It runs under Nokia's IPSO operating system and the basic system provides four 10/100 Base-T ports as standard. Four fiber Gb connections can be added as extras.
Installation was straightforward with a serial connection. Once configured, it entered "stealth" mode, hiding the telnet and http ports and setting up the rule base as "default deny." A certificate was generated that was used to authenticate the connection between the device and its administering PC.
System administration was done via a web browser that connected using a SSL link to Nokia's "Voyager" software on the device. This web-based system handles access to system configuration and monitoring. Remote access can be restricted to IP addresses to prevent unauthorized modifications.
The firewall software is Check Point Express (see page 80 for a full review). Check Point Express provides content security ranging from blocking a specific connection all the way to security servers, which are processes that provide protection schemes for individual servers that operate independently of the firewall rules.This provides another line of defense for individual servers, so any exploit traffic that succeeds in passing the firewall will still be trapped by the server security process.
The SmartDefense system protects against intrusion attacks and an online update service ensures that immediate protection is provided against new vulnerabilities.
The system did not respond to our port-scanning programs, but there was no indication in the logs that the scans had occurred.