Finjan Vital Security Web Appliance NG-6000S

Online threats are getting ever more sophisticated. Does Finjan’s web content security appliance have enough craft to stay one step ahead?

Editor's Choice

Businesses are increasingly coming under threat from ever more sophisticated and cleverly crafted attacks designed specifically to fox traditional scanning methods. Finjan specialises in web content security and its range of Vital Security appliances offers an interesting selection of unique features that have a highly proactive stance when faced with new threats.

On the front line is Finjan's patented active real-time content inspection, which is designed to identify malicious code and block it. Instead of using a sandbox it examines the code to see what it would do. It checks it through to completion and then blocks it if it doesn't like what it sees. Finjan's Anti.dote provides protection in the gap between a new threat being identified and a patch being made available. When a threat is identified Finjan downloads a custom rule set to the appliance that enables it to detect and block it during this phase. Lastly, you have Finjan's spyware protection, which uses a combination of behavioural analysis and known spyware URL lists.

Optional anti-virus measures are on offer and you can choose between Kaspersky, McAfee or Sophos. Web content filtering is also available and you can go for either Websense or IBM's Proventia services.

On review is the Web Appliance NG-6000S, which is delivered as an IBM x3650 2U rack server sporting a decent overall specification. Deployment in the lab was easy enough as the NG-6000S defaults to an explicit proxy. All you need do is change your client's browser proxy settings and this can be done easily enough with group policies. The appliance can also function as a transparent proxy and now provides proxy authentication, although you will still need to redirect LAN to WAN traffic to the appliance for scanning.

Advertisement - Article continues below
Advertisement - Article continues below

Another new feature is support for WCCP (web cache communication protocol). This is used by Cisco's PIX and ASA firewalls and some of its switches so you can now forward web traffic to the appliance from these devices for inspection. Finjan has simplified initial installation by replacing the web GUI with a wizard based CLI setup where you can use a local monitor and keyboard or remote connection over SSH. At this stage you choose your mode of operation and we went for the all-in-one option but you can use multiple appliances that provide load-balanced scanning services with all reporting to a central policy enforcement server.

The management web interface sees some welcome graphical refreshment and we found it easier to use as the security policies are now presented in a simple tree structure. Each policy comprises rules with each containing conditions and actions. Each rule focuses on a specific threat type so you'll have ones for dealing with malicious content, file blocking by extension, web content blocks, anti-virus scans and so on there's a huge range to choose from. There's more in the new features department as Finjan also offers optional scanning of HTTPS traffic. The appliance terminates encrypted streams and inspects the content first and this is also controlled with the use of policies.

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now

Most Popular

operating systems

How to fix a stuck Windows 10 update

12 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020
Domain Name System (DNS)

Firefox activates DNS over HTTPS for US users by default

26 Feb 2020
Policy & legislation

What is the Computer Misuse Act?

17 Feb 2020