Finjan Vital Security Web Appliance NG-6000S

Online threats are getting ever more sophisticated. Does Finjan’s web content security appliance have enough craft to stay one step ahead?

A complete set of default policies are provided enabling you to start filtering web traffic immediately as even the medium level security policy contains 40 predefined rules. X-Ray is a very handy feature for safe testing as this can be applied to whole policies or specific rules where it runs them passively. The anti-virus scanners and web content filters are also configured with rules and Websense now offers over fifty URL categories to choose from.

All rules within a policy are carried out in strict priority but it's easy enough to change their position if required. Under normal circumstances the policy rules that control Finjan's active real-time content inspection reside near the bottom so they can catch anything smart enough to slip past all the other defences. To test this feature we pointed one of our client systems at a web site known to have an extremely unpleasant payload.

Rather than move the relevant rules to the top of the policy we gradually disabled each rule the Trojan hit so that it would eventually get to the content inspection rule. Remarkably, to achieve this we had to deactivate rules for Websense first followed by Kaspersky's anti-virus, Finjan's anti-spyware and then rules blocking files with missing digital signatures and suspicious file downloads. Once the Trojan's code had been analysed the appliance blocked it and we could see from the log files that Finjan determined it was trying to terminate existing processes, engage in illicit memory management and load other DLLs.

We tested the Websense service, which is also configured using policy rules. Each policy can be applied to different users and groups and these can be swiftly imported using LDAP. We tested this by switching on the gambling category and attempting to visit nearly fifty on-line bingo sites where Websense saved our hard earned cash by blocking us from every one.

Whenever the NG-6000S blocks access it redirects the user to a warning web page and posts an entry in its log file. It also maintains a database, which is used to produce more detailed reports for areas such as viral activity or accessing blocked sites and can export them in PDF, Excel or HTML forms. The reports are predefined but can be applied to specific users or groups if required.

Web borne threats are getting ever smarter with ploys such as dynamic code obfuscation designed to circumvent traditional signature based scanning. Finjan's NG-6000S is unlikely to get caught napping though as it's capable of offering a tough defensive posture that can be easily customised with rule based policies plus optional anti-virus scanning and web content filtering.

Verdict

Anti-spam and firewall measures must be sourced separately but for web content security you’ll be hard pushed to find defences that are tougher than those offered by Finjan’s Vital Security appliances. The use of security policies makes the NG-6000S very versatile, deployment is a breeze and the active real-time content inspection is quite unique.

Chassis: 2U IBM x3650 rack

CPU: 2 x 2GHz Xeon 5130

Memory: 2GB 667MHz FB-DIMM

Storage: 2 x 73.4GB IBM 10k SAS hard disks

RAID: IBM ServeRAID 8k-l controller with 32MB cache memory (drives in RAID-1 mirror).

Network: 4 x Gigabit Ethernet

Management: Web browser

Options: 250 users: Websense - 1yr, £2,162; Kaspersky – 1yr, £1,242 (all exc VAT)

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

SonicWall warns of imminent ransomware campaign on VPN hardware
virtual private network (VPN)

SonicWall warns of imminent ransomware campaign on VPN hardware

16 Jul 2021
Zyxel USG Flex 100 review: Flexible gateway security
unified threat management (UTM)

Zyxel USG Flex 100 review: Flexible gateway security

15 Apr 2021
Veritas Access Appliance with IBM Spectrum® Protect
Server & storage

Veritas Access Appliance with IBM Spectrum® Protect

27 Nov 2020
Zoom starts rolling out end-to-end encryption for all users
encryption

Zoom starts rolling out end-to-end encryption for all users

27 Oct 2020

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Supply chain breaches impacted 97% of firms in the past year
supply chain management (SCM)

Supply chain breaches impacted 97% of firms in the past year

12 Oct 2021