M86 Secure Web Gateway v10.1
Strengths: Scalable, strong web offering
Weaknesses: Documentation, web content filtering-only product
Verdict: A solid, enterprise-level web management solution
M86 Secure Web Gateway (SWG) v10.1 proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis, dynamic web repair technology and granular social media controls. The product is deployed as a policy server and scanning server. In a typical environment, one would deploy multiple scanning servers managed by a centralised policy server. For the purpose of our review, we configured both on the single appliance.
The product is delivered either as a pre-loaded server-based appliance or as a virtual SWG appliance that works with a VMware ESXI v4.1 server. A physical 3000-series appliance was delivered to our lab. Initial set-up did require some command-line work as one needs to either secure shell through the LAN or terminal via the serial port.
One needs to set up the appliance first (running a set-up command) and then configure the network functions through the command line before being able to use the web-based user interface. You can configure the tool for explicit or transparent proxy, in-line bridge mode, proxy-chaining, integration as an internet content adaptation protocol service or as a client with web cache communication protocol (WCCP) v2.
Once the network portion is configured, you can browse to the appliance IP and use the web-based user interface to perform the remaining configuration and management functions. The management console provides administrators with a tool for managing the entire Secure Web Gateway deployment from the policy server.
Website code or file content and behaviour are analysed in real time by identifying operations, parameters, script manipulations and other exploitations for a given piece of content; M86 can view in real time whether a piece of active content will perform a malicious action when loaded into a browser. In accordance with pre-defined security policies, M86's security system dynamically decides if content is safe for browsing, providing up-to-the-minute protection.
Meanwhile, M86's granular social media control gives organisations the power to block posts, comments or uploads to social networks such as Facebook and LinkedIn. There is also support for web-page repair, data-leakage protection, application controls, SSL inspection and certificate-error handling, as well as digital signature analysis of binary objects.
What's more, M86 code analysis includes handling of code-splitting. There is full lightweight directory access protocol and Active Directory integration available for user authentication. There are also a number of anti-virus and URL scanning options, each licensed separately, but one does have choices on scanning engines.
Basic eight-hours-a-day/five-days-a-week support is provided with the subscription fee, while "gold" and "platinum" support are available at an extra cost.
The only drawbacks we found were that the implementation and management documentation is not very comprehensive (we had to figure out a lot of the items on our own) and although the offering has many enterprise-level capabilities, it is limited to web-content filtering and requires a lot of work to configure, while load balancing is only integrated in the high-end chassis solution.