One of the few holes that is intentially left open on firewalls is through Port 80. Port 80 is of course the standard port for web traffic. The past few years port 80 transactions have taken new meaning with the advent of web services. Web Services issue transactions and XML data exchange through the web port. Unfortunately newer virues and hackers are exploiting this hole to attack servers and networks. Viruses such as Code Red and Nimba were launched through worms that passed through port 80. Blue Coat Systems has introduced its Security Gateway (SG) 800 appliance as one of the first port 80 security appliances to protect systems from these types of attacks.

One of the main problems with trying to provide protection on data passing through port 80 is the hit on performance. Analyzing data passing through the port slows down data throughput which can be problematic with high performance sites. To offset this the SG800 has integrated web caching and security policy-processing engine. These features allow the security appliance to inspect traffic by objects and functionality instead of by packets which degrade performance significantly. SG800 works in conjunction with third party virus scanning software and firewalls. In standard installation scenarios it sits behind the perimeter firewall and its security policy-processing engine determines if it needs to run virus scanning, content filtering or other types of code protection. Its embedded caching capabilities allows the scanned content to be cached and served out immediately upon the next request.

SG800 is packaged in a standard 1U rack mount enclosure. The base unit has 512MB of RAM that can be expanded out to 2GB. It comes with 18GB of SCSI drives and can be expanded out to 292GB. Network connectivity is through 2 10/100 Mbps Ethernet connection with and expansion slot for another Ethernet port. It runs on Blue Coat Systems' own proprietary operating system called Security Gateway OS.

SG800 is a closed system that is built for speed and security. Their OS was not built to be flexible with wide ranging support and features like most OSes, it was streamlined for efficiency and to lock down security holes. Its main function is to start the Web Knowledge Framework and security policy-processing engine. As mentioned above the policy-processing engine performs the security checking functions. The Web Knowledge Framework is data container that describes transactions, objects, and functionality of data passing through port 80. The security decisions made by the policy-processing engine is derived from information embedded within the Web Knowledge framework.

The security appliance can be configured by either a browser based Java applet console, command line interface (CLI), or through Blue Coat's Configuration Management Appliance. SG800 includes firewall like features for blocking of Denial of Service Attacks, URL Filtering and MIME Content Filtering. It also can limit bandwidth used by streaming media so that it doesn't bog down the rest of the network traffic.

Pricing and Availability

Blue Coat's SG800 Port 80 Security Appliance is available and can be purchased directly from Blue Coat. The price for its base configuration is approximately $5,995.

(For access to more than 4,500 other hands-on product reviews on all variety of wired and wireless appliance and consumer devices, go to the iAppliance Web Portal Page. )