Blue Coat ProxyOne Appliance
Strengths: Very easy set-up, strong web security straight from the box, top URL filtering performance, extensive reporting tools
Weaknesses: Too expensive for smaller businesses
Verdict: The ProxyOne Appliance can be deployed in minutes and provides tough web content security along with excellent web filtering performance
ProxyOne is designed to provide mid-sized businesses with easy-to-deploy, enterprise-level web security. It incorporates content-caching technology for improved scanning performance and can extend protection to remote workers via Blue Coat's ProxyClient software.
This 1U rack system comes with a quad-core Xeon processor, 18GB of memory, two mirrored 1TB hard disks and a pair of hot-plug power supplies. It includes a Cavium Nitrox hardware accelerator, while a hardware bypass switch means an appliance failure won't halt your web access.
Prices start at £5,600, which includes 24/7 support for 100 users, one-year warranty, licences and security updates. This makes it expensive for small firms, but costs decrease as the user count goes up, with a three-year subscription for 2,000 users equating to around £11 per user each year.
The appliance supports two deployment methods and can be placed to one side of the network, where it functions as an explicit proxy. This requires all client systems on the LAN to be reconfigured to use it, and this can be automated using AD group policies or PAC scripts.
The easier method, which we chose for testing, is to place it in-line between the firewall and LAN. In this mode it functions as a transparent gateway and requires no client configuration.
First contact is via a serial port connection to set up management access. We found the six-step process simple - we provided a fixed IP address, netmask, gateway and primary DNS server details, chose an administrator user name and gave it a password.
That's all there is to it, as the appliance downloads updates and virus signatures automatically and starts filtering traffic immediately. Point a web browser at the IP address provided earlier and you will be presented with quick access to URL filtering, appliance monitoring and configuration and a separate reporting section.
URL filtering comes courtesy of Blue Coat's WebPulse cloud-based service. It is simple to set up as you pick and choose from 74 categories and decide whether to block or allow them. Spyware, malware, phishing and proxy-avoidance sites are permanently blocked. You can create a white list of allowed URLs, IP addresses and domains, and a black list where they will be blocked regardless of the categories chosen.
We found filtering performance to be exemplary. With the games and gambling categories blocked, our attempts to access 50 bingo sites were all rebuffed.
Social networking sites such as Facebook, Twitter and MySpace could be quickly placed off-limits. We also visited a number of sites known to harbour malware and these were automatically blocked.
A P2P category allowed us to block access to BitTorrent sites, but the IM category only blocks sites providing these services and is unable to stop apps such as Windows Live Messenger. Appliances such as Cyberoam's CR750ia offer IM app controls and have no user restrictions.
The device-configuration web page provides detailed graphs showing all traffic activity. You can also see the cache in action, and we tested its effectiveness by downloading a 20MB file from an external FTP site which initially took 11 minutes. Subsequent downloads took a second as they were retrieved from the cache.
Blue Coat's reporting features seem to have every angle covered. A dashboard provides a spread of graphs showing detected malware, potentially infected LAN clients, blocked sites and web browsing activity. A range of predefined reports are available so you can pull up views of user behaviour, security threats and browsing trends. You can also create your own reports using stored data.
Blue Coat is certainly easy to deploy. Smaller companies will find it expensive, but its ability to extend content security and excellent URL filtering to remote workers adds a lot of value.