Blue Coat ProxySG 200
Strengths: Small form-factor appliance
Weaknesses: Could be more intuitive
Verdict: In some respects, Blue Coat System's product seems more like a port-blocker than a dedicated instant messaging device
Aimed primarily at the smaller enterprise, the Blue Coat ProxySG 200 is a 1U-high undersized unit that can be slotted into a rack using the supplied converter bars or will be just as at home sitting on a desk.
Unfortunately, the installation procedure was blighted by the documentation, which seemed to provide us with the wrong information. Because of this, using the company's recommended installation procedure did not get us to the configuration page. Worryingly, we encountered a similar issue the last time we reviewed this particular product.
Having resorted to a serial connection to access the initial configuration screens, we got through to a terminal-style screen, where we had to configure the IP address of the appliance.
Once this was done we could eventually access the management console, which seemed a little sluggish. It is a basic web-based console, which allowed us to set fundamental settings such as appliance name and time. The slowness we experienced during the initial startup of the console seems to be down to the Java applets the console uses.
The ProxySG 200 acts as a gateway through which all TCP traffic travels through, such as HTTP, FTP and SOX. There are a number of settings you can deploy on the appliance to help meet your organization's security policies. But for the purposes of this review we looked at instant messaging only.
By clicking on the IM proxies we could set policies for the three popular messaging platforms: IM, AOL Yahoo! and MSN Instant Messenger. However, there didn't seem to be support for some lesser-used messaging networks, for example GoogleTalk.
To create an IM policy we had to go to the service ports page on the configuration tab. We decided to set a policy for AOL use on port 5190. The Proxy SG does have a useful level of port blocking functionality for all of the main instant messaging tools. These include global allow and disallow, time of day, by user or group and allow text but disallow file transfer. It can also log corporate IM traffic including full text.
It can perform these and other functions on traditional ports such as 5190 but can also scan for less common kinds such as HTTP's ports 80, 2021 and 118.
Overall the ProxySG 200 has a wide range of functionality built in, which is good. However, it's not a particularly intuitive approach to IM security, which resulted in even relatively simple tasks being troublesome to perform.