The malware inspection engine is now ActionScript aware giving it a greater focus on Flash and PDF based threats. The new data leakage prevention feature is designed to scan a range of document types for specific keywords and block the transfer of any that match. It claims to scan FTP, HTTP and HTTPS traffic and support a range of document types including Word, Excel and PDF.
Distributed scanning options have been extended to Amazon's EC2 (elastic compute cloud) service. This allows you to deploy multiple virtual scanning appliances run by Amazon which can be centrally controlled by your own SWG policy server.
All these features are brought together with policies which comprise rules containing conditions and actions. Each rule focuses on a specific threat type so you'll have ones for dealing with malicious content, file blocking by extension, web content blocks, anti-virus scans and so on.
There are a lot of rules to choose from but a set of default policies are provided so traffic filtering can start immediately. You get three main policies for basic, medium and strict security levels and each contains around 40 rules.
New policies are easy to create as you can clone existing ones and modify the copies to suit. Rules are placed in order of priority and the X-Ray feature will prove handy for testing as this can be applied to whole policies or specific rules where it runs them passively.
Policies are applied to groups of users and any unknown user is automatically placed in a default group to which you can apply a policy of your choosing. Naturally, proxy authentication can be applied and the appliance supports LDAP and Active Directory.
The anti-virus scanners and web content filters are also configured with rules and the Websense option offers over 50 URL categories to choose from. URL filtering proved to be very effective as with the games and gambling categories blocked our attempts to access online bingo and gaming sites were all rebuffed.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Women show more team spirit when it comes to cybersecurity, yet they're still missing out on opportunitiesNews While they're more likely to believe that responsibility should be shared, women are less likely to get the necessary training
-
OpenAI wants developers using its new GPT-4.1 models – but how do they compare to Claude and Gemini on coding tasks?News OpenAI says its GPT-4.1 model family offers sizable improvements for coding, but tests show competitors still outperform it in key areas.
