FaceTime USG-320 review

The growth of social networking has been nothing short of explosive over the past couple of years, but for businesses it represents a very real security risk. FaceTime specialises in this area, and its latest USG appliances deliver levels of control over these activities that are far more sophisticated than anything else on the market.

In this exclusive review, we look at the USG-320, which can handle up to 2,500 users. A key feature of the FaceTime solution is its optional Socialite (social: IT enabled) module, which focuses on managing employee access to Facebook, LinkedIn and Twitter.

FaceTime offers Socialite as a SaaS deployment option, but the appliance also offers superb IM and P2P app controls, web content filtering and antispyware services. Other new features in the latest firmware version include Safe Search controls for Google, Yahoo and Bing, the option to run the Squid web proxy cache locally and support for ISA proxy servers.

Deployment is simple: one port monitors all network traffic from a switch span port, and the second brings FaceTime's IM proxy into play. This takes IM app control to higher levels since it can scan all messages as they're sent, check for unacceptable content and issue challenges to users.

The Socialite functions allow you to control just about any activity on Facebook, LinkedIn and Twitter. For Facebook, you have nearly 50 control settings where you can block or allow access to features such as account and application settings, friends, games and video. Once users have logged in you can apply post controls such as blocking chat, postings, friends lists and so on.

The LinkedIn controls are just as sophisticated. We could use policies to manage access to all key features, including company and job searches. Using our own account to test this, we found we could easily block post login activities, including posting messages and sending invitations.

FaceTime offers both an optional URL category and true web content filtering, with the latter scanning web pages for specific words or phrases. This can also be applied to archives, text files and documents, and you can block access, passively monitor activity, be alerted when a user triggers a scan policy, and present users with AUP agreements.

The latest firmware adds new Flash-based dynamic views to the dashboard, although we prefer the standard classic dashboard since it provides more useful information. You get a full colour-coded graphical view of all network traffic along with individual summaries for IM, P2P, web and malware activity.

Activating the IM proxy brings a wide range of controls into play. You can stop users talking to external IM users or non-employees, permit or deny access to functions such as games and video, control file transfers, and force virus scans. All IM messages are scanned by the proxy, and if banned words are encountered you can stop the message being sent, challenge the user and send them a disclaimer they must agree to.

Businesses that want full control over social networking in the workplace should check out FaceTime's USG appliances. Nothing else can match them in this area: they deliver unbeatable IM and P2P app controls along with full web page and document content filtering.

Author: Dave Mitchell