June 11, 2004
- Ease of Use:
- Value for Money:
- Overall Rating:
: The URL and e-mail filtering facilities are a useful addition.
: The help system is not related to the screen content.
: This is a capable firewall that is simple to set up and provides a number of useful extras.
The unit has two distinct operating modes, NAT/Route mode and Transparent mode. In NAT/Route mode the device acts as a gateway between the LAN and the Internet, with the option of routing or NAT controlled by the security policies, while in Transparent mode the device operates behind a router or another firewall. The device looses its VPN capability in Transparent mode.
There are two main configuration methods available, a browser-based interface and a Command Line Interface. Some interface addresses can be configured from the front panel control buttons, which is useful for changing the operating mode and the management interface address before connecting the device to the management device. The default configuration allows internal network access to the Internet, but blocks all access from the Internet to the LAN. The system provides a wizard to set up the system initially, helping to configure interface addresses and adding any servers that might be on the network. The online help is comprehensive but is not related to the screen being displayed. There are a number of logging and reporting options, and the system can send e-mail alert notifications for various events including virus and intrusion incidents. Rule maintenance is straightforward.
The device did not respond to port scanning attempts but neither did it did log them at the default settings. The scanning attempts did appear in the traffic log however, so it would be possible to determine that scanning had occurred. The VPN management facility includes the ability to manage local and Certificate Authority certificates.
The unit supports Cerberian URL filtering as well as having its own internal lists.
E-mail can be filtered for banned words and addresses, and any that are intercepted by the system are not dropped but are forwarded to the intended recipient with a warning tag attached to the subject line.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Syrian Electronic Army redirects Gigya, briefly compromises media sites on Thanksgiving Day
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say