The LogiSense EngageIP Traffic Manager appliance combines the security benefits of firewall and web content filtering with other features that include web caching, routing and bandwidth management, with real-time bandwidth consumption reporting and quality-of- service (QoS) shaping.

The firewall can act as a SOCKSv5 proxy server and offers full network address translation (NAT) port forwarding. It supports multiple Ethernet interfaces for demilitarized zone (DMZ) applications and provides a VPN. It can allow or deny packets based on IP address, protocol or port.

The web content filtering is performed by a third-party product. This checks each requested URL against Cerberian's list to obtain a classification. (If the URL is not listed, it performs an on-the fly rating using Cerberian's dynamic real-time rating engine.)

There are more than 50 classifications, which allows a very granular approach. You can configure which classifications are acceptable to your company and which should be denied. You can even configure this on a user-by-user basis to allow some individuals or departments different permissions to others. Access to specific URLs may be blocked independently of their classification, and time-of-day rules can be implemented.

The Bandwidth Manager offers configurable minimum and maximum bandwidth allocation for any class of traffic based on IP address, protocol or port. Bandwidth rep-orts may be generated, and these can be classified by interface. Additionally, bandwidth consumption reports may be displayed graphically in real time.

The router functionality provides full routing protocol support for RIP, OSPF and BGP. Config-ured in this way, no changes are required to clients and HTTP traffic is transparently proxied.

Web caching includes DNS and may be configured for various peer selection priorities. There is real-time logging and event notification, plus it can facilitate the analysis of user statistics by integrating with third-party reporting solutions from WebTrends and Web Spy.

The various functions of the appliance are well integrated and easy to manage from a single web-browser-based GUI. Load-balancing between units is standard, while an optional extra is high availability, which utilizes a 'watchdog' link to provide automatic failover.