Network Engines NS6300
Dedicated management port helps secure firewall; easy to configure.
Lose one Ethernet port to management; Windows Server 2003 license increases price.
Best suited to smaller Microsoft-based enterprises, the NS6300 is easy to configure and brings ISA appliances to a more affordable level.
Network Engines, along with Celestix and its MSA4000, is the second company in this test to use Microsoft's Internet Security & Acceleration Server in an appliance (see Celestix review for more information).
However, Network Engines' NS6300 is less powerful, using a 2GHz Intel Celeron processor and 512MB of RAM to run Windows Server 2003 and ISA 2004. While much cheaper to buy, it is aimed at smaller networks.
Network Engines has also taken a different approach to management, using one of the six Fast Ethernet ports as a dedicated management port. With a dedicated IP address, it is the only way to access the appliance's management. For additional security you can connect this port to a separate management network. This leaves five Fast Ethernet ports, which can be configured to connect to different networks.
Management is performed through the Network Engines Web Server (NEWS) interface, which is radically different to the one provided by Celestix. The initial configuration pages just give access to basic system data, including firewall and server logs, and only let you change basic information, including domain membership and network configuration.
You can also reboot the server.
Managing the firewall requires you to run the ActiveX Remote Desktop Web Connection. This requires you to authenticate again and gives you access, in a resizable window, to the ISA MMC console. It is just as easy to use as on a local machine and lets you configure all the same aspects we mentioned in the Celestix review.
Again, the default policy allows all traffic to flow out of the firewall from port one to port two (LAN to WAN) and denies all other traffic, so you need to build your policy from scratch. Unfortunately, the web interface does not let you download the client application, so you will have to stick with the NEWS interface.
Good for smaller Microsoft-based firms, the NS6300 secures management through a dedicated network port, while providing simple web-based management.