Strengths: The best social networking controls on the market, swift installation, true web content filtering, excellent IM and P2P app controls
Weaknesses: The numerous options can increase the price significantly
Verdict: FaceTime's USG solution has a keen focus on controlling social networking, but goes way beyond the abilities of common security appliances
Most UTM products can only block or allow all social networking activities by applying basic URL category filtering. FaceTime's new Socialite (short for 'social: IT enabled') feature allows you to permit access to social networking sites, but control what functions and activities users can engage in.
Along with an SaaS deployment option, FaceTime offers Socialite as a module for USG appliances. On review we have the USG 530, which supports up to 7,000 users. There's more - the appliance offers anti-spyware and AV measures, augmenting these with full control over IM and P2P apps.
Plenty of new features are provided in the latest firmware version, with the Socialite module providing content moderation controls and archiving for Facebook, LinkedIn and Twitter. The appliance can also run the Squid web proxy cache, it supports ISA proxy deployments and provides safe search controls for Google, Yahoo and Bing.
Optional URL category filtering is available, but FaceTime goes one step beyond the rest as it also offers web content filtering. Many vendors want you to think these two functions are the same, but they are completely different. The former matches the address typed into a user's browser with a URL category database to decide whether access should be allowed. True content filtering, on the other hand, as offered by FaceTime, looks at the content in the web page and can control access based on words and phrases.
Deployment was easy, as the appliance uses one of its Gigabit ports to monitor all network traffic and the second for its IM proxy. The latter is another valuable feature, as it allows the appliance to analyse all IM activity in real-time, check for banned words and phrases and issue challenges when users attempt to send messages.
The USG employs Layer 7 packet inspection to identify applications on the network and can be set initially to run in a passive monitoring mode. The amount of information is impressive: the appliance identified all our test systems running apps such as Windows Live Messenger, BitTorrent and iPlayer and provided a complete rundown on bandwidth usage.
The web console dashboard has been updated with a new Flash-based dynamic real-time view. Along with a graph of appliance performance and two tables showing general network activity, three more views based on custom reports can be added.
The dynamic view is of limited value, as it doesn't provide as much information as the standard classic view. This offers a complete overview of all activity, including colour-coded traffic graphs for each application class, plus full summaries for the IM, P2P, application, malware and web filtering categories.
Access is controlled with policies that can be applied globally or to specific AD users and groups or IP addresses and ranges. These can be easily fine-tuned using the statistics and reports provided by the appliance in its discovery phase.
For popular IM apps such as Windows Live Messenger, you can permit or deny access to functions such as games and video, stop users talking to external IM users or non-employees, control file transfers and subject them to virus scans. Disclaimers for each function can be sent to IM users when they try to access them, and messages with specific keywords can be blocked or challenged.
The Facebook, LinkedIn and Twitter usage controls offered by Socialite are superb. For Facebook, there are nearly 50 control settings whereby you can block or allow access to features such as account and application settings, friends, games, uploads and video. Post controls are also provided to allow or block users from chat, postings, friend lists etc.
The new LinkedIn controls are equally impressive, as you can block access to functions such as groups, discussions or company and job searches. Post login controls can be applied to block users from activities, including sending invites, posting messages, editing profiles and writing recommendations.
FaceTime's URL filtering provides 55 categories to block or allow and AUPs can be sent to each user that they must agree to if they want web access. Content scans support web pages, text files, documents and archives and can be applied to both inbound and outbound traffic.
Usefully, content scans can be linked with the URL category database so different policies can be applied to selected types of websites. Lexicons store lists of words to be scanned for and you can passively monitor activity, ask to be alerted when a policy is triggered and block the activity.
The dynamic dashboard view may not be overly impressive, but FaceTime's new dynamic reports improve greatly on the basic features offered in previous versions. These provide a selection of predefined reports, covering a wide range of activities including web usage, IM proxy activity and content scanning. They can also be copied, pasted and edited to create custom reports in graphical and tabular formats.
If you want total control over social networking in the workplace, then FaceTime has the answer. Its USG appliances are far more aware of these activities than any other solution currently available and they also deliver excellent IM and P2P app controls, with true web content filtering and anti-spyware services.