Blue Coat ProxySG [EOL] Review

Now we are able to inspect full SSL traffic.


Valuable Features

  • Granular security policy
  • Ability to use as a Forward or Reverse Proxy
  • ICAP integration, high performance SSL
  • High performance web acceleration
  • Integrates well with other vendors

Improvements to My Organization

The ProxySG allowed us to inspect full SSL traffic now without breaking a sweat. No more outages due to capacity, or DDoS.

Room for Improvement

Blue Coat advertises the ProxySG as a WAF, but it really isn’t. I would like the ProxySG to have full WAF features that will detect XSS, SQLi, CSFR, etc.

Use of Solution

I've used it for over 10 years.

Deployment Issues

The policy is very complex, and their CPL code requires some time to learn it. Once it was inpProduction, no issues were encountered with the migration.

Stability Issues

The ProxySG is a strong workhorse when compared to other proxy vendors.

Scalability Issues

We had a load balancer in front of the ProxySG’s. But for customers who do not have a load balancer, they may run into scalability issues.

Customer Service and Technical Support

Customer Service:

Blue Touch support is top notch and very responsive when I opened service requests.

Technical Support:

Their support engineers are very knowledgeable of the products. I never had to get my service request escalated because it was immediately solved every time.

Previous Solutions

We previously used Network Appliance NetCache proxies, but Blue Coat acquired the NetCache series and phased it out. We reviewed a NetCache replacement and it was determined the ProxySG was the better candidate for use.

Initial Setup

It was somewhat complex at first, but was able to migrate successfully because of rigorous testing before going into production.

Implementation Team

It was implemented in-house.

Other Solutions Considered

Blue Coat products are very expensive, but definitely worth a comparative analysis when choosing a proxy replacement. We looked at NetScaler, F5, and WebSense. Incorporating either one of those vendors required a full re-architecture of our front end which was not an option due to our complex network architecture.

Other Advice

Be sure to get the proper sized appliance, better to be over than undersized just in case of spikes in your network.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email