FaceTime Communications USG530 - web filtering appliance review

Controlling IM and P2P apps in the workplace is a serious problem, but FaceTime goes where UTM appliances fear to tread as nothing slips under its radar.

Price
£28,695

The proxy can scan messages for unacceptable content and, where appropriate, challenge users before allowing the message to be sent. All messages can be archived on the appliance or to an external SQL database and searched using FaceTime's legal discovery tools.

For testing we dropped the USG530 into the lab's network and configured our main ProCurve 2848 switch to mirror traffic from all ports to the appliance's connection. You start with it running in a passive discovery mode where it uses Layer 7 packet inspection to find out what's running round the network. The web interface is well designed and the home page opens with a full summary on network activity, statistics for each component, the appliance's status and quick access to the latest reports.

After leaving it monitoring the network for a couple of days we found the levels of information forthcoming to be quite remarkable. We could see which systems were using Windows Live Messenger, those that had the BBC iPlayer loaded and others with GoToMyPC loaded and ready for remote connections. Systems with the BitTorrent Client 6 loaded and active were easily identified as were those that had the Vuze P2P video downloader running.

Traffic is split into the five main categories of IM, P2P, greynet, malware and web filtering and tabs in the interface are provided for each one , enabling you to drill down and view more detail about specific activities. We could see the IP addresses of the systems using IM apps, the user identities, the number of messages for each one and whether they went through the monitoring or proxy ports. For P2P apps you can see the user and system identities and how much traffic was being generated by each one.

Advertisement
Advertisement - Article continues below

Now it's time to go into enforcement mode. This can be switched on individually for each of the five categories and your policies then come into play. Policies can be assigned to lists of IP addresses but AD support means they can be assigned to specific users and groups. For IM, P2P and greynet apps you have hundreds to choose from to block or allow, whilst the web filtering service offers 56 categories. For Facebook there are 23 service categories on offer and for MySpace you have no less than 29 to choose from.

The IM proxy port uses the default policy, where you can set up file transfer privileges and send messages to an external ICAP server for virus scanning. List of restricted phrases can be applied and the appliance can also stop IM being used for spamming by sending a challenge to external users who are required to give a specific response.

With so many apps to monitor and so little time, reporting needs to be good and FaceTime doesn't disappoint. For each category you can view a complete rundown on all activities and drill down for more information on the top blocked products, the systems trying to access them and, with AD policy groups in force, the offending users as well.

There's no denying the USG530 fills the gaps that traditional UTM appliances leave behind. Its awareness of IM and P2P apps and social networking sites is second to none and it augments these abilities with quality anti-malware and web content filtering capabilities.

Verdict

FaceTime Communications 01189 637 469 www.facetime.com

Verdict: Controlling IP and P2P apps is not a high priority for traditional UTM appliances as most have a very limited awareness of these. FaceTime’s USG appliances take control to the next level as they are capable of identifying and controlling hundreds of these types of problem apps and have a heightened awareness of social networking sites.

Chassis: 1U rack server;

Processor: 2.83GHz Xeon X3360

Memory: 4GB 667MHz DDR2

Storage: 250GB 7.2K SATA hard disk

RAID: None on this model

Network: 3 x Gigabit Ethernet

Management: Web browser

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/business/business-strategy/354304/ex-apple-cpu-architect-accuses-the-firm-of-invading-privacy
Business strategy

Ex-Apple CPU architect accuses the firm of invading privacy

10 Dec 2019
Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019