Develop a compelling web filtering offering that integrates a URL database with excellent coverage, accuracy, malicious website detection, real-time categorization of new URLs and straightforward implementation in a Linux environment.
Profile:
Leading Spam Filtering vendor with over 30 million users in over 100 countries (“customer”)
Industry:
Internet Security
Deployment Requirement:
On-disk integration on Linux-based server running in customer’s Data Center
“With zvelo, we were able to quickly launch a superior web filtering service that has gained significant market share with our existing Spam Filtering users.”
– Vice President of Product Management, Customer
The Challenge:
The customer recognized considerable web filtering cross-selling opportunities for its spam filtering customer base, as well as possible customer erosion and pricing pressures if it did not introduce services complementary to its spam filtering to increase customer stickiness.
Additionally, the customer’s customers began expressing the need for web filtering for a variety of reasons, including:
| Liability Management – to reduce the risk of litigation due to inappropriate website usage by employees, such as surfing porn or downloading copyrighted materials, movies and files | |||
| Productivity – to ensure employees and users were productive wherever they were working | |||
| Resource Utilization – to limit the amount high-bandwidth utilization for certain video and streaming sites | |||
| Security – to prevent and protect employees and users from inadvertently accessing websites that were infected, hosting malware or being used as phishing sites | |||
As a result, the customer identified the opportunity to introduce a web filtering service.
“We believed we had the competency and experience to develop the web filtering application, including the GUI, the reporting and policy management. However, we concluded we needed a partner that had a URL database with excellent coverage, accuracy, malicious website detection capabilities and that supported the Linux deployment options and pricing model we required.”
– Vice President of Product Management
The Solution:
Following the decision to introduce a web filtering offering, the customer began a review and evaluation of three possible vendors. The evaluation criteria included:
| Coverage – an evaluation of the respective vendors’ URL database coverage compared with the Alexa™ global 1 million list was conducted. Additionally, an evaluation of the Alexa top 25,000 list for the top 5 markets served by the customer was also performed. | |||
| Accuracy – an evaluation of the URL database accuracy was conducted, with an in-depth analysis of the Alexa top 1,000 URLs and 1,000 randomly selected URLs in the Alexa 100,000 list. The accuracy evaluation compared exact category matches, “over-cats” and “under-cats” | |||
| Malicious Website Detection: an evaluation of the vendors’ coverage and detection abilities of malicious websites was performed, using feeds from several sources including Phishtank™ (for phishing and fraud websites), Internet Watch Foundation™ (for child abuse websites), and a range of internal/external sources for websites identified as hosting spyware, malware or other threats. | |||
| Speed to Categorize New URLs: an evaluation was conducted by submitted new URLs to determine the speed at which new URLs were categorized and added to the URL database | |||
| Response Time to Handle Miscats: an evaluation was conducted by submitting miscategorized URLs to determine the time it took the vendor to research and correct a miscategorized URL | |||
| Performance: the time required to perform a URL query, as well as the maximum number of queries per second per server, was measured for the vendors | |||
| SDK Option: the vendors were asked to prepare SDKs for the Linux Ubuntu environment utilized by the customer | |||
The objective of the evaluation was to identify the vendor that had the best combination of strengths for the various evaluation criteria. The evaluation process took nearly two months to complete and prepare the final evaluation report.
“As the evaluation progressed, zvelo quickly emerged as the leading candidate as they outperformed the other vendors in each of the evaluation criteria. As zvelo also was the most responsive to our business and pricing model requirements, it made for an easy decision.”
– Chief Technology Officer
Following the evaluation, the customer completed development of its Web Filtering application and integration of the zveloDB® SDK, including a local custom blacklist database provided by the customer, the zveloDB and real-time lookups to the zveloNET™, which provides coverage for URLs visited by zvelo’s other customers’ users and real-time automated categorization of new ActiveWeb* sites.
The Customer’s Web Filtering in Action:
The customer introduced its Web Filtering service as an optional add-on offering to its spam filtering users and has seen a steady adoption rate across its customer base and geographic markets.
Once a user has subscribed to the Web Filtering offering, acceptable use policies are established for the user, the user makes the necessary proxy setting changes and begins web surfing and Internet use as normal. When the user accesses a website, the URL is directed to the customer’s data center running the Web Filtering application.
For example, if a user requests access to www.existingwebsite.com, the URL is then directed to the Web Filtering application, which queries the zveloDB through via the zveloDB SDK. The zveloDB SDK performs a fast lookup in the following order:
- First – “Custom” database.
- Second – the zveloDB.
- Third – the zveloNET Cache database, followed by a query to the zveloNET Master Database (at the zveloNET Data Center).
If www.existingwebsite.com is found in any of these databases, the category value(s) are returned to the Web Filtering application and the Web Filtering application uses the acceptable use policies for the particular user to block or allow access to the requested website.
If, however, the user requests access to www.newwebsite.com, and the URL is not found in the above-mentioned query process, the URL is immediately processed by the zveloNET real-time AutoCat systems to determine the appropriate category (up to 5 categories) and to identify if the website is infected, compromised or contains any type of threat. The www.newwebsite.com URL and its categories are then added to the zveloNET Master Database and available for any subsequent queries from any customers. If any other user for any customer then requests access to the www.newwebsite.com, it is then found in the query and the URL and its category values are downloaded to the zveloNET Cache database, making for even faster lookup speed.
With this process, the customer’s users have complete coverage for their web surfing and they can be provided zero-hour protection against malicious websites and other web threats. Further, the zveloDB’s performance can accommodate the anticipated growth as the customer’s adoption rate and URL query volume increases.
Ease of Integration:
A key consideration and evaluation criteria for the customer was ease of integration. With the zveloDB SDK, the integration is simple and straightforward. zvelo offers a range of options for the zveloDB SDK, including multiple versions of Linux, UNIX and Windows, and was able to quickly deliver the specific Linux Ubuntu version required by the customer. There are only a few API calls to be developed and the zveloDB SDK is ready for use.
“The integration was surprisingly easy. By the time we set up the evaluation of the zveloDB SDK, we were essentially finished with the integration effort.”
– Chief Technology Officer
Benefits of zvelo:
The zveloDB’s 99.99% coverage of the ActiveWeb sites visited by users, combined with zveloNET’s real-time AutoCategorization for new websites, provided excellent website coverage for the customer’s global users and seamless policy management for the user’s web surfing, while zvelo’s malicious website detection capabilities provided zero-hour protection against compromised, infected, phishing and other web threats. The zveloDB SDK was tailored for easy integration with the Linux Ubuntu operating environment and supported a local custom blacklist/whitelist legacy database developed by the customer for their spam filtering business, as well as an API to automate end-user submissions of any miscats for immediate research and response by zvelo’s quality assurance team of Web Analysts.
The Results:
The customer experienced nearly immediate results with the introduction of its Web Filtering offering. Customer churn for spam filtering users was reduced significantly and price erosion for spam filtering has nearly stopped. The adoption rate for Web Filtering users has exceeded expectations, due in large part to the rapid implementation and launch of Web Filtering ahead of schedule.
“We have found zvelo to be an excellent partner. They have provided a superior technical offering and have been an extremely responsive business partner.”
– Vice President of Product Management
By expanding its product portfolio, the customer is also able to successfully pursue additional sales opportunities and accounts that were previously not viable. Further, it has been able to do so without having to add materially to its staff or personnel.
*ActiveWeb – those websites visited by actual users.
