Mi5s enterprise Spygate appliances have a bit of an identity crisis: They are designed to handle enterprise-grade traffic, but they also feature overly simple management tools, designed for small-business administrators who would likely get overwhelmed by too many choices.The 005 can be easily deployed via a switch monitor port, which gave us insight into the networks spyware conditions without having to reconfigure the network. However, unlike FaceTimes RTG 500, Mi5s 005 cannot block Web activity in this configuration. For blocking, we deployed the 005 in-line, transparently bridging between the firewall and LAN. Unlike McAfees SWG 3300, all Mi5 appliances include Ethernet port pass-through, which allows the devices to pass traffic to the Internet even if the appliances crash or die. In download tests, the 005 performed the worst among the three products reviewed, missing several rogue anti-spyware applications and even giving a pass to a site infecting others with a Windows Metafile exploit. The 005 did catch FTP-borne threats, although in an unusual fashion. Due to some irregularities with the FTP implementation in Microsofts Internet Explorer, the 005 cannot terminate the FTP download outright. Instead, the device replaces the infected download with garbage bits. The infection is thwarted and the central log is notified, but the user is not aware that anything occurred and is left wondering why the downloaded file doesnt work right. We have a laundry list of management-related concerns with the Enterprise Spygate appliances: We could not configure additional HTTP ports to monitor; we could not initially use wild cards when creating customized blacklist rules; we could not create policies that enforce different rules for different computers or IP ranges; and we had to manually stop and start the anti-spyware module to implement any filter changes, which required some annoying switching between in-line management and out-of-band management. Mi5 officials readily acknowledged the shortcomings of their infant product line and said they are implementing upgrades at a furious pace. During our time with the product, in fact, we saw four firmware upgrades emerge, including one that addressed the URL wild-card problem. Next page: Evaluation Shortlist: Related Products.
eWEEK Labs tested 005, the middle model in Mi5s five-product Enterprise Spygate line. Designed to accommodate up to 100M bps of throughput and 1,000 concurrent users, the 005 is priced at $5,995 for the appliance plus $2,995 for a one-year signature subscription.