Finjan Vital Security Web Appliance NG-6000S

Online threats are getting ever more sophisticated. Does Finjan’s web content security appliance have enough craft to stay one step ahead?

Editor's Choice

Businesses are increasingly coming under threat from ever more sophisticated and cleverly crafted attacks designed specifically to fox traditional scanning methods. Finjan specialises in web content security and its range of Vital Security appliances offers an interesting selection of unique features that have a highly proactive stance when faced with new threats.

Advertisement - Article continues below

On the front line is Finjan's patented active real-time content inspection, which is designed to identify malicious code and block it. Instead of using a sandbox it examines the code to see what it would do. It checks it through to completion and then blocks it if it doesn't like what it sees. Finjan's Anti.dote provides protection in the gap between a new threat being identified and a patch being made available. When a threat is identified Finjan downloads a custom rule set to the appliance that enables it to detect and block it during this phase. Lastly, you have Finjan's spyware protection, which uses a combination of behavioural analysis and known spyware URL lists.

Optional anti-virus measures are on offer and you can choose between Kaspersky, McAfee or Sophos. Web content filtering is also available and you can go for either Websense or IBM's Proventia services.

On review is the Web Appliance NG-6000S, which is delivered as an IBM x3650 2U rack server sporting a decent overall specification. Deployment in the lab was easy enough as the NG-6000S defaults to an explicit proxy. All you need do is change your client's browser proxy settings and this can be done easily enough with group policies. The appliance can also function as a transparent proxy and now provides proxy authentication, although you will still need to redirect LAN to WAN traffic to the appliance for scanning.

Advertisement - Article continues below
Advertisement - Article continues below

Another new feature is support for WCCP (web cache communication protocol). This is used by Cisco's PIX and ASA firewalls and some of its switches so you can now forward web traffic to the appliance from these devices for inspection. Finjan has simplified initial installation by replacing the web GUI with a wizard based CLI setup where you can use a local monitor and keyboard or remote connection over SSH. At this stage you choose your mode of operation and we went for the all-in-one option but you can use multiple appliances that provide load-balanced scanning services with all reporting to a central policy enforcement server.

The management web interface sees some welcome graphical refreshment and we found it easier to use as the security policies are now presented in a simple tree structure. Each policy comprises rules with each containing conditions and actions. Each rule focuses on a specific threat type so you'll have ones for dealing with malicious content, file blocking by extension, web content blocks, anti-virus scans and so on there's a huge range to choose from. There's more in the new features department as Finjan also offers optional scanning of HTTPS traffic. The appliance terminates encrypted streams and inspects the content first and this is also controlled with the use of policies.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020

The top 12 password-cracking techniques used by hackers

12 Jun 2020