iPrism

What is iPrism?
iPrism v4.0 is a full-featured, dedicated Internet filtering appliance designed for high performance and reliability. The only appliance-based solution truly optimized for filtering and interoperability, iPrism enables organizations to effectively monitor, block and report on their users' Web activity.

What are the NEW features of v4.0?

•	Dynamic Port Detection & Filtering for Instant Messaging (IM) and Peer-to-Peer (P2P) - iPrism will now detect, block and log both instant messaging and peer-to-peer traffic, as well as filter Web and IM/P2P protocols regardless of the port they go through. Individual IPs, ranges of IPs, or subnets may be identified and excluded from the policies restricting the use of these applications. IM and P2P application may be customized on a per protocol basis to reinforce "Acceptable Use Policies" with employees. For example, you may allow some IM protocols and not others for particular IP addresses or ranges of addresses, including subnets, and also by time of day.
•	Real-time Event Monitoring and Viewing - Real-time monitoring occurs when web pages are requested or when an IM/P2P event occurs. Real-time event viewing - iPrism has the ability to display a real-time event log showing what URLs are being accessed, when a P2P event occurs, or when an instant-message event occurs. The administrator has the ability to filter what's being shown by user or by category.
	•	IM & P2P reports provide both detailed and summary data on enforcement activity by protocol.
	•	Graphical reporting is available.
	•	There is drill-down reporting for more granular presentation of data.
	•	Reports can be saved in PDF format or tab separated data (Crystal Reports, Excel, etc)
	•	Data is now recorded in a single, cohesive event, as opposed to previous versions of iPrism where data was recorded in two separate areas making it difficult to correlate.
•	Report Design Wizard - iPrism includes a "Report Wizard" that allows you to design, create and customize reports easily.
•	Report Metrics - iPrism can generate data for reports at least twice as fast previous versions. Of course, this measurement does not include the time your PC takes to create the report since there are too many variables to make that a metric.
•	Security Sites Updated Hourly (Spyware, Malware and Phishing) - iPrism gives you virtual real-time protection against sites that carry Spyware, Malware or Phishing. Your iPrism appliance is updated hourly with new URLs by our iGuard team so you can be sure of maximum protection from potentially damaging sources.
•	Auto-Login Enhancements - iPrism provides authentication via Windows 2003/Kerberos without requiring administors to diminish security levels for registry changes or any other alterations. iPrism supports simultaneous multiple domain controllers including Windows 2003/Kerberos, LDAP (active directory) and Windows NTLM.
•	Zero-Impact Filtering for Positive Events - The iPrism examines each network packet as it "bridges" it on through the network. If it sees a request for a Web page, the request goes out to the Web while iPrism checks simultaneous against existing policies of acceptable Internet usage to determine whether the request is permissible. If the request is within policy, it is passed on, if not, the request is blocked. There is no latency because the fulfilling of the request and the policy enforcement are occurring at the same time. In the event the request is returned before the policy has been determined, it will be held in a queue, and if it is determined to be a valid request, the iPrism will allow it through.

When will existing customers receive iPrism v4.0?
Because iPrism is an essential part of our customers' IT infrastructure, we responded to your feedback of having a seamless migration by creating a special release, v4.1. This release of iPrism will include all the features and functionality of v4.0, in addition to a few new ones. More importantly, this release insures that all the settings and policies they have created will remain untouched during the upgrade process - and this upgrade is included in their current subscription. If you are an existing iPrism customer, we encourage you to take advantage of the special v4.1 release which is scheduled for availability in November, 2005.

Why is iPrism better than software-only solutions?
1. There is no additional hardware or software to purchase, install, or manage. iPrism does not require additions to workstations, servers, firewalls or other network components.

2. iPrism provides automatic operating system and application software updates. Software solutions force their customers to download and install any patches, upgrades, etc.

3. Since iPrism includes both hardware and software, there is only one vendor to contact for support. Software solutions may require multiple vendor contacts depending on the issue.

4. iPrism is platform-independent and works in virtually any environment. This allows iPrism to easily adapt to changing network equipment. Software vendors may not work in certain platforms or network equipment and do not easily adapt to change.

5. iPrism offers a much lower total cost of ownership.

Do you block web sites by IP address?
No. iPrism filters by full URL names and includes the ability to block top level directories while allowing subdirectories for maximum flexibility and precision control. URL-based filtering is required to properly handle virtual Web site hosting. Since many ISPs host multiple Web sites on the same server, products that block based only upon IP address will incorrectly block every site on the hosted Web server, even though some sites do not contain inappropriate content.

What happens if someone enters and IP address to access a site?
iPrism will automatically detect IP address entry and properly handle them as if the site had been entered by URL name.

Can users circumvent iPrism filtering?
No. In the recommended configuration, iPrism controls all network traffic to and from the Internet. Any attempts to bypass the filter are blocked and logged as an access violation.

Are user override privileges supported?
Yes. When a user tries to access a blocked Web site, a message indicating that access was denied is displayed instead of the requested page. This page allows users with override privileges to enter a password for immediate access to the requested Web site.

How do I receive software updates?
You may select to have software updates automatically downloaded and applied to your iPrism or manually apply software updates when you choose. Automatic software updates are performed without any user intervention.

Does iPrism offer reporting?
Yes. In addition to proactive filtering and blocking of inappropriate Internet access, iPrism provides full monitoring and logging of all successful and unsucessful Internet accesses, giving your organization a complete profile of user activity. Comprehensive reporting is built into the iPrism appliance and is included at no extra charge.

What if I only want to monitor Internet access?
You can determine on a category-by-category basis whether you want to monitor access, block access, do both or do neither. When monitoring, reports are available allowing you to show detailed site-by-site access or summary reports showing what content categories are accessed by which users.

Does iPrism filter other Internet services?
Yes. iPrism can control access to a wide variety of other productivity and bandwidth draining services, such as streaming audio, streaming video, FTP, IRC, and ICQ chat. Additionally iPrism filters IM and P2P protocols.

How does iPrism connect to my network?
iPrism has dual 10/100Mbps network interface cards and is typically connected between your router and LAN. Other connection options exist to meet special needs.

What does an iPrism filtering subscription include?
Subscriptions include the following:

What categories are in the iGuard database?
Detailed category definitions can be found in this pdf:
iGuard Categories

What are the differences between the model 1200 and model 3000 appliances?
The primary differences are in performance. The Model 3000 can handle approximately 30 Mbps of HTTP traffic. That is nearly 3x the ability of the Model 1200. The Model 300 also has a Gigabit interface.

Product Overview
Internet Based Threats
Mitigation of Risks
Product Specifications
iGuard Database
Reporting
Screen Shots
Network Topology
FAQ's

Product Literature
Awards / Reviews
Flash Demo
Request Information

Education
Healthcare
Citrix (PDF)