Finjan Vital Security Web Appliance NG-6000S

Online threats are getting ever more sophisticated. Does Finjan’s web content security appliance have enough craft to stay one step ahead?

A complete set of default policies are provided enabling you to start filtering web traffic immediately as even the medium level security policy contains 40 predefined rules. X-Ray is a very handy feature for safe testing as this can be applied to whole policies or specific rules where it runs them passively. The anti-virus scanners and web content filters are also configured with rules and Websense now offers over fifty URL categories to choose from.

All rules within a policy are carried out in strict priority but it's easy enough to change their position if required. Under normal circumstances the policy rules that control Finjan's active real-time content inspection reside near the bottom so they can catch anything smart enough to slip past all the other defences. To test this feature we pointed one of our client systems at a web site known to have an extremely unpleasant payload.

Rather than move the relevant rules to the top of the policy we gradually disabled each rule the Trojan hit so that it would eventually get to the content inspection rule. Remarkably, to achieve this we had to deactivate rules for Websense first followed by Kaspersky's anti-virus, Finjan's anti-spyware and then rules blocking files with missing digital signatures and suspicious file downloads. Once the Trojan's code had been analysed the appliance blocked it and we could see from the log files that Finjan determined it was trying to terminate existing processes, engage in illicit memory management and load other DLLs.

We tested the Websense service, which is also configured using policy rules. Each policy can be applied to different users and groups and these can be swiftly imported using LDAP. We tested this by switching on the gambling category and attempting to visit nearly fifty on-line bingo sites where Websense saved our hard earned cash by blocking us from every one.

Whenever the NG-6000S blocks access it redirects the user to a warning web page and posts an entry in its log file. It also maintains a database, which is used to produce more detailed reports for areas such as viral activity or accessing blocked sites and can export them in PDF, Excel or HTML forms. The reports are predefined but can be applied to specific users or groups if required.

Web borne threats are getting ever smarter with ploys such as dynamic code obfuscation designed to circumvent traditional signature based scanning. Finjan's NG-6000S is unlikely to get caught napping though as it's capable of offering a tough defensive posture that can be easily customised with rule based policies plus optional anti-virus scanning and web content filtering.

Verdict

Anti-spam and firewall measures must be sourced separately but for web content security you’ll be hard pushed to find defences that are tougher than those offered by Finjan’s Vital Security appliances. The use of security policies makes the NG-6000S very versatile, deployment is a breeze and the active real-time content inspection is quite unique.

Chassis: 2U IBM x3650 rack

CPU: 2 x 2GHz Xeon 5130

Memory: 2GB 667MHz FB-DIMM

Storage: 2 x 73.4GB IBM 10k SAS hard disks

RAID: IBM ServeRAID 8k-l controller with 32MB cache memory (drives in RAID-1 mirror).

Network: 4 x Gigabit Ethernet

Management: Web browser

Options: 250 users: Websense - 1yr, £2,162; Kaspersky – 1yr, £1,242 (all exc VAT)

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Sophos XGS 3300 review: Xstream firewall performance
Security

Sophos XGS 3300 review: Xstream firewall performance

7 Jan 2022
Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box
Security

Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

18 Nov 2021
Big zero-day flaw found in Palo Alto security appliance
internet security

Big zero-day flaw found in Palo Alto security appliance

11 Nov 2021
SonicWall warns of imminent ransomware campaign on VPN hardware
virtual private network (VPN)

SonicWall warns of imminent ransomware campaign on VPN hardware

16 Jul 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022