CensorNet provides internet content filtering solutions for ISPs and businesses. Their flagship product is the CensorNet ICAP Server, which integrates with existing ICAP infrastructure to provide scalable web filtering. Key benefits of the ICAP Server include high performance through optimized architecture, support for third-party URL classification engines, and low total cost of ownership. CensorNet works with customers to design customized filtering deployments tailored to their specific network and requirements.
1. CensorNet Ltd
An introduction to ISP filtering
Presented by:
Firstname Lastname
Job Title
Email: first.last@censornet.com
Tel: 1234567890
2. Company Overview
CensorNet v1.0 released
as open source
CensorNet open
02/07 CensorNet 11/09 Development of
source protects
Professional launched Cloud CensorNet started
over 1million end
users 11/07 CensorNet
shortlisted for BETT
CensorNet launches
Award
MailSafe, e-mail
SaaS security
07/05
CensorNet Ltd CensorNet
incorporated launches VMWare CensorNet
2008
Certified product joins the
CensorNet Ltd
08/10 CensorNet ICAP Forum • Mobile filtering solution
joins the IWF
achieves BECTA
accreditation • Cloud Service for
CensorNet Pro achieves MSP/ISP
Checkmark Premium
from West Coast Labs
5. Challenges
Traditional filtering proxy servers may not scale well
Web access is real time ∴ performance critical
Large data flows must be handled
High availability is mandatory
Integrate with often complex existing infrastructure
6. Our solution – “CensorNet ICAP Server”
Integrates easily with existing ICAP enabled equipment
Provides technology components to rapidly build a bespoke
web filtering service
High speed and reliability – designed specifically for examining
content
Based on open standards – ICAP Forum.org
Wrap-around consultancy service for planning and deployment
7. Key benefits
Scalable architecture
Highly optimised proprietary ICAP Server (64-bit)
Pipelining for early responses
Dynamically sized thread pools
Zero-copy policy on data buffers
Minimal inter-thread locking
Highly optimised DFSA protocol grammar parsers
Supports 3rd party URL classification engines
RESTful API for integration with existing portal
Low total cost of ownership
8. Example deployments
CensorNet builds bespoke web filtering
platforms that meet the exact requirements of
its customers.
15. Why ICAP (Internet Content Adaptation) ?
Open Standards – compliant with 3rd party proxy/cache/router
devices
Designed specifically to solve this type of problem
Scalable – multiple ICAP servers to service requests & responses
from multiple caches/proxies/routers
More efficient than HTTP proxying
Preserves source IP (transparent)
Special “Preview” and “204 responses” designed to reduced
traffic/bandwidth requirements
16. Performance expectations
Each ICAP Server instance with 1 CPU core can handle up to
10,000 persistent connections*
If squid/tproxy servers are required to simulate ICAP Client, each
squid proxy can handle up to 4,000 persistent connections per CPU
core*
URL categorisation ~ 50,000 transactions per second on 2.5GHz
x64 core
* Dependent on policy complexity
17. ICAP Server Components
ICAP Server
Policy engine & manager
“Whitelist” management
Source IP / Username via RADIUS cached lookup
Local URL database cache
Policy scheduler
URL database and real-time lookups
Management
SSH
XML Configuration
Web User Interface (Q1, 2011)
18. Content Classification
144 URL categories
Multiple language support
Embedded URL scanning
Up to 5 categories per URL
“In the cloud” rating of new URLs
100+ multi-lingual analysts 24x7
“Nocats” typically classified in 20 minutes
19. Deployment options
Bare metal servers
Virtual servers (VMware ESX/i)
Blade system
3rd party load balancers (CISCO)