Difference between WSG appliance models

WSG(WFilter Security Gateway) appliance has two series of models: professional and enterprise. For example, WSG-100P means WSG professional for 100 users; while WSG-100E means WSG enterprise for 100 users.
WSG enterprise has full the features of WFilter NG firewall. Compare to WFilter enterprise, WSG professional is lack of some enterprise-level features: “Internet Usage”, “AD Integration”, “ISP”, and “Hot Standby”.

Hardware difference

Since WSG professional does not record internet usage which requires a lot disk space, WSG professional appliance only have a small harddisk(8GB) for reports only. And the RAM is also less.

WSG professional and WSG enterprise have the same box appearance.

Software difference

WSG professional has no “Internet Usage”, “AD Integration”, “ISP Management”, and “Hot Standby”. Other features are all the same. Please check the screenshots.

usage

ad_integration

Isp user01.png

 

So in case you don’t need usage recording and other enterprise-level features, you can choose WSG professional, which is much more cost-effective.

Facebook Comments

WFilter NGF vs. open source firewall systems.

There are dozens of open source firewall systems to download. Some are complete free, some provides limited free features. Does “free” sound attractive? but they have dis-advantages. In this post, I would like to discuss the comparsion of WFilter NGF with open source firewall systems.

Disadvantages of open source firewalls

  1. Limited features. Most open source firewalls does not have other enterprise-level features, such as “ usage recording/reports” , “domain integration”…
  2. Lack of support. Most systems only have forum support, unless paid.
  3. Slow response. Bugs may need months to be fixed.

Comparison

WFilter NGF is designed for business networks, with a lot enterprise-level features. In case you want a free solution, open source firewalls can help. However, if you need more features and better support, you’d better choose some commerical products. Below is a list of WFilter NGF advantages comparing to open source firewalls:

  1. Designed for business networks.
  2. Enterprise-level features: usage recording, powerful report system, AD integration…
  3. 7 * 24 dedicated support via email/phone/skype/teamviewer.
  4. Faster response. Improvements and bugs will be fixed ASAP.
Facebook Comments

WFilter NGF vs. internet filtering appliances.

Internet filtering appliances(UTM) are very popular in business networks. In this article, I would discuss the difference of WFilter NGF with internet filtering appliances.

Comparing to WFilter NGF, appliances are easier to be deployed. You don’t need to install the system by yourself.

Advantages of appliances

  1. Easier to be deployed.
  2. No hardware compatiablity issue.

Disadvantages of appliances

  1. Most appliances can only work for 2-3 years.
  2. Bad expansion. In case you have more network clients, you need to buy new appliances.
  3. Very expensive. Even upgrade is not free.

Comparison

Despite of the above disadvantages, Internet filtering appliances are ideal for business network security.  With WFilter NGF,  you need to test hardware and install the system by yourself. However, it also has below advantages:

  1. You can DIY your own appliance.
  2. License is upgradable and movable.
  3. Free upgrade for lifetime.
  4. Most cost-effective.

So if you like WFilter NGF features, or prefer a more cost-effective solution, please choose “WFilter NG firewall”.

Facebook Comments

WFilter ICF vs. proxy-based internet filtering solutions

Proxy-based internet filtering solution requires you to setup a proxy server, either transparent or non-transparent, then you can setup policies to filter web access. There are a lot open source or free products. This solution has below advantages and disadvantages.

Advantages:

  1. Free or open source.
  2. Can filter websites.

Disadvantages:

  1. Most are linux-based. You need a linux pc to setup the proxy.
  2. No support.
  3. Less features. Only for domain filtering.
  4. Add network latency.

Comparison

Proxy-based internet filtering solution is similar to the “website black list” in your router/firewall. If you only need to block some sites, it’s an option.

With WFilter ICF, you will get:

  1. Enterprise-level internet monitoring and filtering features.
  2. Dedicated support.
  3. No influence to network performance.
  4. Easier to be deployed.
Facebook Comments

WFilter ICF vs. internet filtering appliances

With rich enterprise-level features, internet filtering appliances(UTM) are very popular in business networks. In this article, I would discuss the difference of WFilter ICF internet content filtering solution with internet filtering appliances solutions. Internet filtering appliances have below advantages and disadvantages.

Advantages:

  1. More features. UTM appliances integerate more features, including web filter, VPN, firewall, anti-virus…
  2. Easier to be deployed.

Disadvantages:

  1. Most appliances can only work for 2-3 years.
  2. Bad expansion. In case you have more network clients, you need to buy new appliances.
  3. Very expensive. Even upgrade is not free.

Comparison

Despite of the above disadvantages, Internet filtering appliances are ideal for business network security.  Though it is more difficult to be deployed with less features, WFilter ICF software also has below advantages:

  1. Software solution without additional device, can be deployed with minimal change to network topology.
  2. License is upgradable and movable.
  3. Free upgrade for lifetime.
  4. Most cost-effective.
  5. If you prefer UTM solutions, please also check our: WFilter NG firewall.
Facebook Comments

WFilter ICF vs. dns internet filtering solutions

DNS internet filtering solution provides you a configurable dns server. Dns query to a blocked domain will be redirected to a denial page. This solution has below advantages and disadvantages.

