FaceTime Communications USG530 - web filtering appliance review

Controlling IM and P2P apps in the workplace is a serious problem, but FaceTime goes where UTM appliances fear to tread as nothing slips under its radar.

IT Pro Verdict

FaceTime Communications 01189 637 469 www.facetime.com Verdict: Controlling IP and P2P apps is not a high priority for traditional UTM appliances as most have a very limited awareness of these. FaceTime’s USG appliances take control to the next level as they are capable of identifying and controlling hundreds of these types of problem apps and have a heightened awareness of social networking sites.

Many businesses that think implementing Acceptable Use Policies is a sure-fire way of controlling internet access in the workplace are just fooling themselves as increasingly IT savvy staff are finding ways around these restrictions. IM and P2P apps are now serious problem and yet the majority of gateway security appliances pay little more than lip service to them.

FaceTime has traditionally focused on this problem area and its USG (unified security gateway) appliances offer a wide range of facilities to monitor, manage and control IP and P2P apps. They go much further by also offering sophisticated defences against malware, which includes packet analysis plus packet sequence recognition and have a built in awareness of problem social networking sites such as Facebook and MySpace.

Optional web content filtering is on the menu and the latest version adds a raft of new features. On review we have the USG530, which has the muscle to handle up to 5,000 users. The price for the review system is for 1,000 users and includes a one year subscription to the malware and web filtering services.

There is an argument in favour of allowing some access to social networking sites in the workplace and FaceTime takes this into account as the appliance doesn't just offer a single filter category but lists all their various services. It is fully aware of services such as chat, alerts, gaming, dating and classifieds so you can fine-tune what access you wish to allow.

The latest code release adds more controls over web applications and can audit instant messages sent by Blackberry users over the Lotus SameTime service. Global objects simplify security policy configuration and greynet traffic can have time and bandwidth quotas applied to them. Awareness of Microsoft's OCS has been extended to controlling IM messages passing through Edge Servers.

The appliance has three Gigabit network ports with one to monitor all traffic via switch port mirroring, a second providing dedicated management access and a third for FaceTime's IM proxy. The monitoring port can only block IM traffic whereas the proxy port provides a much finer control as it can analyse instant messages in real time.

Dave Mitchell

Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.

Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.