It prevents malware from "phoning home" (sending credit card or other sensitive data back to the cyber attacker). The perfect product helps remove malware from infected endpoint computers. It produces useful reports and timely alerts. It's robust and reliable, it scales well and it's easy to use and deploy.
Five vendors answered our call to submit products to our lab for evaluation. We received anti-malware gateway devices from McAfee (WW 1900E Web Gateway V6.8.6 appliance), Facetime (Unified Security Gateway V3.0 appliance), Symantec (8450 Web Gateway 4.5 appliance and 8300 Mail Security V7.5 appliance) and Websense (Web Security Gateway V10000 appliance).
Trend Micro sent software that runs on servers that you provide -- Interscan Web Security Virtual Appliance 5.0 and Interscan Messaging Security Virtual Appliance 7.0, plus a central console reporting module (Advanced Reporting and Management 1.0).
McAfee's Web Gateway appliance wins the Clear Choice award, but the race was a tight one. McAfee's appliance thwarted more malware -- with lower latency -- than the other gateways. The other products, however, also did a credible job of keeping malware off our network.
It's clear that the most important criterion for an anti-malware gateway is its success rate at blocking malware. McAfee Web Gateway fared best in our tests, turning aside 99 percent of the malware instances we threw at it.
We attacked each vendor's product with 100 spyware, adware, Trojan and rootkit downloads. These malware instances included older classics such as CashBackBuddy, Casino Dialer, SearchEssistant [sic], Searchforit, SearchMiracle.EliteBar and SearchSquire, as well as freshly-minted malware such as Generic Downloader.x!brz, Generic Rootkit.dt.dr, W32/Akbot.gen.a, Bredolab.gen.h, FakeAlert-MaCatte, Whitewell, Opachki.a, Ransom-N and PWS-CuteMoon.
Coming in tied for second with a 96 percent success rate were the The Facetime Unified Security Gateway and the two Trend Micro products. Symantec Web Gateway and Mail Security and the Websense Web Security Gateway V10000 managed to block 94 percent.
When we tested how well the products thwarted phishing attempts, McAfee's Web Gateway fared best, recognizing and foiling 90 percent of the scams. We fed each gateway a diet of 500 selected phish accompanied by another 500 non-phish messages.We composed several of the phishing messages ourselves, embellishing the text and obfuscating both the syntax and spelling in order to sneak our phish around the net. Accurate recognition of good vs. bad was our criterion.
The Trend Micro Interscan Web Security Virtual Appliance and Interscan Messaging Security Virtual Appliance recognized 84 percent of the phishing attempts, the Symantec Web Gateway and Mail Security identified 76 percent and the Websense Web Security Gateway V10000 achieved 73 percent.
The Facetime appliance we tested was not able to scan for phishes. However, the vendor announced recently that the latest version of its Unified Security Gateway will be able to scan for phishing attempts when the product is used in conjunction with a Bluecoat proxy device, and, eventually, ISA and Squid proxies, as well.