Finjan Vital Security Web Appliance NG-6000S

Online threats are getting ever more sophisticated. Does Finjan’s web content security appliance have enough craft to stay one step ahead?

A complete set of default policies are provided enabling you to start filtering web traffic immediately as even the medium level security policy contains 40 predefined rules. X-Ray is a very handy feature for safe testing as this can be applied to whole policies or specific rules where it runs them passively. The anti-virus scanners and web content filters are also configured with rules and Websense now offers over fifty URL categories to choose from.

All rules within a policy are carried out in strict priority but it's easy enough to change their position if required. Under normal circumstances the policy rules that control Finjan's active real-time content inspection reside near the bottom so they can catch anything smart enough to slip past all the other defences. To test this feature we pointed one of our client systems at a web site known to have an extremely unpleasant payload.

Rather than move the relevant rules to the top of the policy we gradually disabled each rule the Trojan hit so that it would eventually get to the content inspection rule. Remarkably, to achieve this we had to deactivate rules for Websense first followed by Kaspersky's anti-virus, Finjan's anti-spyware and then rules blocking files with missing digital signatures and suspicious file downloads. Once the Trojan's code had been analysed the appliance blocked it and we could see from the log files that Finjan determined it was trying to terminate existing processes, engage in illicit memory management and load other DLLs.

We tested the Websense service, which is also configured using policy rules. Each policy can be applied to different users and groups and these can be swiftly imported using LDAP. We tested this by switching on the gambling category and attempting to visit nearly fifty on-line bingo sites where Websense saved our hard earned cash by blocking us from every one.

Whenever the NG-6000S blocks access it redirects the user to a warning web page and posts an entry in its log file. It also maintains a database, which is used to produce more detailed reports for areas such as viral activity or accessing blocked sites and can export them in PDF, Excel or HTML forms. The reports are predefined but can be applied to specific users or groups if required.

Web borne threats are getting ever smarter with ploys such as dynamic code obfuscation designed to circumvent traditional signature based scanning. Finjan's NG-6000S is unlikely to get caught napping though as it's capable of offering a tough defensive posture that can be easily customised with rule based policies plus optional anti-virus scanning and web content filtering.

Verdict

Anti-spam and firewall measures must be sourced separately but for web content security you’ll be hard pushed to find defences that are tougher than those offered by Finjan’s Vital Security appliances. The use of security policies makes the NG-6000S very versatile, deployment is a breeze and the active real-time content inspection is quite unique.

Chassis: 2U IBM x3650 rack

CPU: 2 x 2GHz Xeon 5130

Memory: 2GB 667MHz FB-DIMM

Storage: 2 x 73.4GB IBM 10k SAS hard disks

RAID: IBM ServeRAID 8k-l controller with 32MB cache memory (drives in RAID-1 mirror).

Network: 4 x Gigabit Ethernet

Management: Web browser

Options: 250 users: Websense - 1yr, £2,162; Kaspersky – 1yr, £1,242 (all exc VAT)

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021