McAfee WebShield e250
The e250 appliance proves you do not have to reinvent the wheel by cooking up new hardware when existing hardware can be tailored to suit the task. Without being derogatory, the e250 is nothing more than a Pentium III desktop PC running Red Hat Linux and an antivirus engine. The PC includes a reliable Intel motherboard and two 10/100 Ethernet connectors, one integrated into the motherboard and the other on a PCI card. As with any typical PC, should the need arise the unit’s memory and hard drives can be expanded or upgraded.
Configuration of the unit is surprisingly simple; we connected a notebook up to LAN port 1 with the supplied crossover patch cable for immediate access to the configuration page through our Web browser. It was then a simple matter to configure the network settings (which surprisingly took less than 10 minutes) and remotely reboot the e250 for the new settings to take effect. Also during the initial setup the decision must be made whether to configure the unit as a proxy or simply set it to transparent mode.
Upon rebooting the Web interface gains a whole new swag of functionality and for the first time the user is presented with the e-mail and antivirus configuration options.
The interface may not be particularly pretty but it is definitely simple and very easy to navigate. And because there is no need to drill down through multiple menus, even a novice user can find their way about at a glance.
The antivirus engine includes the ability to independently configure the method of scanning and actions on incoming and outgoing data. There are three user definable levels of scanning—the highest scans all files, including compressed, while the lowest only scans executable and MS Office files. There is heuristic analysis for unknown macro and program viruses and you can select either clean or delete when a virus is found. You can also select to have the virus quarantined if the cleaning fails. If a virus is found both the receiver and sender can be automatically notified.
The e250 supports SMTP, POP3, FTP, and HTTP protocols. In terms of functionality, the appliance is very flexible—in the case of e-mails the e250 can be configured to not just block relaying but fine tune it to permit or deny domains and also right down to user specified e-mail address character patterns. The configuration of settings for content scanning, anti-spam, and attachments is also quite flexible.
Web browser content blocking extends to specifying URL substrings and any of Active X, Java, and scripting languages in general. The e250 has quite robust logging, reporting, and alerting options but if you want absolutely all the bells and whistles in this department McAfee’s e Policy Orchestrator delivers. The ePO also manages desktop client and server antivirus administration as well.
| Product: | McAfee WebShield e250 |
| Price: | AU$11,995 |
| Vendor: | Network Associates |
| Phone: | 1800 644 646 |
| Web: | www.mcafeesecurity.com |
|
|
|
| Interoperability: |
Screens HTTP, FTP, SMTP, POP3 and has exceptionally flexible and feature-rich virus and content scanning. |
|
|
|
| Futureproofing: |
Automatic virus signature updating. |
|
|
|
| ROI: |
Feature-rich antivirus appliance at a reasonable price. |
|
|
|
| Service: |
½1-year warranty; phone, e-mail (Mon-Fri 9 to 5 but 24/7 is available), and Web support. First year support is free but subsequent years are $2000. |
|
|
|
| Rating: |
½ |
|
|
|
10%
8%
Once you know what modern worms do with emails (hint: they fake "from" field), thinking like "it would be helpful if the AVA sent a message back to the sender warning them that they passed on malicious code" is, in my opinion, step in spreading spam around the world.