Advantages:

  1. Easier to be deployed. You only need to change your dns server to get filtered.
  2. Can filter domains via a black list or url category.
  3. Can provide usage history and reports.

Disadvantages:

  1. The filtering dns server may not be as fast as public domain servers.
  2. Clients can break filtering by modifying dns servers.
  3. All clients can only share a same blocking policy.
  4. Can not block applications.
  5. Can only record dns query quest. No bandwidth reports or visited url reports.

Comparison

Compared to this internet filtering solutions, WFilter ICF is more difficult to be deployed. However, WFilter is much more powerful:

  1. When pass-by deployed, WFilter has no influence to your network performance.
  2. Client can not bypass filtering because WFilter inspects all network packets.
  3. You can set individual blocking policy for each client.
  4. More filtering features, including web filtering, web downloading blacklist, url keywords filtering, application control, ip-mac binding…
  5. More monitoring features and reports. WFilter can record visited domains, url, bandwidth… You can get various reports and statistics.

So if you only need to filter some domains or categories for the whole network, dns filtering would be a good choice. If you need more detailed reports or more dedicated blocking policy, WFilter ICF can be more helpful.

 

 

Facebook Comments

WFilter ICF vs. client & browser plugin internet filtering solutions

Client or browser plugin internet filtering solutions require you to install a client agent or browser plugin in client pc to filter websites. This solution has below advantages and disadvantages.

Advantages:

  1. Easier to be deployed. You can install client agent or plugin instantly.
  2. Can block domains or filter websites via cloud-based url category database.

Disadvantages:

  1. Can not filter smart phones internet access.
  2. Need to be installed in every client pc.
  3. Clients can break filtering by changing browser, or killing the agent process.

Comparison

Compared to this internet filtering solutions, WFilter ICF is more difficult to be deployed. However, WFilter is more powerful and easier for maintaince:

  1. WFilter can filter the whole network by one installation.
  2. All type of clients can be filtered, including smartphone, andriod, mac, windows, linux.
  3. No client installation is required.
  4. More features: internet usage monitoring and reporting, application control, web filter…

So, for personal/family usage, client & browser plugin web filtering solution might be a good choice. But when you need to manage a business network, WFilter ICF provides a better solution.

Facebook Comments

Comparison of WFilter ICF and other internet filtering solutions

WFilter internet content filter(ICF) is a windows software internet filtering solution for business networks. As an IT administrator, you may face several choices when deploying internet filtering in your network. In this topic, I will try to provide a comparison of WFilter ICF and other solutions.

As we have highlighted in WFilter homepage, WFilter can be deployed in pass-by mode, with minimal change to network topology. It requires no client installation. Please also check:

1. WFilter ICF vs. client & browser plugin internet filtering solutions.

2. WFilter ICF vs. dns internet filtering solutions.

3. WFilter ICF vs. internet filtering appliances.

4. WFilter ICF vs. proxy-based internet filtering solutions.

5. WFilter ICF vs. WFilter NG firewall.

WFilter is also very cost-effective, please check: WFilter price list.

Facebook Comments

How to block online file storage websites and file transfer applications?

Online storage solutions provide client applications and webpages for uploading and downloading files to and from their service. To stop business sensitive data being uploaded, you may want to block file storage websites and certain kind of applications.

In this post, I will try to explain the detailed steps with WFilter Enterprise.

First you need to install WFilter and make a correct deployment. Then you can add blocking policies.

1. Block online storage websites.

To block websites by categories, you need to enable “Block webpages by categories” and click “New…” in the dropdown list to create a category filtering rule. Then set “online storage” to “Deny”.

This option enables you to block most online storage websites, including both http and https sites.(ie: wetransfer.com)

block_filestorage01 block_filestorage02

2. Block file transfer applications.

To block file transfer applications, please click “edit” in “Applications” of your blocking policy. Then set certain protocols in “File transfers” to “Deny”. This option blocks pc and mobile applications clients. A supported protocol list can be found at WFilter supported protocols list.

block_filestorage03

Please note that the supported protocols and websites of WFilter can not cover all file transfer types.  If you want to block an application not in the supported list, please feel free to contact us. We will add it for you by free.

Also, for complete blocking of file transfers, you’re recommended to enable “website whitelist” of WFilter, so only work related websites can be accessed. And you also need to forbid usb and bluetooth devices.

 

 

 

Facebook Comments

How to block non-domain devices to access internet in network?

Some users asked about how to prevent non-domain devices to have internet access in business network. So this is the guide, using WFilter Enterprise.

As you know,  WFilter can be integrated with microsoft active directory. So you can monitor and filter internet usage by domain usernames. For details, please check: Active directory Integration of WFilter

To stop non-domain devices, please follow below steps:

1. Set a restricted policy to devices in “Default IP Policy” of “user-device list”.

So devices will only have restricted internet access.

block_non_domain01_en

2. Set real policy to domain users in “Users” of “user-device list”.block_non_domain02_en

3. Modify the “Policy Apply” option.

In “Advanced Settings” of “Account Monitoring Settings”, you need to set “Policy Apply” to “User Policy First”. So user policy will overwrite device policy.

block_non_domain03_en

 

Following upbove steps,  non-domain devices have restricted internet access only. When logged with a domain user, user policy will be applied.

 

Facebook Comments