There were some minor discrepancies between the documentation and the browser interface but these were easily resolved. The system can be used as a firewall or as an intrusion detection system (IDS) and is pre-configured as an IDS. We re-configured it as a firewall. BWTracker, the browser-based interface, was easy to navigate.
The main documentation is on a CD. The online help in BWTracker is a keyword search engine that can access the firewall help files as well as system documentation and can also link to Google. BWTracker also provides access to the operating system administration functions, including the Apache web server and the MySQL database engine, integral parts of the system.
Curiously, the firewall is not activated when the device boots up and has to be started from the browser interface. This can be changed in the boot-up procedure so that the firewall will start when the device starts (a better idea).
Our port scans were unable to detect any open ports once this was done. Software modules, called "softblades" plug in to the system to provide support for functions like content filtering.
BarbedWire offers a WiFi/LAN Authentication softblade, which adds a level of security to wireless and wired networks to counter spoofing and ARP poisoning. This is important due to the proliferation of wireless devices with their own security requirements.
Reports are available for traffic and system monitoring and they are highly configurable.
VPN setup is a straightforward matter using the VPN softblade management interface. Firewall management is well organized, enabling the administrator to configure networks, hosts and zones very easily. Rules can be maintained in a similar way.