Pearl Software Blog

Internet Monitoring and Web Filtering Topics

Web Filtering: Choke-Point vs. Endpoint

There are generally two main enterprise architectures used to monitor and/or filter access to content available on the Internet: Choke-Point (web proxy, router, firewall, etc.) and Endpoint (client-server). Each has its advantages and disadvantages that we will explore.

Choke-Point Architecture

The Choke-Point architecture provides a central point of access to the Internet for all users.  The Choke-Point is normally a server, firewall or router with embedded filtering software or one or more “Internet appliances” – stand-alone devices for targeted applications.  Websense is an example of a caching Web proxy server that provides a nearby store of Web pages and files originating on remote Web servers, allowing local network clients to access them more efficiently.  When it receives a request for a Web page, a caching proxy looks for the content in its local cache. If the content does not exist in the proxy’s cache, the proxy server retrieves it from the appropriate Internet server in order to satisfy the request and saves a copy in its local cache for future requests. Sonicwall and Watchguard are examples of firewalls with embedded filtering software; usually third party URL filtering databases.  Since requests to access Internet sites are sent from each workstation in the managed environment, a decision about whether the site may be accessed can be made centrally at the Choke-Point. If a user requests a site that is determined to be off limits, the server or device returns a response to the user indicating that access is denied. More...


Senator Grassley – The NSF’s Worse Nightmare?

Last year Senator Grassley launched a probe to investigate reports that the National Science Foundation violated federal laws by approving use of taxpayer money for “unallowable expenses,” including alcohol, lobbying and extravagant parties.

A few years prior, the same Senator Grassley had his sights set on the NSF after hearing reports of the inordinate amount of employee time spent on explicit Internet activity.  Reports indicate that one NSF senior official was discovered to have spent 20 percent of his day “viewing sexually explicit images and engaging in sexually explicit online ‘chats’ with various women.”  Another employee was reported as having video chats to enable his on-the-job sexting.  The NSF has since implemented Web Filtering software. More...