Futuresoft Dynacomm i:series

Futuresoft's Dynacomm i:series content filtering tools consist of i:filter, for general HTTP and FTP content filtering, i:mail for email filtering, and i:scan which provides general file surveillance, including the ability to look for and disable, IM and P2P networking clients.

I:filter is a Windows NT/2000 application that can be used standalone or work with Microsoft ISA (Internet Security and Acceleration) server with, in each case, three main components. The network monitor does most of the work of intercepting and examining network traffic, with a separate management console and a self-contained database to hold the configuration information, plus all the activity logs and a categorised list of restricted sites. All three components can be installed on one server or distributed across multiple platforms and, because it only monitors traffic rather than acting as a gateway, no client changes are required.

There's no web interface, but the Explorer-like management console is straightforward. We quickly defined multiple network monitors and configured rule sets to manage access to specific types of website using either the categorised URL database provided or keywords, or both. It's also possible to manage file download activity, but only by blocking access to particular file types altogether. There are no options to screen out pop-up ads, active agents and scripts, or to scan for viruses using either built-in or third-party scanners. Although rules can be applied to individual users, in order to identify them by logon ID an agent has to be installed on every client PC, and that can be problematic on a large network.

In its favour i:filter is very easy to use, does a good job in terms of applying web access policies and has good reporting facilities. It also has useful traffic monitoring tools that graph, in real time, all network traffic, broken down by direction, protocol, user and time.

I:mail is also for Windows NT/2000 and acts as a relay for use with any SMTP (Simple Mail Transfer Protocol) mail server. There are no specific versions for use with Microsoft Exchange or Lotus Domino.

A similar management interface to that in i:filter is used, with rules that can be configured to filter incoming messages by first matching them against a whitelist of permitted senders, followed by a blacklist made up of manually created restricted addresses plus links to realtime black hole lists. The software will then look for known spam techniques using definitions that can be further finetuned and weighted to suit different business requirements. Assuming the messages aren't already blocked, i:mail can then strip out attachments and scan for viruses using third-party scanners, and apply other rules on an individual basis.

Outgoing mail can be scanned for viruses, checked against lists of permitted and blacklisted destinations and stamped with disclaimer messages. Creating the rules is easy, but can be time consuming so, to help with initial setup, you can apply a preconfigured set of rules to provide a basis for further customisation. These rules will block most spam and strip out all executable attachments. They will archive incoming messages for five days, to weed out any false positives, and stamp a disclaimer on all outgoing mail.

>I:scan differs from most other content management tools, in that it's designed to find and examine files already on the network. This is done based on keyword content, to find potentially offensive or confidential material. File signatures can also be created to recognise files even though they may have been renamed. You can't filter and allow restricted use of IM and P2P services, but access to them can be blocked by searching for and deleting the associated client software. You can export file signatures to i:mail to stop confidential data leaving the organisation and create audit trails for files that are allowed to leave.

The version of i:scan we tested could only scan remote systems configured with file shares to which the scanning system had access privileges. That severely restricts its operation, but a more comprehensive version with a local client agent should be on sale by the time you read this.

Contact: Futuresoft 01260 292 222
www.futuresoft.com