Product Reviews

Control Your World

Total Traffic Control puts you at the helm of your network traffic.

Total Traffic Control 6.0
Documentation 30%
Installation 15%
Feature Set 30%
Management 25%
Overall Rating:

1: Virtually inoperable or nonexistent
5: Average, performs adequately
10: Exceptional

Wrapping a firewall around your network used to be all you had to do to establish a decent level of security. Not any more. In most cases, controlling your internal traffic is just as important as controlling the external traffic. To do that as best you can, most of you use a combination of the myriad hardware and software available to provide anti-virus, bandwidth management, content filtering, firewall services, intrusion detection, spam blocking, spyware and other management and security services.

Total Traffic Control version 6.0 (TTC) is the latest incarnation of Lightspeed Systems' traffic management package. This incredibly granular tool covers all those functions mentioned above. It also has an extensive reporting capability with server and Web-based management utilities that let you set up for remote administration.

TTC uses a Microsoft SQL Server back end to store configuration settings, so there are some fairly hefty system software requirements. TTC requires Microsoft 2000 Server or Windows Server 2003, Microsoft SQL Server 2000 (Lightspeed recommends using the Standard Edition) and Microsoft's .NET Framework 2.0. At the time of testing, it did not support Microsoft SQL Server 2005.

Installing the TTC Security Server is a four-step process:

  1. Prerequesite check. To determine discrepancies on hardware and software that might impede installation.
  2. Installation. Windows Installer service uses the supplied .MSI file to copy the software components onto the server and start the supporting services.
  3. Initial configuration. TTC gathers information about your setup.
  4. Apply latest updates. You should have your TTC Security server be a dedicated server -- not a domain controller, DNS, DHCP or other enterprise network server.

Transparent Bridge Mode is the most common and recommended method of placing the TTC Security Server in your network. When you set up your TTC Security Server this way, your network connectivity will be interrupted while placing your Internet access from your router or your security device to your TTC Security Server. You'll need one network interface card (NIC) for management purposes and connectivity to your Internet access or security device, and two additional NICs for connectivity back to your LAN's switch fabric.

Control Center
TTC version 6.0 gives you granular control over all aspects of your network. Launching the Web-based dashboard and going down through the menu will give you a good feel for what TTC can do.

TTC monitors all the traffic coming in and going out of your network, as well as the traffic circulating within your network. There are more than 50 different report formats available. If you need to know where your traffic is going, who is using instant messaging, or who is sending the most e-mail, you are just a couple of clicks away from gathering and presenting that information. You can print these reports as a PDF or export them to .CSV files.

The content filtering section is probably the most enjoyable and easiest to use. TTC installs and updates the initial database during installation, but since it's on your server, you have total control of its contents. You can edit all of the preconfigured content, block or allow sites and apply filtering based on users, IP addresses, groups or domains.

You can create your own filtering categories and set your own redirection page when someone attempts to visit filtered content.

The spam blocking services use a number of the most popular methods. They're all rolled into one for TTC Security Server. The best part is that you have control over this function, unlike many of the third party or subscription services. You can create your own blacklists and whitelists. TTC updates keep you up to date on the Bayesian filters, and it integrates with your content filter to search for domains as well as content that you may have already filtered.

Figure 1
[Click on image for larger view.]
Figure 1. Manage the Security Server through a Web-based interface.

TTC replies to blocked messages with the reason they were perceived as spam. It also stores the messages in a SQL database for as long as you need it to. You can send your users a daily report of blocked messages. You can also give them the chance to access these messages through a password-protected Web site.

The firewall portion of TTC is actually a stateful inspection firewall. As with your content filtering, you can create policies based on users, groups, IP addresses, applications, time of day and several other factors. The security server also has a built-in intrusion detection and prevention system.

Playing with the Bandwidth
The bandwidth management is the portion of TTC that gives you complete control of your network traffic. You have granular control of traffic based on ports, IP addresses, applications, users, groups and even the time of day. If peer-to-peer traffic or instant messaging is causing your network problems or just causing a loss in productivity, you can monitor and control that specific category of traffic. You can also set up traffic prioritization using class-based queuing.

