This hardware solution is suitable for both the hardened teleworker or a small office environment. It brings with it not only a stateful inspection firewall, but also the protection of a VPN. For the user logging into an enterprise, MD5 authentication comes into play. This ensures encrypted communications and also foils any attempt to steal the SonicWALL password.
The EdgeForce firewall with Performance Module 1 enabled incorporates a flexible demilitarised zone (DMZ) via a third port. This gives the ability to host public servers (email, FTP and web) from behind the firewall, and with this feature, non-authenticated access to servers behind the firewall can be granted, yet the private network itself is still completely shielded from the internet.
We looked at version 3.0 of this product in the virtual private network Group Test last year, and it is good to see it being evaluated as a firewall this time around. Astaro might not be a familiar name to most people, but it deserves to be if it continues to produce products such as this.
Symantec is a very old name in the security business, but it is not going to rest on its laurels. Its software-based Enterprise Firewall with VPN has had yet another upgrade since the last time we looked at it, and it offers quite a few new features to what was already a very powerful application. The application is also available pre-loaded on one of Symantec’s distinctive bright yellow appliances if you prefer.
Putting a firewall in the home office should be a natural thing to do. After all, you are not only protecting your user but also the data that they will be working on, and probably holding, on their machine. This security is just as important as the security in the main office, as liability on data and business-critical information could otherwise be breached with ease. This is where a small but powerful appliance from a developer with experience in both the enterprise and SOHO markets is going to come in very handy.
CyberGuard has a long and impressive track record in the firewall market, providing solutions from the desktop to those suitable for the high end, such as data centers. The SL2000 is positioned at the high end and, while certainly not the cheapest firewall in this Group Test, is worth every penny.
Swedish company Ingate may be a relatively new name in the firewall market, but its products have been getting an extremely positive reaction. The Ingate 1400 appliance is its solution for the medium-sized business; it is a black, 1U rack-mounted appliance, with four Ethernet ports, a COM port and a simple LED display.
This solution provides a network-based IDS, real-time session monitoring and internet/email content blocking. eTrust Intrusion Detection can be installed in standalone mode, or it can be distributed on separate machines. The intrusion detection program installs as a service under Windows NT/2000. As usual, the monitoring interface is a NIC in promiscuous mode, and therefore the presence of the IDS is concealed from the attacker.
NetScreen uses multi-method detection (MMD) in its IDS appliance, which also includes intrusion prevention options. MMD integrates stateful signature analysis with the detection of protocol anomalies, traffic anomalies, IP spoofing, layer 2 and SYN-flood attacks. Plus, it includes detection of ‘backdoor’ exploits and a network honeypot. The NetScreen IDP-100 is rated at 200Mbits/sec throughput, offering a choice of eight Fast Ethernet or two separate gigabit monitoring ports.
RealSecure 7.0 is the result of the integration between RealSecure and the BlackICE NIDS sensor technology. It runs on a dedicated machine and acts as a NIPS sensor to monitor a network segment, looking for intrusions or suspicious activity. If an intrusion is suspected, it can respond by recording details of the event. It can notify the network administrator, reconfigure the firewall, or terminate the event.