Webpulse in a PacketShaper

I'm a little late getting to this, but Blue Coat announced a few months ago the inclusion of their Webpulse technology in the PacketShaper (the traffic shaping device that Blue Coat acquired when they acquired Packeteer a few years ago).

If you're not familiar with Webpulse, it's the cloud service behind Blue Coat Web Filter (BCWF), the URL filtering database that's an option on Blue Coat's ProxySG platform. Basically when you visit a URL that's not in the local URL database, it checks Webpulse to see if there's a rating for that URL already cached in the cloud, and if so brings down that rating to the local ProxySG and caches that information locally. If it's not been rated in the past (because no one else in their 75 million user community has visited the page yet), then they'll use an automated rating system that goes out and scans the page and tries to rate the page real-time, and then adds the real-time rating to their cache, so that any other ProxySG (or other devices that use Webpulse), will get the rating if they ask for it for the same URL.

PacketShaper on the other hand is a device that offers visibility, classifies network traffic, and allows you put in constraints (essentially QoS) on each of the different "buckets" of classified network traffic. For example, if you want to allow P2P on your network, but you only want it to take up 1% of the available network bandwidth you can set up a rule to enforce that.

Before adding Webpulse to PacketShaper, it basically considered Web traffic to be one large category. By adding Webpulse, PacketShaper now recognizes different categories being browsed and can automatically use Webpulse to add unknown URLs to a specific category within Web traffic. The big benefit here is being able to control specific types of web traffic (say traffic going to porn sites), by using either bandwidth controls, or even blocking that traffic (although it allows you to block traffic, it's not as secure as a security device like ProxySG, because the default to PacketShaper is to allow traffic that it doesn't know, until it's able to classify it, so you may allow some "bad" traffic to go out or come into your network, before the block takes effect based on your rules.

Webpulse adds great additional visibility to PacketShaper, but it doesn't replace the web proxy, unless you're willing to let some "bad" traffic in before it's blocked, which I don't think any IT admin would allow. But PacketShaper does serve an interesting purpose as a network monitoring device, and reporting tool, especially if you don't have secure web gateway yet. By putting in a PacketShaper, you can see if it's worthwhile to get secure web gateway, and at the same time you can restrict certain types of traffic from going through your network (or at least slowing it down enough to discourage users from even trying it).