Finjan Vital Security NG-1100 review
SMBs looking for a web content security solution are spoilt for choice, but Finjan’s Vital Security appliances sport a number of unique capabilities. The NG-1100 is the starting point of the Vital Security family and supports up to 1,000 users. It comes with Finjan’s Web Security Suite (WSS) installed, to which you can add anti-virus and URL-filtering tools.
The most prominent feature of the WSS is Finjan’s patented behaviour- blocking technology, which works at the application level to identify malicious content in web traffic. It analyses code behaviour to determine if it’s attempting anything malicious and will block it accordingly. Finjan’s Anti.dote aims to fill the gap between a new exploit appearing and a patch being made available. As soon as an exploit is discovered, Finjan creates and downloads behavioural rules to the appliance, enabling the scanning engine to look out for it and block it. Anti-spyware is the third WSS component, and Finjan employs a range of preventative measures that also includes behavioural analysis.
The NG-1100 functions as an explicit or transparent proxy. We opted for the former, which is the default. For the latter, you don’t have to configure your client’s browser, but you’ll need to redirect LAN and WAN traffic to the appliance for scanning, and you won’t be able to perform proxy-level user authentication.
Installation is handled well: point a browser at the default management port and a wizard takes you through choosing a modus operandi, licensing and configuring network ports. Although the appliance has six ports, most will use only the first Gigabit port. You can use other ports to connect different subnets, but the appliance will route between them, which isn’t desirable. After adding details of our gateway and reconfiguring our client’s browsers, we were up and running in minutes. The optional anti-virus measures are extensive. You can choose from Kaspersky, Sophos and McAfee, while SurfControl handles URL filtering. Policies are used extensively to control web access and comprise collections of rules that contain a range of conditions and actions. Usefully, a default web policy is activated once the wizard has completed, so the appliance can start filtering immediately.
Policies make the NG-1100 very versatile, as they can be applied to different users and groups. You can define users by their IP address, but we found it easy to import a list from our AD server using LDAP. Usefully, each rule within a policy can be run in a passive X-Ray mode that logs only actions. Finjan scores well for reporting, as you can create reports on anything from blocked websites to viral activity by engine, select a time period and user group and opt for HTML, PDF or Excel output.
With all the features activated, the NG-1100 is pricey for small businesses.The Panda GateDefender Integra 100 is a good-value solution that includes firewalling, email scanning and intrusion detection. Nevertheless, larger businesses that want the toughest web content security will find that this is one of the best solutions available.