bluecoat 700x150

Content Analysis System S200/S400/S500

Gain Advanced Malware Protection At The Web Gateway


  • Fewer appliances mean less management and rack space, providing a better ROI.
  • Built-in investment protection with 4 and 5 year service contracts
  • Best-of-breed architecture
  • Innovative layered approach to security
  • Integration with Blue Coat eco-system
  • No tradeoff between security and performance
  • Delivers enterprise-class, comprehensive malware detonation and analysis using a unique, dual-detection approach to quickly analyze suspicious files and URLs, interact with running malware to reveal its complete behavior, and expose zero-day threats and unknown malware.

The Blue Coat Content Analysis System is a layered platform that offers you the best protection against known, unknown, and targeted attacks. Combined with Blue Coat ProxySG appliances, the Content Analysis System uses a cutting-edge, layered approach to protecting against known and unknown threats, and includes AV technology, whitelisting, static code analysis, and dynamic analysis (sandboxing). This fusion of content and malware analysis sandboxing functions provides the best malware protection against targeted attacks on the market today.

Together, the Content Analysis System and ProxySG deliver superior performance and scalability, so you can protect against viruses, Trojans, worms, spyware, and other forms of malicious content – even when users aren’t running anti-malware software at the desktop.

Inline Threat Analysis

The Content Analysis System’s best-of-breed strategy allows Blue Coat to partner with visionary security vendors to offer superior protection. Leading malware engines from Kaspersky™, Sophos™, and McAfee® are supported with updates as frequently as every 5 minutes, providing better protection than desktop anti-malware solutions. Threat detection engines include checksum signature matching for known threats, command and content behavioral analysis for proactive detection, and emulation mode for deep script and executable analysis.

Unique to Blue Coat, deferred scanning keeps long load objects like web radio and other media out of processing threads, optimizing web gateway performance. The Content Analysis System supports four modes of content analysis; including traditional object analysis, trickle first or last stream analysis, and deferred scan.

The system can be configured to analyze both inbound and outbound traffic and include options such as set time-out duration, drop file if errors in detection occur, and define trusted sites. Policy can be set for allow/deny lists, with extensions, along with file size and content type restrictions. Alerts and log files can also be customized.

Scan Everything

The Content Analysis System provides best-inclass malware scanning with performance and security, and can scan files up to 5GB in size and analyze compressed archives up to 99 layers deep. When files are properly unpacked, the Content Analysis System gains the ability to reveal malicious content that may have been intentionally hidden, exposing intended behavior.