M86 Secure Web Gateway (SWG) proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis (RTCA), dynamic web repair (DWR) technologies, and granular social media controls. The product is deployed as a policy server and scanning server. In a typical environment, one would deploy multiple scanning servers managed by a centralized policy server. For our review, we configured both on the single appliance.
The product is delivered either as a pre-loaded server-based appliance or as a virtual SWG appliance that works with a VMware ESXI v4.1 server. A physical 3000 series appliance was delivered to our lab. Initial setup does require some command line work as one needs to either secure shell (SSH) through the local area network (LAN) or terminal via the serial port. One needs to set up the appliance first (running a set up command) and then configure the network functions through the command line before being able to use the web-based user interface. One can configure the tool for explicit or transparent proxy, in-line bridge mode, proxy-chaining, integration as an internet content adaptation protocol (ICAP) service or as a client with web cache communication protocol (WCCP) v2. Once the network portion is configured, one can browse to the appliance IP and use the web-based user interface to perform the remaining configuration and management functions. The management console provides administrators with a tool for managing the entire Secure Web Gateway deployment from the policy server.
Website code or file content and behavior are analyzed in real time by identifying operations, parameters, script manipulations and other exploitations for a given piece of content. M86 can view in real time whether a piece of active content will perform a malicious action when loaded into a browser. In accordance with pre-defined security policies, M86's security system dynamically decides if content is safe for browsing, providing real-time protection. M86's granular social media control gives organizations the power to block posts, comments or uploads to social media sites. There is also support for web page repair, data leakage protection, application controls, SSL inspection and certificate error handling, and digital signature analysis of binary objects. As well, M86 code analysis includes handling of code-splitting. There is full lightweight directory access protocol (LDAP) and Active Directory integration available for user authentication. There are a number of anti-virus and URL scanning options, each licensed separately, but one does have choices on scanning engines.
Basic eight-hours-a-day/five-days-a-week support is provided with the subscription fees. Gold and platinum support is available for 10 and 20 percent fees, respectively. Implementation and management documentation is not very comprehensive. We had to figure out a lot of the items on our own. The offering has a lot of enterprise-level capabilities, but it is limited to web content filtering and requires a lot of work to set up and configure. Load balancing is only integrated in the high-end chassis solution. - ML