Objects and data passed through MIMEsweeper for Web are managed in 4 stages:

Stage 1: Policy Identification
Recognition of policy rules as defined by user

• User Authentication - determines user Internet access privilege by LDAP user list, NT user list, Text file user list (user defined)
• Application of security operation on each entity as set up in the policy scenarios, including application of time-of-day policies
• Bi-directional policy application i.e. to both downloads from the Web or posting of files on to the Web e.g. Web-based e-mail

Stage 2: Content Disassembly
Recursive disassembly of objects to identify original content

• Identification of the contents in HTTP and browser FTP traffic
• Recognition and management of key formats used in Web transfers:-Compression/ encoding formats - TNEF, UUE, TAR, PGP, LZH, ARJ (including self-extracting ARJ), GZIP, RAR, CMP, ZIP (multiple variants), BINHEX and CAB, MIME, HTTP and binary; Document formats - CDA (MS Office) and Fax; Executable formats - Windows, Dos, Java byte; Image formats - JPEG, DXF, DWG, PSP, DNG, PIC, TIFF, PCX, FIL, BMP and GIF; Sound formats - MIDI, AIF, VOL, AU, WAV and MP3; Video formats - RM, MPEG, GM and AVI
• Recognition of content by file architecture, rather than just extension
• File blocker blocks files by name and can be used in association with wildcards
• Pattern matcher enables file types to be specified by their binary sequence giving administrators the flexibility to specify and block any file type

Stage 3: Content Analysis
Scanning by Content Managers of HTTP and browser FTP content according to policy

• Scanning by choice of major industry virus scanners, and support of multiple concurrent virus scanners
• Cleaning and re-composition of infected content
• Control access to Web pages by PICS, URL and advanced text analysis of Web pages and files e.g. for the control of pornographic or unsuitable Web pages
• Limit user access to certain Web pages to specified times of the day
• Validation by file type, file name or file size
• Validation of file downloads using Authenticode
• Detection of Java, Java script/Vbscript and ActiveX (ignore, remove, block)
• Control of cookies (ignore, remove, block), HTML automatic mailtos and Hidden forms and cyberwoozles (data siphoning)

Stage 4: Classification

• Classification and disposal of content according to your policy
• Allocation of actions e.g. page blocked, file blocked, threat removed before page delivered, upload blocked
• Configurable text message or HTML page informs users when a page is blocked
• Notification to appropriate parties e.g. SNMP alerts, NT alerts, e-mail alerts you browse on the Web

Browser Progress Messages

When a large file is being downloaded or validated there is a strong possibility that the connection between the browser and the Web server may time out and the download will be terminated. To avoid this problem MIMEsweeper for Web uses progress messages which have the added advantage of keeping the user informed of the download status.

Auditing and Reporting

MIMEsweeper for Web includes comprehensive auditing and reporting functions and includes standard graphical reports to provide detailed information such as top user usage, sites visited and threats detected.

A separate runtime statistics utility provides details of concurrent connections, number of users and threats blocked and links to ‘Performance Monitor’ to give administration data such as cache utilization, current requests and number of connections.

System Deployment

MIMEsweeper for Web should be deployed on a dedicated NT workstation or server. Each MIMEsweeper for Web machine will support up to 500 users (assuming a 10% concurrency*). For larger installations multiple MIMEsweeper for Webs can be deployed using load balancing hardware/software to distribute users sessions. Detailed deployment guidelines can be found on the Content Technologies Web site.

Technical Requirements & Recommendations

• Processor: Pentium III 800MHz
• Recommended 2GB disk space and a minimum of 512MB memory
• Microsoft Windows NT Workstation or Server version 4 plus Service Pack 5
• Internet Explorer 5 Service Pack 1
• Microsoft Management Console 1.2
• NTFS partition for installation of MIMEsweeper for Web
• TCP/IP networking
• Users choice of anti-virus tools
• SQL 7 for auditing and reporting

MIMEsweeper for Web is a trademark of Clearswift Technologies Inc.