Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
St. Bernard's iPrism 1200 is a 1U rack-mountable appliance. With clearly labelled network ports, it is very simple to connect to the network. St. Bernard also sells the iPrism 3000, which is aimed at larger organizations, with Gigabit Ethernet.
While you can connect to the management interface using a web browser, there is little point as it just launches St. Bernard's Appliance Manager, which you should install on your PC. It's a Java application, but it refused to run on our first notebook, so we had to switch machines to run it.
The initial configuration steps let you assign an IP address, configure your software license and choose the mode of operation: bridge to sit inline on a connection or proxy server. You can also choose to enable the out-of-band management port on the back, so you can connect the iPrism to your management network. Once done, the next time you get the full management screen. The filtering works by creating profiles. Each profile contains a list of categories and, using a time grid, when they are blocked and allowed. However, the grid may look pretty but it is hard to see exactly what's going on.
St. Bernard has implemented a comprehensive website category scheme. Each main category also has sub-categories, so you can choose exactly which websites you want to block – the database is updated daily.
When a user gets a blocked page message, they can click the request button to send an email prompting an administrator to allow access to it. It is a simple way of dealing with wrongly categorized sites. Also, a profile can state how to deal with IM and P2P clients, so you can build in protection for that as well.
Once you've created your profiles you can assign them to IP address ranges or, with its NTLM integration, Windows users. Both processes are easy. In our tests the iPrism blocked test websites and HTTP-Tunnel correctly. It is a simple, powerful system to use, though the Java app needs more work to make it more stable.
Unblock request feature helps reduce false positives.
Had trouble getting Java-based management running.
A simple and powerful system to use with support for P2P and IM, but the Java-based management needs to be more reliable.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.