NxFilter is a powerful Java-based web filter which controls access to web sites based on their domain names. It's also possible to limit access by user and time, and one NxFilter installation can protect your entire network.
You'll first need to install and configure the program, of course, and that can take a little effort. NxFilter isn't for network beginners, it won't fully set up everything itself, and even the web tutorial doesn't walk you through every detail. It's still not difficult - if you know how to configure your system to use a custom DNS server then you won't have much trouble - but you will have a little work to do.
Get NxFilter running on one PC, though, and it brings benefits right away, blocking known phishing sites and using packet inspection to detect some malware. A browser-based console displays stats on web traffic, blocked domains and more, as well as logging every site you've accessed.
If you need more control, it's possible to create NxFilter policies which block sites by category (75 in total), or only allow access to particular site categories - or all internet access - for a certain amount of time a day. These policies can be applied to individual network users, or groups of users. And you're even able to assign policies based on a time range, so for example an office might have a very loose policy at lunchtime, but something much more restrictive for the rest of the day.
This is just the start. If the default site blocking isn't enough, NxFilter supports adding domains manually, or grabbing the blacklist from www.urlblacklist.com. You get a stack of configuration options, there's even support for authenticating users via LDAP and Active Directory (as well as password and IP address), all while delivering great performance (the developer claims NxFilter can handle "several thousands of users easily").
- Only allows IP address for AD/LDAP host.
- Embedded Tomcat updated to v7.0.57.
- Proxy level domain redirection added.
- Bypassing IP host from forwarding query.
- Custom query parsing bug fixed.
- Java mail API updated to v1.5.1.
- Group account concept introduced.
- NxClient v4.0 support added.
- Showing real username from NxClient.
- no-usr, no-grp -> anon-user, anon-grp.
- Proxy log not display correctly with IDN bug fixed.
- zvelo_timeout option added into cfg.properties.
- Proxy blocked reason not display bug fixed.
- 'local_resolver_port' option added into cfg.properties.
- real_user_cnt table added for counting distinct logged-in username.
- Version check for agent added.