Review: iPrism 1200

St. Bernard's iPrism 1200 is a 1U rack-mountable appliance. With clearly labelled network ports, it is very simple to connect to the network. St. Bernard also sells the iPrism 3000, which is aimed at larger organizations, with Gigabit Ethernet.

While you can connect to the management interface using a web browser, there is little point as it just launches St. Bernard's Appliance Manager, which you should install on your PC. It's a Java application, but it refused to run on our first notebook, so we had to switch machines to run it.

The initial configuration steps let you assign an IP address, configure your software license and choose the mode of operation: bridge to sit inline on a connection or proxy server. You can also choose to enable the out-of-band management port on the back, so you can connect the iPrism to your management network. Once done, the next time you get the full management screen. The filtering works by creating profiles. Each profile contains a list of categories and, using a time grid, when they are blocked and allowed. However, the grid may look pretty but it is hard to see exactly what's going on.

St. Bernard has implemented a comprehensive website category scheme. Each main category also has sub-categories, so you can choose exactly which websites you want to block – the database is updated daily.

When a user gets a blocked page message, they can click the request button to send an email prompting an administrator to allow access to it. It is a simple way of dealing with wrongly categorized sites. Also, a profile can state how to deal with IM and P2P clients, so you can build in protection for that as well.

Once you've created your profiles you can assign them to IP address ranges or, with its NTLM integration, Windows users. Both processes are easy. In our tests the iPrism blocked test websites and HTTP-Tunnel correctly. It is a simple, powerful system to use, though the Java app needs more work to make it more stable.

For:

Unblock request feature helps reduce false positives.

Had trouble getting Java-based management running.

A simple and powerful system to use with support for P2P and IM, but the Java-based management needs to be more reliable.