Blue Coat has added what it calls a "zero-second" anti-phishing capability to its ProxySG security gateway, which it claims can assess a requested web page in just 25ms.

The innovation, according to Nigel Hawthorn, the company's international marketing VP, is that as well as referring to both local and Internet-hosted databases of dodgy sites, the system includes algorithms to analyse as-yet unseen URLs for phishy behaviour.

"Only sites not already on those other lists go to our Dynamic Real-Time Rating (DRTR) engine," he said. "It looks at the site and the data on it - whether the SSL certificate is correct, if the site is on a valid IP for that bank, and so on."

The anti-phishing capability is a free update that extends ProxySG's existing ability to assess websites on the fly by adding new algorithms and policies, Hawthorn said.

"It's all about looking for patterns of information, these are just different patterns," he explained. "The more example of something you've seen, the easier it is to spot the next one. It's looking for the strange - phishers try to ape well-known sites, but our database and the others are well aware of what those look like."

He claimed that simply having a database of known bad sites - as anti-phishing toolbars typically do, for example - is no longer sufficient because of the speed with which criminals can now set up sites and move them around.

"Others claim they protect 'within' minutes, but that's really not good enough," he said. "Some phishing sites are only up for minutes, but they only need to hook a few victims in that time to make money.

"The key thing is assessing it and using that decision for the current user, not just putting in in your database for subsequent users, but I don't know anyone else evaluating websites on the fly."

Admins can then choose whether to block a suspect site outright, or divert the user to a warning that the site may not be what it seems.

One of the first customers for the dynamic anti-phishing capability said that it appears to work as promised.

"Our technicians say it does exactly what it does on the tin," confirmed Owen Rogers, a product exec for Cable & Wireless, which plans to offer it to its own customers as part of a managed web security service.