I'm hoping for some advice on the advantages and disadvantages of different URL filtering/web malware scanning solutions.
We have a head office with a Cisco ASA and several small branch offices connected via IPSEC VPN typically with a Cisco 877 ADSL router.
We would like to enforce more control over internet use at all these sites e.g. block undesirable web content.
So we are considering using a SaaS based solution such as Scansafe (http://www.scansafe.com/) where, as far as I know, we would basically just configure our firewall/routers to allow port 8080 access to the Scansafe servers and then we would be relying on it to carry out our URL filtering and malware scanning.
Obviously the benefit of this solution is that it frees us of the burden of buying, maintaining and updating additional hardware in-house. It would also have the benefit of allowing us to "break out locally" at our remote offices and still know that our web security is being maintained.
BUT is there anything we are overlooking? What advantages/disadvantages would there be in other solutions (especially in comparison to above)
e.g. - Using our ASA for URL filtering and directing it to supported products like Websense or Smartfilter (presumably would mean we would have to "hairpin" remote office web traffic back through HQ and thus slow things down for them?)
- Using the Cisco Content Security Module
Any advice from those with more expertise in this area or those that have carried out similar exercises in the past would be most appreciated!