Great info! In regards to #2 - they are moving everything away from Java and towards web-based. I agree with #3 - AV scanning is disabled here as well (would have been like a 4th or 5th layer for us, so not really needed). Our hosted service checks incoming email, Trend Micro checks Exchange, iPrism blocks just about every website category not work-related, Vipre protects file-level... As for #4 - I would love to see this feature as well!
________________________________ From: S Conn. [mailto:[email protected]] Sent: Friday, June 19, 2009 3:30 PM To: NT System Admin Issues Subject: Re: Iprism On Fri, Jun 19, 2009 at 11:07 AM, Jay Dale <[email protected]> wrote: Anyone use Iprism from St. Bernard? Currently on a teleconference demo with them. Anyone with experience that can share thoughts? Thanks, Jay I'm a iPrism customer/user/etc and have been using them coming up on 2 years now. Not really a bad product, it does what it's supposed to do and I haven't had a crash or extended outage (that I didn't cause) yet. At first I hated it, but I came to realize that it wasn't the product but the headache of using a proxy/filter in general. I HATE managing proxies. Now there are some issues I've run across and some might not be product specific, but issues regardless. 1. It had some weird issues with some internal sites. Like it would show only half the info. Yes, it's site specific issues, but there wasn't a problem until I patched the box. Suddenly the site in question started acting up. The only solution from support was to bypass the local site on the client side (tell the browser to go direct). I did that and no issues, but I found it odd/annoying that they couldn't tell me what in the update broke it. 2. I hate the admin interface. It's a java applet, doesn't seem laid out right, and you have to exit the damn thing to save/apply your changes. It's not a deal breaker because it's easy to get used to, but still a pain. Also, the configuration module and reporting modules are java, but the filter manager, template manager, hotfix manager, etc is web based. You'd think they could put it all web based and keep it consistent.. 3. I've had bad luck with the AV scanner. I know AV scanning adds overhead to your traffic but it slowed things down to unacceptable levels. I just keep it disabled. 4. Filters are based on profile, so unless I set up a special profile for the user or give override access I can't allow one user to have access to a specific blocked site only. So if one executive has to have yahoo mail, and no one else is allowed, I'd have to create a profile just for him and a ruleset(category) just for him. I can't just assign his username to allow yahoo mail. 5. This issue is hard to explain so I'll do so by example. Let's say I have a site, like ebay.com. It's catgorized as shopping. I block shopping for everyone. Now another profile is allowed ebay and a couple other shopping sites, but not the rest. So, I create a local ruleset, block it from profile1, give access to profile2, and change ebay to the new ruleset. Now profile1 is still blocked and profile2 has access to specific shopping sites. Now profile3 comes along and needs to allow ebay only. If I create ruleset2 and add ebay to it, ebay will now be ruleset1,ruleset2. If I block profile3 from ruleset1, even though it has access to ruleset2, it's still blocked because ebay is also assigned to ruleset1. So now I have to change ebay to ruleset2 only, and give profile2 to ruleset2. Basically it gets freaking unnecessarily complicated. Some positives.. I upgraded to the better hardware, they bought my old one back from me and gave me a good discount on the new hardware. Migrating to the new one was simple; took longer to unbox and rack than it did to import the settings and get my users on it. Haven't had an outage that I didn't (accidentally) cause. Reporting seems pretty good.. I don't do much reporting, but haven't had issues finding what I needed. I also like the real-time monitor and it's search. You can customize the crap out of block screen and other screens. I made our block screen bright orange :) so you can see if someone got blocked pretty easily. I also put in a mailto link in the block page that grabs the url and rating and puts them in the email so users can easily send that to me if they want to complain about a block. St. Bernard seems pretty good on the filters. Some I had to reclassify (didn't agree with the category), but they seem on top of it. It's a solid product, cheap, works well but I'd definately look around before buying it. Seth ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
