This product from TrendMicro is an integrated gateway security solution for
enterprises focused mainly on ftp and http traffic. Apart from anti-virus
protection, it also includes protection from malicious applications, Trojans,
spywares, and phishing. Along with these security features one can also find
access quota policies and IntelliTunnel. Access quota policy can be quite
befitting in an organization where the bandwidth is limited. One can set limit
for the bandwidth usage for a particular IP or group of IPs. IntelliTunnel is
basically used for blocking all the IMs running on the client machines.
A new feature in IWSA 3.1 is the Web reputation, which is meant for blocking web
site on the basis of the reputation the sites have scored. This device can be
configured as bridge mode, forward proxy, reverse proxy, and ICAP. It has
two-line display panel which is an added advantage, as the basic configuration
can be done through it. You can also make security rules to block or scan
ActiveX and Java applet.
|
The test
For our initial tests we configured this appliance in proxy mode.
Configuring the device was an easy job as it has easy-to-use GUI for management.
We tested it for a set of viruses and it was able to block most of them without
any glitches, further in the spyware testing also it worked fine. Next, we
configured the device to work in transparent mode (tests were done for both Full
transparent and transparent mode). We started the test by downloading a series
of viruses and this device proved itself by blocking 90% of viruses on the first
go. And among the 10% viruses which it was not able to block, most of them were
either 16-bit or inactive viruses. So, which means the device is capable of
handling around 99% of the live viruses. This result is good as compared to that
of ZyXEL 70 and ZyXEL 35 (reviewed September 2007) and was equal to Cyberroam
CR250i UTM (reviewed September 2007). The viruses on the list were mostly macro
viruses, zipped, zipped up to 2nd level and DOS-based viruses.
Further we ran couple of phishing tests which this device detected and in
result blocked the phishing web site. The anti-spyware capability was also good
as compared to that of most UTM which we had tested earlier. We also tested its
Web reputation capabilities, which is a unique feature in this device. For this
test we tried to open a set of malicious web sites which the device was able to
block instantly. Web sites that are known to be good or blocked by Web
reputation but are needed for legitimate business can be added to the approved
list, so that they do not get blocked. Note that approved web sites are approved
globally for all users.
BottomLine:: It is a focused security appliance
for emerging Web threats, providing protection against all the malicious
applications