Must have if you have Symantec Proxy Server
- 0 day detection and prevenion
- Flawless integration with Symantec Ecosystem
- Integration with other vendors supporting ICAP is also working
- Custom and golden image support
- High performance on busy environments
- Many threats are already detected and prevented through the CAS, it improves the performance drastically.
- Already builtin virustotal integration
- Reference to updates and updates information where I can see the product/service detecting which APTs
- Multiple Antivirus engines which you can select/subscribe
- Manual submission of file is supported through the gui
- URL manual submission is also supported
Cons
- API support is lacking
- Symantec/Broadcom security vision in general
- Symantec support is not perfect
- You can't run the product as a standalone network device
- No packet capture capabiliy or work in span mode
- You need a dedicated hardware to make it run
- You need to buy
- Flawless Integration with Bluecoat -Symantec proxy servers
- Additional and flexible choice of different antivrus providers, like we have Mcafee at the front, than Karpersky and than the Sophos on CAS for static analysis.
- Manual submission support for sandboxing. I don't need to pay for additional solution just for manual submission.
- Already integrated with Bluecoat webpulse environment for analysis
- Ability to customize and select the sandbox images
- 0-day and APT risk is covered by the SCMA
- As the SSL is inspected and analyzed at Bluecoat proxy servers, hidden threats, malicous files are passed to SCMA to be analyzed.
- Getting full visibility at file trajectory level
- As it's a full proxy and ICAP integration, we are sure that the files are to analyzed and scanned for malicious activity. This is a big plus compared to NGFW analyze concept, as the NGFWs have special failsafe mechanisms allowing bypass of file analysis. SCMA fully catches the hidden threats.
- Flawless integration with Bluecoat systems is a big plus, customers are getting the same type of messages within their browsers.
- A negative impact is the standardization when I deploy SCAM to one of our locations. Then the auditors demand the same coverage within other areas and it comes with the cost. Especially maintaining these devices on premise environment has a significant cost.
- FireEye Network Security, FireEye Security Suite, Palo Alto Networks WildFire, Check Point ThreatCloud and McAfee Advanced Threat Defense