eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Facetimes Real-Time Guardian 500 appliance, running RTG 3.1 firmware (Build 1413), effectively blocks what the company terms “greynets,” applications of dubious nature—at least for enterprises—that sneak out over Port 80. eWEEK Labs found the RTG appliance effective not only at blocking spyware over HTTP connections, but also for shutting down unapproved instant messaging and peer-to-peer network connections. However, the RTG 500 whiffed on safeguarding FTP downloads.
Click here to read the full review of FaceTime Real-Time Guardian 500.
2
Facetimes Real-Time Guardian 500 appliance, running RTG 3.1 firmware (Build 1413), effectively blocks what the company terms “greynets,” applications of dubious nature—at least for enterprises—that sneak out over Port 80. eWEEK Labs found the RTG appliance effective not only at blocking spyware over HTTP connections, but also for shutting down unapproved instant messaging and peer-to-peer network connections. However, the RTG 500 whiffed on safeguarding FTP downloads.
The RTG 500 appliance, which costs $14,995 for a fully featured unit, supports as many as 2,500 users. The RTG 3.1 firmware, which started shipping in January, includes mandatory encryption to the management interface and integration with FaceTimes Greynet Enterprise Spyware Manager.
Ultimately, the RTG 500 was the easiest product to deploy of the three we tested. We connected the appliance to a switch monitor port downstream from the firewall, meaning that no network reconfiguration was necessary at all. Users should ensure the monitor port will support two-way communication, however, as the RTG 500 must deliver TCP resets to block illicit traffic and download attempts.
The RTG 500 easily identified our previously infected clients and denied most of our attempts to download new infections, missing a couple of rogue anti-spyware applications.
The RTG 500 includes easily configurable tools for creating customized blacklists, and, as with McAfees offering, allowed us to configure monitoring for HTTP ports over and above Port 80.
We could pick and choose among 18 categories of threats to protect against. We also could easily configure policy exceptions for certain IP addresses. However, the RTG 500 doesnt get fine-grained enough to allow different policies for different groups; instead, we could enable or disable spyware defenses only for each group.
The appliance also cannot monitor or block FTP traffic at this time, failing all our FTP-based download tests and thereby leaving a gaping hole in spyware defenses. FaceTime officials said this feature will be included in a future release of the RTG family.
Spyware, IM and P2P defenses are each managed individually, so we could, for example, enforce spyware policy while simply monitoring IM activity. We found that the RTG 500s IM and P2P defenses are effective, rooting out unapproved connections across the enterprise.
The RTG 500s reporting tools were good, but those in both McAfees and Mi5s products were better. However, we liked that the RTG 500 let us disable specific filters directly from the report interface, allowing us to take quick action against a false positive.
Next page: Evaluation Shortlist: Related Products.
Page 3
Evaluation Shortlist
Blue Coat Systems ProxySG Leverages Blue Coats caching technology plus third-party Web filtering solutions for spyware defense (www.bluecoat.com)
FaceTimes Real-Time Guardian 500 A solid anti-spyware solution, although lacking in fine-grained management capabilities; look for integrated gateway and desktop functionality and management soon (www. facetime.com)
McAfees Secure Web Gateway 3300 Excellent spyware and virus detection at the gateway but at a relatively high cost (www.mcafee.com)
Mi5s Enterprise Spygate 005 Purpose-built for spyware defense, Enterprise Spygate 005 is designed for small businesses but shows promise down the road for larger companies (www.mi5networks.com)
SurfControls Web Filter Born from Web filtering technology, SurfControl offers signature-based detection as well (www.surfcontrol.com)
Trend Micros InterScan Web Security Suite Offers both gateway- and desktop-oriented solutions for anti-spyware and anti-virus (www.trendmicro.com)
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.