IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

FaceTime Communications USG530 - web filtering appliance review

Controlling IM and P2P apps in the workplace is a serious problem, but FaceTime goes where UTM appliances fear to tread as nothing slips under its radar.

The proxy can scan messages for unacceptable content and, where appropriate, challenge users before allowing the message to be sent. All messages can be archived on the appliance or to an external SQL database and searched using FaceTime's legal discovery tools.

For testing we dropped the USG530 into the lab's network and configured our main ProCurve 2848 switch to mirror traffic from all ports to the appliance's connection. You start with it running in a passive discovery mode where it uses Layer 7 packet inspection to find out what's running round the network. The web interface is well designed and the home page opens with a full summary on network activity, statistics for each component, the appliance's status and quick access to the latest reports.

After leaving it monitoring the network for a couple of days we found the levels of information forthcoming to be quite remarkable. We could see which systems were using Windows Live Messenger, those that had the BBC iPlayer loaded and others with GoToMyPC loaded and ready for remote connections. Systems with the BitTorrent Client 6 loaded and active were easily identified as were those that had the Vuze P2P video downloader running.

Traffic is split into the five main categories of IM, P2P, greynet, malware and web filtering and tabs in the interface are provided for each one , enabling you to drill down and view more detail about specific activities. We could see the IP addresses of the systems using IM apps, the user identities, the number of messages for each one and whether they went through the monitoring or proxy ports. For P2P apps you can see the user and system identities and how much traffic was being generated by each one.

Now it's time to go into enforcement mode. This can be switched on individually for each of the five categories and your policies then come into play. Policies can be assigned to lists of IP addresses but AD support means they can be assigned to specific users and groups. For IM, P2P and greynet apps you have hundreds to choose from to block or allow, whilst the web filtering service offers 56 categories. For Facebook there are 23 service categories on offer and for MySpace you have no less than 29 to choose from.

The IM proxy port uses the default policy, where you can set up file transfer privileges and send messages to an external ICAP server for virus scanning. List of restricted phrases can be applied and the appliance can also stop IM being used for spamming by sending a challenge to external users who are required to give a specific response.

With so many apps to monitor and so little time, reporting needs to be good and FaceTime doesn't disappoint. For each category you can view a complete rundown on all activities and drill down for more information on the top blocked products, the systems trying to access them and, with AD policy groups in force, the offending users as well.

There's no denying the USG530 fills the gaps that traditional UTM appliances leave behind. Its awareness of IM and P2P apps and social networking sites is second to none and it augments these abilities with quality anti-malware and web content filtering capabilities.

Verdict

FaceTime Communications 01189 637 469 www.facetime.com Verdict: Controlling IP and P2P apps is not a high priority for traditional UTM appliances as most have a very limited awareness of these. FaceTime’s USG appliances take control to the next level as they are capable of identifying and controlling hundreds of these types of problem apps and have a heightened awareness of social networking sites.

Chassis: 1U rack server; Processor: 2.83GHz Xeon X3360 Memory: 4GB 667MHz DDR2 Storage: 250GB 7.2K SATA hard disk RAID: None on this model Network: 3 x Gigabit Ethernet Management: Web browser

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

WatchGuard Firebox M290 review: Stiff security at a great price
unified threat management (UTM)

WatchGuard Firebox M290 review: Stiff security at a great price

23 Feb 2022
Sophos XGS 3300 review: Xstream firewall performance
Security

Sophos XGS 3300 review: Xstream firewall performance

7 Jan 2022
Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box
Security

Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

18 Nov 2021
Big zero-day flaw found in Palo Alto security appliance
internet security

Big zero-day flaw found in Palo Alto security appliance

11 Nov 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Google Russia files for bankruptcy, ends operations in the country
Business operations

Google Russia files for bankruptcy, ends operations in the country

19 May 2022