network (CDN) iPrism's unique CDN protects your organization from circumvention attempts by gathering intelligence on thousands of externally-hosted non-Web servers used to circumvent your network security by re-routing Web requests. We collect these IP addresses in the cloud and analyze them against known legitimate sites to mitigate false positives and immediately and continuously download the results to your iPrism. iPrism inspects outbound traffic and enforces monitoring and blocking of circumvention tools -- including UltraSurf, Tor and JAP clients - attempting to connect to their server networks.
Dynamically-Detected Proxies Using deep packet inspection with real-time pattern rules, iPrism monitors and blocks websites or private servers leveraging script-based proxy tools, including PHProxy and CGIProxy, to anonymously redirect web requests.
Anonymizers The iGuard analyst team continuously monitors message groups and other anonymizer listing sites for new anonymizer URLs, and updates the database hourly.
Active Domain IP Address Mapping and SSL Certificate Inspection Administrators always know where users are going on the Web because HTTPS traffic is enforced and reported using domain names, instead of IP addresses, in both transparent bridge and proxy mode deployments. This mapping feature blocks the ability to circumvent iPrism using IP addresses.
EdgeWave h-Series Appliances iPrism's powerful line of high-performance hardware offers a full range of appliances designed to deliver optimum performance and blazing Web security throughput speeds to organizations of all sizes no matter how big your pipeline. All of the h-Series models share a hardened and optimized OS for complete interoperability. Also, many h-Series models offer dual hot-swappable hard drives and power supplies for enhanced reliability.