M86 SWG 3000 v10
The latest SWG appliances from M86 Security takes a highly proactive stance tackling new web threats. Read this exclusive review of the SWG 3000 to see if its patented behavioural blocking technology provides the perfect security umbrella or not.
The appliance also handled social networking sites well, although the Filter List does place many under different categories. It would make things easier if M86 placed them all under a social networking category, or at least provided a search tool.
The M86 will have to go a long way to beat FaceTime's USG appliances which can control virtually any user activity you can imagine on the most popular social networks. M86's options are far more basic, but you can use rules to stop certain user activities such as posting and uploading files to Facebook.
The appliance's reporting facilities have always been very informative as it maintains its own database and provides plenty of details on user activity and security events. However, these are all predefined and can't be customised.
The optional Security Reporter feature remedies this and is designed to provide a central location for reporting with greatly increased data retention periods. Data from all SWG appliances is automatically sent to this as archived files, which can then be used to create an impressive range of fully customisable reports.
For cloud-based scanning M86 uses Amazon's EC2 (elastic cloud compute) service allowing multiple virtual scanning appliances to be used. This has been expanded to cover remote workers by deploying a SWSH (secure web services hybrid) agent to their laptops and PCs. It routes all web traffic to the nearest virtual scanner and v10 now includes an agent for Windows 7 systems.
The data leakage prevention feature scans a range of documents looking for keywords and phrases and blocks users from sending them. In previous tests we found that this couldn't check simple text files, but the v10 release includes these and can also scan web form content.
During testing we found the SWG 3000 easy to deploy in the lab and capable of delivering tough web security measures. The active real time content inspection makes light work of spotting and removing malicious code. As most of this is carried out transparently, it can significantly reduce the burden on support departments.
Although the latest software version doesn’t introduce any radical improvements, the SWG 3000 is clearly capable of dealing with today’s increasingly sophisticated web attacks. Its active real-time content inspection can be teamed up with a choice selection of anti-virus measures and web content filtering and the option to deploy appliance and cloud-based scanning will appeal to larger businesses with remote offices.
Chassis: 1U IBM System x3250 M3 rack server
CPU: Intel Xeon X3430 2.4GHz
Memory: 4GB DDR3
Storage: 250GB SATA cold swap
Network: 4 x Gigabit Ethernet
Management: Web browser
Options: 500 users: M86 Filter List - 1yr, £1,245; Kaspersky anti-virus – 1yr, £2,120; HTTPS scanning – 1yr, £1,405; caching kit, £718 (all ex VAT)
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now