June 11, 2004
- Ease of Use:
- Value for Money:
- Overall Rating:
: The URL and e-mail filtering facilities are a useful addition.
: The help system is not related to the screen content.
: This is a capable firewall that is simple to set up and provides a number of useful extras.
The unit has two distinct operating modes, NAT/Route mode and Transparent mode. In NAT/Route mode the device acts as a gateway between the LAN and the Internet, with the option of routing or NAT controlled by the security policies, while in Transparent mode the device operates behind a router or another firewall. The device looses its VPN capability in Transparent mode.
There are two main configuration methods available, a browser-based interface and a Command Line Interface. Some interface addresses can be configured from the front panel control buttons, which is useful for changing the operating mode and the management interface address before connecting the device to the management device. The default configuration allows internal network access to the Internet, but blocks all access from the Internet to the LAN. The system provides a wizard to set up the system initially, helping to configure interface addresses and adding any servers that might be on the network. The online help is comprehensive but is not related to the screen being displayed. There are a number of logging and reporting options, and the system can send e-mail alert notifications for various events including virus and intrusion incidents. Rule maintenance is straightforward.
The device did not respond to port scanning attempts but neither did it did log them at the default settings. The scanning attempts did appear in the traffic log however, so it would be possible to determine that scanning had occurred. The VPN management facility includes the ability to manage local and Certificate Authority certificates.
The unit supports Cerberian URL filtering as well as having its own internal lists.
E-mail can be filtered for banned words and addresses, and any that are intercepted by the system are not dropped but are forwarded to the intended recipient with a warning tag attached to the subject line.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context