Blue Coat SystemsProduct:
It is possible to create complex security rules.
There are some minor errors in the documentation.
A versatile device that offers IM security to the smaller enterprise.
Blue Coat's ProxySG 200 system is a 1-U height rack-mountable device that provides proxy services for the small enterprise network. Using Blue Coat's secure SGOS operating system, it offers a range of proxy services and security features for a number of internet applications.
Its instant messaging features address the more common IM clients, namely those from AOL, Microsoft and Yahoo!.
Initial configuration can be carried out through either a Java-enabled web browser or through a command line interface over a serial connection. We configured the device using the serial connection after our attempt to use the browser connection failed because an error in the documentation gave the wrong connection details.
We obtained the correct information from the serial configuration, and we could then use the browser-based management interface. However, the standard of documentation was generally good, despite this.
The system offers the ability to configure polices controlling IM clients based on a large number of criteria. Policies can be applied globally, to groups of users or to individuals, and actions can also be applied to individual files. It is possible to block any or all IM services on the same basis, or to restrict access to certain services to particular time slots.
Quite complex rule sets can be created to cover most requirements, although careful planning would be needed to avoid leaving gaps in the security screen. The system can also control clients that use an http proxy.
Its content-filtering service can be configured to trigger alerts if defined key words are found, and the transmission can be blocked, if necessary. There is also a "reflection" feature that spots whether clients are operating on the same internal network, and simply routes traffic between them, instead of forwarding it to the public IM server.
The management interface has access to all aspects of the device's configuration and operation, with real-time statistics and graphs of the device's performance and traffic throughput. There are extensive archiving and reporting options allowing for detailed auditing of IM sessions.