SafeSquid - A Web Filtering Proxy

Submitted by vendor: SafeSquid
Last updated: 12/11/2010
About Company
Company Name: 
Office Efficiencies (India) Pvt. Ltd.
Number of URLs Company Has Categorized: 
7 million
Links to Third Party Reviews: 
http://www.techradar.com/news/software/applications/6-of-the-best-content-filters-for-linux-698307?artc_pg=3 http://www.linux.com/archive/feature/146442 http://www.work.com/proxy-servers-5379 http://xxxchurch.com/getinvolved/index/blog/computersthatknowwhatpornlookslike.html http://wiki.clamav.net/bin/view/Main/SafeSquid
Library References (include Contact Info): 
Additional Comments About Company: 
URL to product: 
http://www.safesquid.com/
Platform and Pricing
Type of Product: 
Runs on proxy server
Type of Product: 
Runs on other server
Type of Product: 
Can be run on client also
Type of Product: 
Software appliance
Platforms Supported: 
Linux - All flavors Microsoft Windows - Windows 2000 and above
Cost of One Time Fee (for 50 users): 
US$350
Cost of Annual Subscription (for 50 users): 
US$228
Complete Pricing Schedule: 
* 5-14 concurrent users - $10 per user * 15-24 concurrent users - $9 per user * 25-49 concurrent users - $8 per user * 50-99 concurrent users - $7 per user * 100-199 concurrent users - $6 per user * 200-399 concurrent users - $5 per user * 400-799 concurrent users - $4 per user * 800 and above concurrent users - $3 per user * Unlimited user editions also available
Filtering Technology
Process for Categorizing a Site: 
Web crawlers + Manual
Percentage of Category Decisions Reviewed by Human: 
Description of Each Content Category with Example URLs: 
Categories Vendor Recommends for CIPA Compliance: 
Granularity of Your Block List: 
Block by IP address
Block by hostname
Block by top level domain
Block to page level
Examples of Each Item Selected Above (Granularity): 
* Access policies can be defined based on client IP or IP ranges * Access policies can be defined based on user-names and user-groups (created within SafeSquid Web Interface) * Access policies can be defined based on user-names and user-groups from an external authenticating server, like Active Directory or LDAP * Granular access policies for full access, mild filtering or strict filtering, based on IPs, IP ranges, user-names and/or user-groups * Blocking websites to specific or all users/groups, based on website category, e.g. games, email, news, adult, etc. (31 categories) * Blocking web pages to specific or all users/groups, based on specific keywords and phrases found in the page * Blocking applications to specific or all users/groups, based on signatures, e.g. MSN Messenger, Yahoo Messenger, Google Talk, Download Accelerators, Media Players, etc. * Blocking access to specific or all users/groups, based on time and/or day * Blocking content to specific or all users/groups, based on content/file/mime type, e.g. audio, video, application or .mp3, .zip, .flv, etc. * Blocking cookie exchange between specific or all users/groups, and unwanted hosts, e.g. Ad servers * Blocking unwanted ads and banners from web pages to specific or all users/groups * Real-time blocking of Pornographic Images from almost any source * Enforcing SafeSearch option to specific or all users/groups, on search engines like Google, Yahoo, Bing, by overriding user preferences, to prevent users from searching for, or search engines from displaying unwanted content in search results. * Enforcing YouTube Safety Mode to specific or all users/groups, by overriding user preferences, to prevent users from searching for, or YouTube from displaying unwanted videos in search results. For details, see - http://www.safesquid.com/html/portal.php?page=110
Frequency of Updates to Blocked Site List: 
Continues process, real-time updates
Description of How Updates are Applied: 
Whenever a user requests for any website, the cProfiles module verifies if the website is listed under the specified categories. It first checks its cache for an entry. If the entry is found in the cache, cProfiles adds the profile instantly to the request. If the entry is not found in the cache, the cProfiles module sends a query to SafeSquid's Content Categorization Service (CCS), and caches the results. cProfiles uses DNS technology to query the CCS. Unlike legacy technologies that forces users to store huge databases, cProfiles caches only 'really visited' websites and therefore, utilizes very little system resources. Since the categorization happens in real-time, users do not have to regularly download updates to keep their database up to date. For details, see - http://www.safesquid.com/html/portal.php?page=132
Block Page Displayed or Blocking Transparent to User: 
Displayed
Additional Comments on Blocking: 
You can create your own custom html pages (with company logo and custom messages) that should be displayed to users, when a requested content is blocked. Different messages can be displayed for different events, based on users/groups, or type of content blocked, e.g. pages blocked when unwanted words are found, websites blocked by categories, time-based blocks, etc.
Items that Can Be Included on Block Page (if applicable): 
Category causing the block
Customizable message
Password override
Does filter provide dynamic filtering of pages as they are accessed?: 
Yes
Does content filtering work on a weighted system controlled by administrator: 
Yes
Describe how dynamic content filter can be changed by administrator, if applicable.: 
Can filter by file type: 
Can block by extension--applies to all categories
Can block by extension within a category
Can block by MIME type--applies to all categories
Can block by MIME type within a category
Can block by protocol--applies to all categories
Can block by protocol within a category
General Administration
Can Have Multiple User/ Filter Profiles: 
Yes
Additional Comments on Filter Profile Options: 
Admin Can Selectively Enable Categories: 
Yes
URLs in Each Content Category Are Viewable: 
Provide URL Lookup: 
Keyword Blocking: 
Admin Can Disable
Admin Can Remove Sites From Category: 
yes
Users Can Recommend URL Recategorization to Company: 
No
Admin Can Modify Categorization of URL: 
Yes
Admin Can Add New Categories: 
Yes
Admin Can Add Sites to a Category: 
Yes
Admin Can Block Images But Not Text Within a Category: 
Yes
Reporting Capabilities: 
Detailed usage reports based on users, groups, websites, blocked content, security breaches, top X users, top X websites, top X applications, top X keyword searches, top X banwidth users, etc. etc.
Integrates with Directory Service (LDAP, Active Directory or NDS): 
LDAP
Active Directory
NDS
Can import URLs to Always Allow List: 
Must enter URLs manually
Number URLs One Can Add to Always Allow List: 
Unlimited
Overriding
Can Filter be Turned off at the Workstation: 
No
Describe Process and Options Available for Turning Off Filter at Workstation: 
Can only be turned off by an administrator, from the server, with browser based GUI Interface
Blocked Page Can Be Overridden by Admin: 
Yes
Describe Process and Options For Overriding a Blocked Page: 
Administrators can override blocked pages, for specific or all users/groups, from the server, with browser based GUI Interface
Admin Can Turn Filter Off for a Period of Time: 
Yes
Process and Options for Turning off Filter for a Period of Time: 
Administrators can create time-based rules for turning off filter for specific or all users/groups. These rules can be very granular, and can be create in advance, for specific events. For example - (1) Between 2pm to 3pm (2) every Saturday (3) between 25th December to 31st December 2010 (4) between 25th December to 31st December every year
Additional Comments on Overriding Options: 
SafeSquid's configuration allows you to very precisely define situations. Each situation thus defined, is referred to as a 'Profile'. Each Profile can be defined (or bound) by a programmable set of conditional parameters. Profiles are used as a conditional parameter in almost all of the various filtering sections in SafeSquid. You can thus ensure that filtering action happens exactly, as required. SafeSquid's Profiles feature allows you to accommodate the demands of extremely granular rules for Internet Access privileges and restrictions. You can deal with most complex situation, as long as you can accurately defining a situation, and thus properly Profile a situation. For details, see - http://www.safesquid.com/html/kb.php?mode=article&k=15
Internal