M86 Secure Web Gateway v10.1

Powered by SC Magazine
 

M86 Secure Web Gateway (SWG) v10.1 proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis, dynamic web repair technology and granular social media controls.

 

The product is deployed as a policy server and scanning server. In a typical environment, one would deploy multiple scanning servers managed by a centralised policy server. For the purpose of our review, we configured both on the single appliance.

The product is delivered either as a pre-loaded server-based appliance or as a virtual SWG appliance that works with a VMware ESXI v4.1 server. A physical 3000-series appliance was delivered to our lab. Initial set-up did require some command-line work as one needs to either secure shell through the LAN or terminal via the serial port.

One needs to set up the appliance first (running a set-up command) and then configure the network functions through the command line before being able to use the web-based user interface. You can configure the tool for explicit or transparent proxy, in-line bridge mode, proxy-chaining, integration as an internet content adaptation protocol service or as a client with web cache communication protocol (WCCP) v2.

Once the network portion is configured, you can browse to the appliance IP and use the web-based user interface to perform the remaining configuration and management functions. The management console provides administrators with a tool for managing the entire Secure Web Gateway deployment from the policy server.

Website code or file content and behaviour are analysed in real time by identifying operations, parameters, script manipulations and other exploitations for a given piece of content; M86 can view in real time whether a piece of active content will perform a malicious action when loaded into a browser. In accordance with pre-defined security policies, M86's security system dynamically decides if content is safe for browsing, providing up-to-the-minute protection.

Meanwhile, M86's granular social media control gives organisations the power to block posts, comments or uploads to social networks such as Facebook and LinkedIn. There is also support for web-page repair, data-leakage protection, application controls, SSL inspection and certificate-error handling, as well as digital signature analysis of binary objects.

What's more, M86 code analysis includes handling of code-splitting. There is full lightweight directory access protocol and Active Directory integration available for user authentication. There are also a number of anti-virus and URL scanning options, each licensed separately, but one does have choices on scanning engines.

Basic eight-hours-a-day/five-days-a-week support is provided with the subscription fee, while "gold" and "platinum" support are available at an extra cost.

The only drawbacks we found were that the implementation and management documentation is not very comprehensive (we had to figure out a lot of the items on our own) and although the offering has many enterprise-level capabilities, it is limited to web-content filtering and requires a lot of work to configure, while load balancing is only integrated in the high-end chassis solution.

Copyright © SC Magazine, UK edition


M86 Secure Web Gateway v10.1
 
:
Overall Rating
Verdict:
A solid, enterprise-level web management solution.
Product Info
Supplier:
 
 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1074

Vote