Features in all editions
Monitor or Block a Connection in Real Time
Administrators can see what websites users are currently browsing and what files are being downloaded. An active connection, browsing session or download can easily be blocked, simply by clicking the block connection icon. This proves very useful if you need to interrupt the download of an overlarge file.
Monitor and Block Applications' Hidden Downloads
Some software applications connect to their home pages to download updates without the user¿s consent, using HTTP tunneling. Although this reduces software version administration, it also presents a security risk. Unknown applications (or Trojans) often use the same technique to download malicious files. Spyware, adware and pornware can be downloaded to a user¿s PC without his/her consent. GFI WebMonitor gives you control over which sites are allowed to distribute updates, ensuring that only safe sites (for example, www.microsoft.com) gain behind-the-scenes access to your computers.
Allow Exceptions through Whitelist and Blacklists
Any URL or user or IP can be added permanently or temporarily to the whitelist or blacklist which will supersede all web filtering and web security policies. For example, you could temporarily grant access to a particular user for his or her personal webmail account for a specified period of time, say over employee lunch breaks.
Controlled Access to the Configuration and Monitoring
GFI WebMonitor allows you to select which users can access the program¿s configuration and monitoring interfaces. You can assign rights based on either the IP of the computer from which access is being made or by the domain-authenticated username of the client trying to load the configuration. Only users in GFI WebMonitor¿s authorized users or IP list will be given access.
Features of GFI WebMonitor - WebFilter Edition
WebGrade Database Coverage of over 205m URLs
The WebGrade database offers increased URL coverage across multiple languages. The database size includes over 205 million domains. Due to the constantly changing nature of the web, GFI WebMonitor also queries GFI servers for categorization of URLs that are not found in the local cached database. If a URL is found to be uncategorized, it is processed by the server and added to the database.
Top Policy Breakers
GFI WebMonitor will now report details on all users who were stopped by GFI WebMonitor from breaching your company's Internet Usage Policy. Such breaches may include browsing restricted sites, downloading of malware infected files or file types that are blocked through download control policies.
WebFilter policy exceptions
Apart from a generic Blacklist/Whitelist, the admin can also define site exceptions for each particular policy. A typical example will be to block all news sites except CNN.com.
Time-based Filtering
Each of web-filtering policy may be configured to work on a schedule, meaning that administrators can configure the product to allow users or groups to access certain websites during specific intervals; for example allowing more open access to entertainment or webmail sites during employee break times.
Mitigate Legal Liability
Without the ability to exercise some form of management over what your users are browsing, you leave yourself open to legal liability in any number of ways. Provide your employees with safe, well managed access to the Internet while on your premises and you will safeguard your company, your employees and your bottom line.
Features of GFI WebMonitor - WebSecurity Edition
MSN control
Monitor and block MSN & MS Live Messenger incoming and outgoing messages through GFI WebMonitor¿s IM Control Policies.
User/Group/IP-based download control policies
The admin has the ability to create multiple user/group/IP-based policies to reflect the organization¿s security policies. For example, the admin can create a policy which prevents employees from downloading videos and MP3 files.
Scan Downloaded Files with Multiple Anti-virus Engines
GFI WebMonitor uses multiple virus scanners to protect you against inadvertently downloading malicious software. Using multiple scanners drastically reduces the average time taken to obtain the latest virus signatures, greatly reducing the risk to your site by each new virus. Also, since each engine has its own heuristics and methods, each brings its own unique strength in detecting and correcting for the ever-increasing variety of viruses. Overall, more anti-virus engines means more virus protection. GFI WebMonitor is bundled with Norman Virus Control and BitDefender. It automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI WebMonitor price includes updates for one year.
To achieve greater security and enhance the benefits gained by scanning via multiple anti-virus engines, users can add the Kaspersky SuperSecure anti-virus engine, available as an optional add-on. The Kaspersky SuperSecure database includes support for the detection of malicious software that can perform remote administration, keyboard espionage, password detection, automatic dial-up to paid sites, automatic downloads of files containing explicit materials and more. GFI WebMonitor automatically checks and updates the Kaspersky definition files as they become available.
Protect Against Socially Engineered Phishing Websites
Phishing is a social engineering technique that is used by malicious hackers to acquire personal information such as usernames, passwords and credit card details. These sites are designed to lead users to believe that they are passing on their details to the genuine company. Online shopping and credit card companies are among the most targeted phishing websites. GFI WebMonitor protects users from the potential risks of social engineering by blocking access to phishing websites. This is done through the use of an auto-updatable database of phishing URLs.
Manage which File Types Users can Download
You can create multiple user/group/IP-based control policies in order to block the download of particular file types (such as Javascript, MP3, MPEG, exe, and more) for particular users or groups or IP addresses. Dangerous files (for example, Trojan downloader programs) often attempt to penetrate a system masked as an innocuous file. GFI WebMonitor uses its built-in file signature scanner to analyze and detect the real file type signatures of downloaded HTTP/FTP files.
GFI WebMonitor for ISA/TMG
GFI WebMonitor is also available as a dedicated plug-in for Microsoft¿s Internet Security and Acceleration (ISA) Server and Threat Management Gateway Server (TMG). GFI WebMonitor seamlessly integrates with ISA/TMG, complementing the powerful firewalling features while giving IT Administrators the ability to get a much clearer picture of what type of traffic is being filtered, what type of Internet requests are being sent to the server and the ability to apply policies and rules based on IP, user or groups.