Trustix Xserver Content Filtering Gateway 800
$7,499 for up to 500 users
A simple management interface and a powerful reporting system.
No printed documentation for the reporting module.
A versatile system that is well worth considering.
This is a 1U-height rack-mountable device, with an Intel 2.4 GHz Celeron processor, 512 MB RAM and two 80 GB IDE drives in RAID 1 configuration. It functions as a proxy server, which might mean some network address and firewall configuration juggling before it is set up to your satisfaction.
If you do want to change the default address settings, you will have to come to grips with the underlying Linux OS. Apart from that, the system can be managed through a web browser.
The system is unusual in providing two interfaces, one for general system management, and one for generating and viewing the various logs and graphs the system can provide.
Both interfaces share the same IP address, but use different port numbers. Although this could be useful where there are a number of units operating in a cluster, it would be nice to be able to access everything from one place. That said, the interfaces are clean and uncluttered, with online help available at all points.
While this covers much of the same ground as the printed documentation, the online help is the only source of information for the reporting module, which has plenty of options for displaying and collecting data.
The content filtering system has pre-defined categories and one default rule. Adding rules is a simple point-and-click affair. If you are curious, the system will display the rule's text, which could be useful if a rule appears to be do something unexpected.
Rules are applied in order, and they can be re-ordered to ensure that the desired effects are obtained. A rule can be simple, perhaps just applying a complete block on a particular website, or complex, restricting access for specific users to particular days and times.
The system can also restrict the amount of time a user can spend surfing the net, and the types of files that can be downloaded. This last feature will block files on the basis of their extension, but will also analyze the content of some file types to see if it matches the extension, which should thwart any attempts to get around the security restrictions by renaming a file.