features that will hopefully make into future versions

Unanswered Question
Dec 8th, 2007
User Badges:

I haven’t yet installed the sawmill but I have been looking at the overall appliance options .As ironport is the very best at email filtering hands down I hope that they are working on improving this web appliance. The reason I say this is I got very excited to hear that they have an appliance for the web. I figured since there email appliance is the best that there web appliance would be better than what we are already using so I talked my employers to trying it. So far after using it I believe when you compare the options that the S650 I hope that they will be doing some upgrades in the near future to add some of these options in that most other security/filtering appliances have.All of these options should be added so that ironport can be on top with the best web appliance as well as email appliance.

1.To be able to recategorize websites url’s locally to already created categories without having to create a new one.

2.A much more robust reporting system right now you can't tell who visited what sites on what dates without having to use some third party software.This is pretty much crucial today to be able to tell who went to what site without having to spend a lot of time doing it.

3.A use Quota option. This would be like for example you could set people to only have say any where between 30min to 4 hours a days to listen to streaming media or streaming video or to any other category.

4.An administration override this would give say a network admin or tech the option to enter in a password so that a blocked page could be displayed right away on the person pc.This would save having to create a new group in AD and then given that group right to that one website.

5The option to use url filter command instead of WCCP command or setting up proxie connections on people's local machine.WCCP doesn’t always work well on remote sites and therefore you would have to setup a proxy connection on the pc’s at these remote sites if WCCP wasn’t an option.I understand that WCCP is mainly used for website caching among other reasons. I would think that if a company could afford the S650 to start with that the chances are pretty good that they are using a high speed connection like a DS3 line. With a high speed connection like a DS3 caching isn’t really going to be a concern.At the very least let the customer decide if they want to use url filtering command if no caching is needed or WCCP if it is.

This is just some constructive thoughts and I really hope that these features end up in future versions. In my opinion ironport is the best at email filtering and invented reputation filtering. Most everybody knows that if you want the best in email filtering and security you use ironport.I believe that with these features added to the S650 they will be on top of the web surfing security/filtering business as well..

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Tim Jackson Mon, 12/10/2007 - 17:48
User Badges:

I would like to see more enhancement to proxy services. Reverse proxy/acceleration and application proxy to name a few. Care to share any feature roadmaps you all are allowed to talk about?

qsnow_ironport Thu, 12/13/2007 - 14:28
User Badges:

I'd like to see most of those also. As for the reporting, I was initially skeptical about it not having any on-board reporting, however after I've gotten use to the Sawmill product and using it to do the reports -- this is, indeed, a descent solution.

You can really do anything you want with the reports - extremely flexible.

As for the proxy/wccp thing - do you have internet connections at all the remote sites, or do they all come back to a central location for internet traffic? If you have seperate internet connections, then I can see your point. We have 2 main internet connections (at 2 datacenters) and all of our remotes come back to one location or another. So we stuck an IronPort at each, and that parts has been working okay.

cemccaskill_ironport Thu, 12/13/2007 - 20:28
User Badges:

Ok I installed sawmill and yes it does have what I am looking for however I am not sure why but the times are way off.I checked everything in Ironport those times seem correct.Do you know if there is a time setting in sawmill? The other question I have with the sawmill is do you direct the log sources to a certain file on the ironport or do you just leave it as a wildcard? The way I have it now the log source says "accesslogs/*"

Do you think that is correct?

On the wccp I have serveral interfaces on a ASA and according to cisco you can only redirect traffic using wccp on the same interface.So for example lets say you have interface 1 and 2 and 3.Now lets say you have the ironport on interface 1.If you try and use wccp to redirect traffic on interface 2 to interface1 according to cisco that is a security rule in the ASA that you cant change and it will block that traffic.Now on a router this will work no problem but in my case all my interfaces are on a firewall and its doing all my internal routing.


This Discussion