Facetimes Real-Time Guardian 500 appliance, running RTG 3.1 firmware (Build 1413), effectively blocks what the company terms "greynets," applications of dubious natureat least for enterprisesthat sneak out over Port 80. eWEEK Labs found the RTG appliance effective not only at blocking spyware over HTTP connections, but also for shutting down unapproved instant messaging and peer-to-peer network connections. However, the RTG 500 whiffed on safeguarding FTP downloads.Click here to read more about fighting anti-spyware at the gateway. Ultimately, the RTG 500 was the easiest product to deploy of the three we tested. We connected the appliance to a switch monitor port downstream from the firewall, meaning that no network reconfiguration was necessary at all. Users should ensure the monitor port will support two-way communication, however, as the RTG 500 must deliver TCP resets to block illicit traffic and download attempts. The RTG 500 easily identified our previously infected clients and denied most of our attempts to download new infections, missing a couple of rogue anti-spyware applications. The RTG 500 includes easily configurable tools for creating customized blacklists, and, as with McAfees offering, allowed us to configure monitoring for HTTP ports over and above Port 80. We could pick and choose among 18 categories of threats to protect against. We also could easily configure policy exceptions for certain IP addresses. However, the RTG 500 doesnt get fine-grained enough to allow different policies for different groups; instead, we could enable or disable spyware defenses only for each group. The appliance also cannot monitor or block FTP traffic at this time, failing all our FTP-based download tests and thereby leaving a gaping hole in spyware defenses. FaceTime officials said this feature will be included in a future release of the RTG family. Spyware, IM and P2P defenses are each managed individually, so we could, for example, enforce spyware policy while simply monitoring IM activity. We found that the RTG 500s IM and P2P defenses are effective, rooting out unapproved connections across the enterprise. The RTG 500s reporting tools were good, but those in both McAfees and Mi5s products were better. However, we liked that the RTG 500 let us disable specific filters directly from the report interface, allowing us to take quick action against a false positive. Next page: Evaluation Shortlist: Related Products.
The RTG 500 appliance, which costs $14,995 for a fully featured unit, supports as many as 2,500 users. The RTG 3.1 firmware, which started shipping in January, includes mandatory encryption to the management interface and integration with FaceTimes Greynet Enterprise Spyware Manager.