What It Needs:

Besides the system software requirements, Total Traffic Control needs at least a Pentium 4 2.4Ghz processor for networks running up to 10Mbps of traffic. Networks running more than 10Mbps of traffic will need dual Pentium 4 2.4Ghz processors. The minimum RAM is 2GB, although 8GB is recommended. -- B.B.

My overall experience with TTC was a positive one. My only difficulty came with server initialization and downloading the initial database. One visit to the knowledge base provided me with all the information I needed to manually re-run the process and I was up and running. The knowledgebase and documentation available through Lightspeed Systems' Web site is very thorough and helpful.

TTC's server-side interface, security agent on the hosts and the Web-based administration are all very well presented and intuitive. The monitoring and reporting (especially of your internal network traffic) is a welcome addition in any network.

Having been in the industry for quite some time, I always recommend a layered approach to network security. Lightspeed Systems' Total Traffic Control would make an excellent addition to your overall network security and management plan.

comments powered by Disqus

Reader Comments:

Sun, Sep 20, 2009 X2dmax Los Angeles

I've been familiar with this TTC from 2004-2007. Initially we had a T1 connection out to the internet. TTC would lock up at least once a month. After increasing the bandwidth to 20mbps, the lockups seemed more frequent. Eventually we installed a Cisco ASA for firewalling, 8e6 for content filtering and Bright Mail for Spam. TTC does mostly reporting now. With everything broken up, it seems that lockup are very rare now

Thu, Mar 6, 2008 Anonymous Anonymous

Uh - it like blocks everything.

Fri, Sep 7, 2007 Anonymous Anonymous

I've found math sites that were blocked because they were in the "Adult" category!! It also blocks the local metro transit webpage that I use to find bus routes because it's in the "Audio-Visual" category. It must think anything Flash is not appropriate for work. Grrr.

Fri, Aug 31, 2007 Anonymous Anonymous

anonymous says: the light speed systems want let me get on anything I tried to look up something about soccer and it said was blocked because it was shoping and it was blocked because it was under the "Forms"

Tue, May 1, 2007 kim robinson duluth

Total Traffic Control will not allow me to access my e-mail !!! WHY????

Mon, Apr 9, 2007 Anonymous Anonymous

We are changing from a SonicWALL firewall Barracuda Email filter combination to the Lightspeed system. We're changing because the Lightspeed system also provides Email archiving. The SonicWALL did the content filtering and firewalling, and the Barracuda filtered the Email. We will keep the SonicWALL for the firewall features. So far, that combination has been highly successful. I only hope the Lightspeed system works as well.

Thu, Dec 14, 2006 Anonymous Anonymous

Does Anyone know of a Appliance based filter that uses proxy pattern blocking?

Sat, Nov 25, 2006 GuruLeeNYC NYC

Here's my review on a comparable & supieror hardware appliance:

I originally heard about this appliance through a close friend years ago and he gave it high stars! Then a couple months ago I saw it in action at the NYC InterOP Expo and I was IMPRESSED! must of hung-around their exhibit for about an hour (not b/c of the girls in mini-skirts or tight T's). I put my order in for a DC30 two days later, but the release/ship date for the new version 7.x, which was approx. 4 weeks away (11/13/06). The day came and gone--the release date was delayed.

I received the DC30 approx. 2 weeks ago and it has been nothing less than a LOVE/HATE relationship. The initial installation seems simple, but the "Setup Wizard" couldn't complete w/o technical support manually remoting in and allowing the process to complete (supposed ICMP outbound firewall issue...). However, I was immediately attracted to the GUI's ease of use and design. The Real Time Monitor is an AWESOME complete real-time view of your Internet traffic. Within 2 days I have discovered approx. 20 deal breaking bugs with Content/Application Filtering, Database stability/corruption, GUI shortcomings, and issues with the overall reliability of the appliance.

Today and three painful patches later, about half of the bugs have been addressed, or are in the process of being resolved. The appliance is still installed in my production environment and I am overall pleased with the direction of the company and the future of the appliance. Hopefully most of the remaining bugs and shortcomings are patched/release before my 60-day evaluation...

Major Shortcomings: Email notifications, Custom Content Filtering categories, and Config/DB Backup ability

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.