Panda GateDefender Performa 9500 review
Panda has updated its Performa web content security appliances with some much needed improvements. Our live tests show anti-spam performance for the 9500 is exemplary but is this enough to justify the price? Read our review to find out.
The interface opens with an impressive collection of graphs showing a full summary of all five main security functions plus traffic throughput and appliance hardware utilisation. The reporting period for the graphs can be changed from one day to the past year, you can enlarge them for closer inspection and data can be exported immediately to a CSV file.
Hold the mouse pointer over a title and the graph below changes to a set of coloured blocks showing clearly which protocols the service has been activated for. Access security is also good as all administration is restricted to a single IP address and other users can be created that are only allowed to change protection profiles or produce reports and monitor the status of the appliance.
For some time Panda has been lagging behind the competition due to its failure to provide HTTPS scanning. This is now a standard feature and the 9500 implements it using the man-in-the-middle process where it terminates the encrypted traffic stream, inspects it and sends it on its way to the client in its original secure format.
Scanning performance has been improved by moving malware detection off into the cloud. The appliance saves time by also maintaining a local cache of recently detected malware which it checks first.
The 9500 uses security policies making it very versatile as you can apply different settings to users allowing complex acceptable use policies (AUPs) to be enforced. You begin by creating network definitions which describe IP addresses, ranges or subnets, LDAP servers, users and domains.
Next, you define custom configurations for the anti-malware, anti-spam, web content filter and URL filter modules which are then linked to the network definitions. Previously, the IM/P2P/VoIP module could only be applied globally to all users but this can now be configured for each policy.