The Wedge BeSecure Anti-malware Gateway is a family of web security appliances, capable of real-time deep content inspection for thousands of concurrent web, email, and FTP sessions. BeSecure incorporates best-of-breed content security techniques to protect the network by inspecting commonly used application layer protocols, such as HTTP, SMTP, POP3, IMAP and FTP. We tested the 1005G model, which is sized for midsized organizations or 500 users. There is also a software option available for VMware virtual environments.
Initial configuration was done by connecting our test PC via a crossover cable to the ingress interface. Once we configured the network components, we were ready to move on. We did not have to license our appliance as that was already done for us. The flexible deployment options make this product easy to integrate into any environment. We chose a transparent bridge mode option for our testing, but one has various route-based modes, web cache communication protocol (WCCP) or internet content adaptation protocol (ICAP) options and high availability cluster mode options. The product focuses on content inspection, so configuration is focused on these features. There really isn't a firewall or intrusion detection system (IDS) component. One can map protocols to ports, but that is really all the configuration admins do at that level. That said, it does do content inspection and data leakage protection very well. Keyword filtering for data leakage and breach prevention allows content to be inspected down to individual words and patterns contained within web traffic. These features are fully customizable with specific expressions, enabling organizations to prevent the leakage of confidential information leaving the organization through internet protocols.
With an Open Service Bus (OSB) technology, BeSecure easily integrates with best-of-breed security engines, including complete Kaspersky malware signature database, heuristic ability and per-hour signature updates. It also contains a Cloudmark anti-spam, anti-phishing engine that is updated every 45 seconds. An add-on option contains a complete SmartFilter web filter database with 90-plus web categories, including malicious sites. There is an option for traffic capture, but it is limited to a 10MB file size and there isn't a way (that we found) to review it on the appliance.
Logging is contained on the appliance and also can be configured to send off to a syslog server. Event monitoring and searching is easy to use. Alerting is available for certain security and system events, and is sent out via email. Reporting is a strong point and is well done. Dashboarding is excellent, with the ability to drop data to a report and export it to a .cvs or PDF.
Documentation is complete. The initial setup guides are sufficient to get up and running and the user manuals are built into the interface. Support must be purchased on top of the product purchase and there are basic, eight-hours-a-day/five-days-a-week and 24/7 options available.- ML