IT Pro Verdict
Although the latest software version doesn’t introduce any radical improvements, the SWG 3000 is clearly capable of dealing with today’s increasingly sophisticated web attacks. Its active real-time content inspection can be teamed up with a choice selection of anti-virus measures and web content filtering and the option to deploy appliance and cloud-based scanning will appeal to larger businesses with remote offices.
The majority of network security products can only react to web-based threats once they've been identified and the vendor has come up with an attack database update, a new signature file or a patch to protect against them. The SWG appliances from M86 Security aim to be more proactive and are designed to provide instant protection as new threats emerge.
In this exclusive review we look at the entry-level SWG 3000 which introduces M86's latest v10 code that was announced in October. The SWG 3000 targets mid-sized companies of up to 1,000 users and is based on the good-quality IBM System x3250 M3 rack server.
When we reported on the new v10 code release, M86 advised IT Pro about its Dynamic Web Repair feature which cleanses web pages of malicious code before presenting them to the user. In reality this has been in the SWG products from the start and is part of its active real-time content inspection.
The more common sandbox technique requires suspect code to be run in a fenced off area in memory. Rather than do this, the appliance passively inspects the code as it comes in to determine what it is trying to do. If the code is deemed to be malicious it blocks and removes it, so presenting the user with a sanitised web page. It didn't affect web page rendering speeds in our tests, nor did it mark any legitimate code or pages as malicious even when using web apps.
Dynamic Web Repair is included in the yearly SWG subscription which also provides protection against spyware. It includes M86's Anti.dote service which automatically pushes a new set of rules to the appliance to provide additional protection when a new threat is spotted.
Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.
Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.