Reviews

M86 SWG 3000 v10

The latest SWG appliances from M86 Security takes a highly proactive stance tackling new web threats. Read this exclusive review of the SWG 3000 to see if its patented behavioural blocking technology provides the perfect security umbrella or not.

4 Jan 2011

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 4 Jan 2011

The appliance also handled social networking sites well, although the Filter List does place many under different categories. It would make things easier if M86 placed them all under a social networking category, or at least provided a search tool.

The M86 will have to go a long way to beat FaceTime's USG appliances which can control virtually any user activity you can imagine on the most popular social networks. M86's options are far more basic, but you can use rules to stop certain user activities such as posting and uploading files to Facebook.

The appliance's reporting facilities have always been very informative as it maintains its own database and provides plenty of details on user activity and security events. However, these are all predefined and can't be customised.

The optional Security Reporter feature remedies this and is designed to provide a central location for reporting with greatly increased data retention periods. Data from all SWG appliances is automatically sent to this as archived files, which can then be used to create an impressive range of fully customisable reports.

For cloud-based scanning M86 uses Amazon's EC2 (elastic cloud compute) service allowing multiple virtual scanning appliances to be used. This has been expanded to cover remote workers by deploying a SWSH (secure web services hybrid) agent to their laptops and PCs. It routes all web traffic to the nearest virtual scanner and v10 now includes an agent for Windows 7 systems.

The data leakage prevention feature scans a range of documents looking for keywords and phrases and blocks users from sending them. In previous tests we found that this couldn't check simple text files, but the v10 release includes these and can also scan web form content.

During testing we found the SWG 3000 easy to deploy in the lab and capable of delivering tough web security measures. The active real time content inspection makes light work of spotting and removing malicious code. As most of this is carried out transparently, it can significantly reduce the burden on support departments.

So what's our verdict?

Verdict

Although the latest software version doesn’t introduce any radical improvements, the SWG 3000 is clearly capable of dealing with today’s increasingly sophisticated web attacks. Its active real-time content inspection can be teamed up with a choice selection of anti-virus measures and web content filtering and the option to deploy appliance and cloud-based scanning will appeal to larger businesses with remote offices.

Chassis: 1U IBM System x3250 M3 rack server CPU: Intel Xeon X3430 2.4GHz Memory: 4GB DDR3 Storage: 250GB SATA cold swap RAID: None Network: 4 x Gigabit Ethernet Management: Web browser Options: 500 users: M86 Filter List - 1yr, £1,245; Kaspersky anti-virus – 1yr, £2,120; HTTPS scanning – 1yr, £1,405; caching kit, £718 (all ex VAT)