M86 SWG 3000 v10

We were surprised to discover that HTTPS scanning is still an optional extra. Many vendors now consider this a necessity, and not a luxury, and include it as standard. Web caching is another option and we would suggest adding this before deployment. Costing 718, the kit comprises an extra 250GB hard disk - the appliance will need to be powered down to fit it.

Deployment in the lab was swift as the appliance defaults to an explicit proxy so we just needed to configure our Windows clients to use it. We did this manually but you can easily automate it with group policies or PAC scripts.

The web interface sees some graphical refreshment, but we've always found it well designed and easy to use anyway. The appliance uses policies to manage security and these comprise sets of rules each containing conditions and actions.

You get three default policies, so the appliance can start filtering traffic straight away for all users. These contain over forty rules apiece and include options for anti-virus scanning, URL filtering, file blocking and handling malicious code.

To create new policies you clone existing ones and modify them to suit by removing rules you don't need, adding new ones and re-ordering their priority. Although it works well enough, this seems a little clunky to us. The X-ray option is very useful for testing as it can be applied to an entire policy or individual rules so they only log what actions they would have taken.