Google could release a content filtering product

It's evident the best strategy to obtain informations from users it's offering them something valuable in exchange.
This strategy is well-known by several companies, abandoning traditional marketing approaches in last years and offering whitepapers and small freeware as standard business practice.
But probabaly no company embraces this vision like Google, which actually monitors an overwhelming amount of users details offering several valuable products.

Further releases will then aim to fill as much users needs as possible, covering areas where no solution exist or where existing solutions are too expensive (3D modeling tool SketchUp is an example in this direction).

Next big, possibly the biggest, step in this direction could be the release of a content filtering product: a software proxying requests departing from computers to Internet, blocking or warning in case of prohibited contents.
Initially focused only on URL filtering, this technology extended controls also on email, FTP, P2P and other network oriented protocols, becoming the first tool for business productivy control at office and parental control at home.
The most popular company in this segment is Websense.

The URL filtering component, still the most requested feature, relies on the the activity of cataloging Internet sites in several groups like politics, sex, technology, news and so on, permitting the administrator to block a whole category at will and redirecting requests for a site contained in that category to a warning page.
Efficacy of this blocking activity completely depends on how precise and how often is updated the catalog, which require huge resources and intelligent algorithms to correctly label as much sites as possible. Something that translates in a very expensive product.

After working some years with URL filtering technologies I can say they are far from perfection but the precision level without customization is satisfactory for most businesses and surely for home usage.

Google could release such tool easily.

From a technical point of view the search leader can count on the widest and most updated database (think Google Sitemap tool used by worldwide site maintainers to push changes as fast as possible) ever, on a categorizing algorithm in experimentation (look at the recent Google Related Links and Google Sets), on a highly trusted desktop tool to do the monitoring (Google Toolbar, actually bundled with more and more 3rd parties, unrelated products).
Also it's important to remember that a first form of content filtering is in place (and active by default) on searches since months with the SafeSearch feature.

From a motivational point of view Google would have reasons as well: accused to not strictly control indexing of child exploitation contents, the company's Associate General Counsel recently remarked committment to filter our pedopornography. Closing with a promise:

These are just the beginning. We believe that much can be done to combat child exploitation online, and are committed to doing our part to protect the Internet as a safe place for all.

Being Websense (and competitors) I would plan as soon as possible the release of a free-for-personal-use version of my product.


Update: As predicted Google started implementing a rating system for its results, as Site Advisor does, thanks to cooperation with The Stop Badware Coalition.

From here to a full-featured content filtering product the step is short.

Sun Certified Security Administrator for Solaris 10 exam for free

Sun is going to launch its new security exam, Solaris 10 Sun Certified Security Administrator (311-303), in beta.

The exam's questions will be chosen from 6 main topics:

• General Security Principles and Features


• Installing Systems Security


• Principles of Least Privilege


• Cryptographic Features


• Application and Network Security


• Auditing and Zone Security

Everybody will have a chance to try it for free from July 17 to July 28 at any Prometric testing center. Registrations will start from July 3.

I really believe it's worth to try.

Microsoft releases ISA Server 2006 release candidate and anticipates ISA Server 2007

Today, during the Tech Ed 2006 conference keynote, Bob Muglia detailed the new Microsoft strategy for security, which is now under the name Microsoft ForeFront.

ForeFront will include, among others, ISA Server, which today reached the release candidate status.
But the most interesting news is about an upcoming ISA Server 2007, which is planned for 2H 2007 as the ForeFront roadmap discloses, and will surely be build on top of codename Longhorn stack.

Ethereal becomes Wireshark

The open source, multi-platform, worldwide famous network analyzer known as Ethereal just dropped its name, since its creator, Gerald Combs and the core development team moved from NSI to CACE Technologies.

CACE already employees Gianluca Varenni and Loris Degioanni, developers of WinPcap, the worldwide famous packet driver for Windows, born in italian Turin's Politecnico, which is used by Ethereal for sniffing on Microsoft platforms.

The Ethereal trademark is hold by NSI who refused to release it, so the project moved and adopted the new name Wireshark.


At now it's unknown what will happen to existing Ethereal bits (last version is 0.99.0), mailing lists, etc. but it's sure Wireshark is approaching 1.0 release (a 0.99.1 pre-release is available here), as Combs himself explains in the announcement thread.

The Ethereal repackaging offered by Network Chemistry, Packetyzer, will probably follow this change and adopt the new engine accordingly.

Security Event Managers 2006 comparison

After the 2005 InfoWorld comparison of 5 Security Event Managers (SEMs) leader products, we have now another interesting comparison by Network Computing.

This time reviewed products are 8:

• ArcSight ESM


• Higg Tower Security Event Manager


• LogLogic ST 3000 and LX 2000


• Network Intelligence enVision


• OpenService Security Threat Manager 3.5


• Q1 Labs QRadar


• SenSage Enterprise Security Analytics


• Symantec Security Information Manager 9500

Network Computing also published a list of SEM vendors who refused to partecipate in the comparison, which is pretty appreciable for having a big picture of this market's players.

The whole comparison is very complete and includes prices, which is usually a very difficult information to obtain.
Anyway Network Computing approached the analysis not testing products limits so you won't find any information about event/second rate. They just reported to have sent 40-60 event / second in the lab network, so we can safely assume it's a supported minimum rate.

Read it here.


While checking the comparison you may also want to take a look at a couple of previous posts: The need for Security Event Managers and Sizing a SEM solution.

Webcast: Network Access Protection for Microsoft Windows codename Longhorn and Vista

Microsoft has scheduled for 29th June a webcast about its upcoming Network Access Protection (NAP) endpoint security offering:

Viruses, worms, and malware are a costly disruption to today's business processes. Customers seek a flexible solution that allows them to enforce policies across varied connection scenarios, using the network infrastructure already in place. Network Access Protection (NAP) is a solution set that emphasizes policy-based network access. The NAP platform inspects endpoints before allowing access to networked resources, and ensures that only endpoints that comply with pre-set policies are allowed to connect. This webcast provides an overview of the NAP framework of technologies. Join us to learn how the NAP system works and how your organization can benefit from deploying it.

It's quite simple (level 200) and it should be interesting for who would like to have an idea of the Microsoft implementation.

Register for it here.


You may want to check also the official documentation about NAP here.