FaceTime Communications USG530 - web filtering appliance review

Controlling IM and P2P apps in the workplace is a serious problem, but FaceTime goes where UTM appliances fear to tread as nothing slips under its radar.

Price
£28,695

The proxy can scan messages for unacceptable content and, where appropriate, challenge users before allowing the message to be sent. All messages can be archived on the appliance or to an external SQL database and searched using FaceTime's legal discovery tools.

For testing we dropped the USG530 into the lab's network and configured our main ProCurve 2848 switch to mirror traffic from all ports to the appliance's connection. You start with it running in a passive discovery mode where it uses Layer 7 packet inspection to find out what's running round the network. The web interface is well designed and the home page opens with a full summary on network activity, statistics for each component, the appliance's status and quick access to the latest reports.

After leaving it monitoring the network for a couple of days we found the levels of information forthcoming to be quite remarkable. We could see which systems were using Windows Live Messenger, those that had the BBC iPlayer loaded and others with GoToMyPC loaded and ready for remote connections. Systems with the BitTorrent Client 6 loaded and active were easily identified as were those that had the Vuze P2P video downloader running.

Traffic is split into the five main categories of IM, P2P, greynet, malware and web filtering and tabs in the interface are provided for each one , enabling you to drill down and view more detail about specific activities. We could see the IP addresses of the systems using IM apps, the user identities, the number of messages for each one and whether they went through the monitoring or proxy ports. For P2P apps you can see the user and system identities and how much traffic was being generated by each one.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Now it's time to go into enforcement mode. This can be switched on individually for each of the five categories and your policies then come into play. Policies can be assigned to lists of IP addresses but AD support means they can be assigned to specific users and groups. For IM, P2P and greynet apps you have hundreds to choose from to block or allow, whilst the web filtering service offers 56 categories. For Facebook there are 23 service categories on offer and for MySpace you have no less than 29 to choose from.

The IM proxy port uses the default policy, where you can set up file transfer privileges and send messages to an external ICAP server for virus scanning. List of restricted phrases can be applied and the appliance can also stop IM being used for spamming by sending a challenge to external users who are required to give a specific response.

With so many apps to monitor and so little time, reporting needs to be good and FaceTime doesn't disappoint. For each category you can view a complete rundown on all activities and drill down for more information on the top blocked products, the systems trying to access them and, with AD policy groups in force, the offending users as well.

There's no denying the USG530 fills the gaps that traditional UTM appliances leave behind. Its awareness of IM and P2P apps and social networking sites is second to none and it augments these abilities with quality anti-malware and web content filtering capabilities.

Verdict

FaceTime Communications 01189 637 469 www.facetime.com

Verdict: Controlling IP and P2P apps is not a high priority for traditional UTM appliances as most have a very limited awareness of these. FaceTime’s USG appliances take control to the next level as they are capable of identifying and controlling hundreds of these types of problem apps and have a heightened awareness of social networking sites.

Chassis: 1U rack server;

Processor: 2.83GHz Xeon X3360

Memory: 4GB 667MHz DDR2

Storage: 250GB 7.2K SATA hard disk

RAID: None on this model

Network: 3 x Gigabit Ethernet

Management: Web browser

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/data-protection/354492/currys-pc-world-parent-firm-hit-with-ps500k-fine-over
data protection

Currys PC World parent firm hit with £500k fine over historic data breach

9 Jan 2020
Visit/security/ransomware/354483/travelex-disruption-caused-by-devastating-ransomware-attack
ransomware

Travelex disruption caused by devastating ransomware attack

8 Jan 2020