M86 SWG 3000 v10

The latest SWG appliances from M86 Security takes a highly proactive stance tackling new web threats. Read this exclusive review of the SWG 3000 to see if its patented behavioural blocking technology provides the perfect security umbrella or not.


The appliance also handled social networking sites well, although the Filter List does place many under different categories. It would make things easier if M86 placed them all under a social networking category, or at least provided a search tool.

The M86 will have to go a long way to beat FaceTime's USG appliances which can control virtually any user activity you can imagine on the most popular social networks. M86's options are far more basic, but you can use rules to stop certain user activities such as posting and uploading files to Facebook.

The appliance's reporting facilities have always been very informative as it maintains its own database and provides plenty of details on user activity and security events. However, these are all predefined and can't be customised.

The optional Security Reporter feature remedies this and is designed to provide a central location for reporting with greatly increased data retention periods. Data from all SWG appliances is automatically sent to this as archived files, which can then be used to create an impressive range of fully customisable reports.

Advertisement - Article continues below

For cloud-based scanning M86 uses Amazon's EC2 (elastic cloud compute) service allowing multiple virtual scanning appliances to be used. This has been expanded to cover remote workers by deploying a SWSH (secure web services hybrid) agent to their laptops and PCs. It routes all web traffic to the nearest virtual scanner and v10 now includes an agent for Windows 7 systems.

The data leakage prevention feature scans a range of documents looking for keywords and phrases and blocks users from sending them. In previous tests we found that this couldn't check simple text files, but the v10 release includes these and can also scan web form content.

During testing we found the SWG 3000 easy to deploy in the lab and capable of delivering tough web security measures. The active real time content inspection makes light work of spotting and removing malicious code. As most of this is carried out transparently, it can significantly reduce the burden on support departments.

So what's our verdict?


Although the latest software version doesn’t introduce any radical improvements, the SWG 3000 is clearly capable of dealing with today’s increasingly sophisticated web attacks. Its active real-time content inspection can be teamed up with a choice selection of anti-virus measures and web content filtering and the option to deploy appliance and cloud-based scanning will appeal to larger businesses with remote offices.

Chassis: 1U IBM System x3250 M3 rack server

CPU: Intel Xeon X3430 2.4GHz

Memory: 4GB DDR3

Storage: 250GB SATA cold swap

RAID: None

Network: 4 x Gigabit Ethernet

Management: Web browser

Options: 500 users: M86 Filter List - 1yr, £1,245; Kaspersky anti-virus – 1yr, £2,120; HTTPS scanning – 1yr, £1,405; caching kit, £718 (all ex VAT)

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019