M86 Secure Web Gateway v10.1

Powered by SC Magazine
 

M86 Secure Web Gateway (SWG) v10.1 proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis, dynamic web repair technology and granular social media controls.

 

The product is deployed as a policy server and scanning server. In a typical environment, one would deploy multiple scanning servers managed by a centralised policy server. For the purpose of our review, we configured both on the single appliance.

The product is delivered either as a pre-loaded server-based appliance or as a virtual SWG appliance that works with a VMware ESXI v4.1 server. A physical 3000-series appliance was delivered to our lab. Initial set-up did require some command-line work as one needs to either secure shell through the LAN or terminal via the serial port.

One needs to set up the appliance first (running a set-up command) and then configure the network functions through the command line before being able to use the web-based user interface. You can configure the tool for explicit or transparent proxy, in-line bridge mode, proxy-chaining, integration as an internet content adaptation protocol service or as a client with web cache communication protocol (WCCP) v2.

Once the network portion is configured, you can browse to the appliance IP and use the web-based user interface to perform the remaining configuration and management functions. The management console provides administrators with a tool for managing the entire Secure Web Gateway deployment from the policy server.

Website code or file content and behaviour are analysed in real time by identifying operations, parameters, script manipulations and other exploitations for a given piece of content; M86 can view in real time whether a piece of active content will perform a malicious action when loaded into a browser. In accordance with pre-defined security policies, M86's security system dynamically decides if content is safe for browsing, providing up-to-the-minute protection.

Meanwhile, M86's granular social media control gives organisations the power to block posts, comments or uploads to social networks such as Facebook and LinkedIn. There is also support for web-page repair, data-leakage protection, application controls, SSL inspection and certificate-error handling, as well as digital signature analysis of binary objects.

What's more, M86 code analysis includes handling of code-splitting. There is full lightweight directory access protocol and Active Directory integration available for user authentication. There are also a number of anti-virus and URL scanning options, each licensed separately, but one does have choices on scanning engines.

Basic eight-hours-a-day/five-days-a-week support is provided with the subscription fee, while "gold" and "platinum" support are available at an extra cost.

The only drawbacks we found were that the implementation and management documentation is not very comprehensive (we had to figure out a lot of the items on our own) and although the offering has many enterprise-level capabilities, it is limited to web-content filtering and requires a lot of work to configure, while load balancing is only integrated in the high-end chassis solution.

Copyright © SC Magazine, UK edition


M86 Secure Web Gateway v10.1
 
:
Overall Rating
Verdict:
A solid, enterprise-level web management solution.
Product Info
Supplier:
 
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 327

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 136

Vote