FaceTime Communications' Internet Security Edition product review

In this product review, learn how FaceTime Internet Security Edition protects the enterprise from unauthorized use of applications such as instant messaging and VoIP. A hardened Linux rack-mounted appliance combined with a Windows-based server , the product catches malware, spyware and adware.

This Content Component encountered an error
This article can also be found in the Premium Editorial Download: Information Security magazine: Nine tips to guarding your intellectual property:

INTERNET SECURITY


FaceTime Internet Security Edition
REVIEWED BY SANDRA KAY MILLER

FaceTime Communications
Price: Starts at $7,125

@exb

@exe

FaceTime's Internet Security Edition tackles the greynet challenge of sifting Web traffic to differentiate between legitimate and unauthorized use of real-time communications applications such as instant messaging, Web browsing and VoIP.

The combination of RTGuardian (RTG), a hardened Linux rack-mounted inline appliance, and Greynet Enterprise Manager (GEM), a Windows-based server, delivers security at the perimeter and endpoint by identifying malware, spyware, adware and unauthorized traffic.


Configuration/Management B  
Despite well-written documentation, setup took extensive preparation and knowledge of Active Directory and domain credentials.

RTG enforces policies and ties into GEM, which provides centralized management and reporting through a secure Web interface.

GEM automatically discovers endpoints by querying the primary domain controller. Administrators can also specify a range of IP addresses and discover endpoints through ping and Windows Management Instrumenta-tion. In both cases, GEM failed to detect several Win-dows desktops and all our non-Microsoft machines.


Effectiveness A  
RTG controls traffic at the gateway, performing URL filtering and managing greynet applications. What really impressed us is FaceTime's approach to protecting desktops against malware, spyware and adware.

When RTG identifies malicious behavior, it feeds the data to GEM, which deploys a temporary client to clean the machine and scan for additional infection. It inoculates the machine, using ActiveX kill bits and Windows software restriction policies, which prevent the code from executing again. This feature stopped spyware cold, despite our repeated attempts to reinfect the machines.


Policy Control A  
We were able to set global and granular policies for Web browsing, Web mail, IM, file sharing, streaming media and VoIP.

For example, we allowed the use of certain public IM clients while prohibiting others. No one on our network was permitted to use P2P applications, and Skype was accessible only to the sales group. We could schedule automatic scans, spyware removal and inoculation. Poli-cies can be assigned according to multiple criteria such as IP address, host, user, domain and operating system.

Comprehensive URL filtering categories let us turn off access to generally prohibited and productivity-draining sites (porn, gambling, shopping, news, travel). Custom policies can be set by users, groups, location, file extension and content.


Reporting A  
GEM provides centralized reporting and logging; the real-time reporting dashboard includes activity blocked by RTG as well as GEM activity tracking infected computers.

In addition to providing statistical analysis for everything from infections to policy violations, FaceTime offers a variety of executive and auditing reports. Admin- istrators can quickly see the rate of spyware infections and spot trends as to what users/systems were most vulnerable and often infected, while auditors have access to detailed information about data transferred via various Web-based channels.

IM reports can be split into events and usage, providing detailed, critical information, such as transferred files. Reports can be sent via email or exported to an FTP server for automated distribution.


Verdict
FaceTime offers an effective and affordable solution to manage, control, secure and provide policy compliance around Web-based applications.


Testing methodology: The RTGuardian appliance was deployed on the span port of a DMZ switch; GEM Server was installed on a Windows 2003 Server. Numerous applications were tested, using malware including spyware and adware.

This was first published in May 2007

Dig deeper on Web Application Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close