Product Reviews

Control Your World

Total Traffic Control puts you at the helm of your network traffic.

• By Ben Brady
• 11/01/2006

Wrapping a firewall around your network used to be all you had to do to establish a decent level of security. Not any more. In most cases, controlling your internal traffic is just as important as controlling the external traffic. To do that as best you can, most of you use a combination of the myriad hardware and software available to provide anti-virus, bandwidth management, content filtering, firewall services, intrusion detection, spam blocking, spyware and other management and security services.

Total Traffic Control version 6.0 (TTC) is the latest incarnation of Lightspeed Systems' traffic management package. This incredibly granular tool covers all those functions mentioned above. It also has an extensive reporting capability with server and Web-based management utilities that let you set up for remote administration.

TTC uses a Microsoft SQL Server back end to store configuration settings, so there are some fairly hefty system software requirements. TTC requires Microsoft 2000 Server or Windows Server 2003, Microsoft SQL Server 2000 (Lightspeed recommends using the Standard Edition) and Microsoft's .NET Framework 2.0. At the time of testing, it did not support Microsoft SQL Server 2005.

Installing the TTC Security Server is a four-step process:

1. Prerequesite check. To determine discrepancies on hardware and software that might impede installation.
2. Installation. Windows Installer service uses the supplied .MSI file to copy the software components onto the server and start the supporting services.
3. Initial configuration. TTC gathers information about your setup.
4. Apply latest updates. You should have your TTC Security server be a dedicated server -- not a domain controller, DNS, DHCP or other enterprise network server.

Transparent Bridge Mode is the most common and recommended method of placing the TTC Security Server in your network. When you set up your TTC Security Server this way, your network connectivity will be interrupted while placing your Internet access from your router or your security device to your TTC Security Server. You'll need one network interface card (NIC) for management purposes and connectivity to your Internet access or security device, and two additional NICs for connectivity back to your LAN's switch fabric.

Control Center
TTC version 6.0 gives you granular control over all aspects of your network. Launching the Web-based dashboard and going down through the menu will give you a good feel for what TTC can do.

TTC monitors all the traffic coming in and going out of your network, as well as the traffic circulating within your network. There are more than 50 different report formats available. If you need to know where your traffic is going, who is using instant messaging, or who is sending the most e-mail, you are just a couple of clicks away from gathering and presenting that information. You can print these reports as a PDF or export them to .CSV files.

The content filtering section is probably the most enjoyable and easiest to use. TTC installs and updates the initial database during installation, but since it's on your server, you have total control of its contents. You can edit all of the preconfigured content, block or allow sites and apply filtering based on users, IP addresses, groups or domains.

You can create your own filtering categories and set your own redirection page when someone attempts to visit filtered content.

The spam blocking services use a number of the most popular methods. They're all rolled into one for TTC Security Server. The best part is that you have control over this function, unlike many of the third party or subscription services. You can create your own blacklists and whitelists. TTC updates keep you up to date on the Bayesian filters, and it integrates with your content filter to search for domains as well as content that you may have already filtered.

[Click on image for larger view.]

Figure 1. Manage the Security Server through a Web-based interface.

TTC replies to blocked messages with the reason they were perceived as spam. It also stores the messages in a SQL database for as long as you need it to. You can send your users a daily report of blocked messages. You can also give them the chance to access these messages through a password-protected Web site.

The firewall portion of TTC is actually a stateful inspection firewall. As with your content filtering, you can create policies based on users, groups, IP addresses, applications, time of day and several other factors. The security server also has a built-in intrusion detection and prevention system.

Playing with the Bandwidth
The bandwidth management is the portion of TTC that gives you complete control of your network traffic. You have granular control of traffic based on ports, IP addresses, applications, users, groups and even the time of day. If peer-to-peer traffic or instant messaging is causing your network problems or just causing a loss in productivity, you can monitor and control that specific category of traffic. You can also set up traffic prioritization using class-based queuing.

My overall experience with TTC was a positive one. My only difficulty came with server initialization and downloading the initial database. One visit to the knowledge base provided me with all the information I needed to manually re-run the process and I was up and running. The knowledgebase and documentation available through Lightspeed Systems' Web site is very thorough and helpful.

TTC's server-side interface, security agent on the hosts and the Web-based administration are all very well presented and intuitive. The monitoring and reporting (especially of your internal network traffic) is a welcome addition in any network.

Having been in the industry for quite some time, I always recommend a layered approach to network security. Lightspeed Systems' Total Traffic Control would make an excellent addition to your overall network security and management plan.