Fortinet is introducing a second content-filtering service to its multi-function security hardware – this time it's home-grown. Called FortiGuard, the service offers an alternative for Fortinet customers whose previous option, if they wanted to buy a content filtering service through Fortinet, was to buy a service from the company's partner Cerberian.
The major difference between the two offerings is that Cerberian's service is more effective at blocking sites in categories that customers designate as inappropriate, according to the director of security for UK integrator Matrix Communications, Peter Drinkwater.
He said Matrix’ tests of both Cerberain and FortiGuard showed that Cerberian catches about 92 per cent of sites that fall into categories designated inappropriate; FortiGuard catches 85 per cent, but that number is improving as the service goes through its beta period.
The two offerings have other differences as well.
Fortinet said its URL filtering library included 5 million URLs compared with Cerberian's claim to more than 1 billion.
The company uses people to look up suspect URLs that are not yet classified while Cerberian uses two different automated technologies – dynamic real-time rating and dynamic background rating – to determine how a site should be classified. Fortinet filters only English language sites initially while Cerberian supports multiple languages.
Drinkwater said Matrix had a customer that was using both services to help it decide which best met its needs.
He said either service eliminated the need for customers to set up a filtering server that stores banned URLs and to update these URL libraries.
"It removes a massive amount of time and management overhead," he said. "And you don't have to have any Unix experts hanging around to take care of the servers."
This is different from content filtering vendors such as Surf Control and Websense that rely on a separate server.
FortiGuard is integrated with FortiLog, an appliance that logs security data and generates reports, so customers can see who attempted to access what URLs and which ones were blocked. Log data can also be exported to third-party reporting tools.
It will be available by the end of June.