Cloud enablement has become top priority for a multitude of businesses. Moving to the cloud should never be taken lightly, however, especially when it comes to security and system management. Today’s small and medium enterprises are under attack, in part thanks to the Internet and cloud services that have become integral to many businesses' operations. As Enterprise Networking Planet has discussed, however, the cloud doesn't just pose threats. It also provides new ways to mitigate them. Take, for example, GFI’s entry into cloud services, GFI Cloud, which incorporates several key services to protect SMEs from the threats of the cloud—using the cloud.
GFI Cloud services, which can be purchased individually, include antivirus, patch management, server monitoring, workstation monitoring, asset tracking and GFI’s newest service, web protection, all delivered from one web-based console. Each of the services starts at $12 per user, per year, with discounts for multiple computers, longer terms, and/or service subscriptions. I recently tested GFI Cloud and the latest offering in the GFI Cloud platform, Web Protection in GFI Cloud.
A Closer Look at GFI Cloud
GFI Cloud aims primarily to ease IT management by shifting core management and security capabilities to a cloud service. That service offers centralized control and management without requiring on-site integration of new hardware or software. The cloud concept also enables IT managers to bring centralized management to remote sites, satellite offices and mobile workers by eliminating the physical location as the primary component of systems management.
I took advantage of the company's 30-day free trial to take GFI Cloud for a test drive. I evaluated the product on several Windows PCs and a Windows Server to create a typical small enterprise environment that would require central management.
At first glance, the services proved very easy to configure, install and manage thanks to an intuitive browser-based management console, which followed a logical progression for defining groups, users and the key element, policies, used to assign services to users and manage PCs and servers. The policy-based approach enables multiple managers to enforce security across multiple machines without having to individually configure each system on the local or remote networks. Simply put, it is a major time saver.
The services as a whole provide a solid foundation for managing network systems and users, and the Web Protection component offers exceptional value as both a standalone service and as a part of the overall GFI Cloud suite.
"Web Protection in GFI Cloud" may not be a catchy name, but it doesmake the service's focus clear: protecting users from the ills of the web, specifically the malicious payloads that can accompany web sites, even without users clicking on anything within the page.
Web Protection in GFI Cloud
Easy deployment is the product's primary claim to fame. Normally, when setting up a web filtering and security product, IT administrators must configure hardware, define complex policies, set up web proxies, and perform a number of other tasks before even thinking about pushing protection to endpoints.
GFI eliminates many of those configuration concerns in favor of a simplified deployment model. Endpoint setup requires little more than a few mouse clicks, with the installation of a small-footprint agent,while the browser-based console handles administrative setup.
An easy-to-use console is a critical component of any network/web security product, especially a product aimed at the SME market. GFI provides interactive help and setup wizards to simplify administration. Even better, that simplicity does not impact the service’s ability to scale to larger businesses, which may benefit from the multitude of other service offerings under the GFI Cloud banner.
Policies can be quickly defined using the console
Primary protection comes in the form of Internet access control and monitoring of information protected endpoints are passing to and from the Internet. Content filtering proves to be a very important component of the service, allowing administrators to control what websites are accessed and when, as well as filtering content based upon categories, whitelists, blacklists, and other elements. Policy definition is very granular, giving administrators the ultimate in flexibility to meet legal and HR needs.
GFI’s pre-defined categories are a major innovation and include definitions like "legal liability," "productivity loss," and others. Of particular interest is that categories are directly related to business impact, making it much easier to define filtering policies based upon HR policies or other business needs.
Summary screens support drilldown and offer at-a-glance views of activity
Web Protection in GFI Cloud also offers bandwidth monitoring. Here, I was able to quickly set bandwidth thresholds to control how much groups or individuals can the Internet and how much data can be transferred across the network to the web.
Bandwidth monitoring should prove useful, especially for remote offices that share Internet access over limited throughput connections. What’s more, bandwidth control can reduce costs in situations where businesses are charged by the amount of data downloaded, such as 4G cellular hotspot-based networks.
Simplified usage screens make it easy to spot who is visiting a given website
GFI’s service also provides visibility via a plethora of monitoring and reporting screens that support filtering and drilldown. If you want to know who's doing what, and when, you'll find a screen/report for that. What’s more, the traffic analysis reports can be rolled up into a group view or business view or rolled back down to the individual user. That makes it easier to investigate issues related to web usage, as well as to tweak policies to better fit real-world usage scenarios.
In reality, most business need more than just web filtering and bandwidth monitoring to protect their users and IT systems. That said, GFI’s service easily integrates with most other common security services, such as antivirus, anti-malware, and data leakage protection.
Nevertheless, IT administrators may want to take a holistic approach to security instead of a piecemeal approach. To that end, GFI offers numerous other services under the GFI cloud services suite and makes comprehensive management and integration a primary component of their cloud offering.
All of those services can be integrated and used from a central web console, giving administrators the whole picture of what is occurring across the network and what the status of every computer is, whether in the office or remote. When fully integrated, GFI Cloud provides that holistic approach that most IT managers seek, all with the flexibility and easy deployment and management made possible by the cloud.
Additionally, for businesses that have well-established security products in place but lack the ability to filter access or control bandwidth, addressing those issues usually means investing in expensive add-ons to their existing security products. GFI Web Protection for GFI Cloud can eliminate that complication by supplementing the existing security products and offering a per-computer subscription model that keeps costs low.
All things considered, GFI has done an excellent job at bringing web filtering to the cloud as a service, and many businesses may want to give the 30-day free trial a spin. GFI has aptly demonstrated what a web filtering product can do and how simple it can be to manage, making it a viable contender in the growing market of web filtering solutions.
Photo courtesy of Shutterstock.