Equiinet's SentryPilot is designed to be a gateway device that provides anti-spam, anti-virus and URL content-filtering functions for small and medium-sized firms which typically need to secure between 50 and 300 clients.
On the hardware side of things, the device is nothing exceptional. It is a small-format, Intel-based server appliance loaded with a gigabyte of memory and an 80-gigabyte hard disk running Linux.
The presence of Linux should not concern administrators who are unfamiliar with this open-source operating system. The underlying platform is completely transparent and presents no special compatibility or management issues.
For network and peripheral connectivity, the unit has four USB ports (for future use only), one parallel, one serial, one VGA and two 10/100 Ethernet ports.
The device comes with a small, clearly illustrated, getting-started guide that presents users with refreshing, simple, step-by-step instructions.
It might seem like a trivial point, but it is good to see that this guide is well written in comprehensible English. It does not contain the appallingly translated and often confusing nonsense that so often features in many IT manuals today.
This gateway device is designed to be deployed in a corporate environment that would typically already have a relatively complex configuration of firewalls and mail servers in place.
Even so, installation was an absolute breeze – which is appropriate for a device that is aimed at smaller firms which might not necessarily have large dedicated IT departments.
Before the physical installation, we needed to reconfigure our existing firewall with some changes. These included allowing SentryPilot outbound http access via TCP 80 and https via TCP 443 so that it could automatically update security signatures.
We also needed to open ports to allow inbound access to the device for https and SSH.
Having completed this stage, we blocked direct access from networked clients to the firewall. Additionally, our Exchange mail server needed to be modified, so that it receives all email traffic directly from the SentryPilot. Then, for web filtering, we needed to set the SentryPilot as the proxy with all web browser clients on the LAN pointing to the device.
The unit can be configured as an internet gateway or simply plugged into a networked client, hub or switch. For our test, we connected the unit, plugging the thoughtfully color-coded UTP patches directly into a work-group hub.
After that, we simply switched the SentryPilot on and waited a couple of minutes for it to finish booting. At this point, the device notified us that it was ready.
Our first impressions when we fired the unit up was of a slightly noisier fan than we had expected, but this might just have been our review unit.
Although it is possible to administer the unit with a keyboard and monitor attached directly to the SentryPilot, in most situations it will generally be more convenient for administrators to use the web browser-based administration console. This is accessible simply by typing in the appropriate IP address.
From this primary administration screen, the unit's main network configuration is achieved either using DHCP or manually assigning IP, host name, subnet mask and gateway details.
This page also provides links to the management tools for all the device's main functions, including email and anti-virus security together with web filtering.
Having carefully set up the initial parameters, users are given the option to follow the Quick Configuration wizard to connect the unit to the internet. Once this is completed, users of the SentryPilot can fully register their product with Equiinet.
Registration requires users to activate the relevant security options they are entitled to use, such as anti-virus, web filtering and/or anti-spam functionality. The license keys are activated from the administration browser window by adding a unique proof-of-purchase code and a serial number, together with a license key for the security module.
When it comes to the actual security functions bundled with the unit, it is clear that Equiinet has attempted to create a best-of-breed system that brings together standalone products of proven quality from different manufacturers.
The anti-spam system takes a dual-pronged approach. First of all, it has SpamCop acting as the first line of defense, by running checks on incoming emails against blacklists of known spammers.
This is followed by the second line of defense, which can be used either behind SpamCop or independently. This is Spam Assessment, which scans the actual content of mail against a pre-loaded database of 800 known spam characteristics.
The device's anti-virus functionality uses technology from Sophos. This module features both email and boundary scanning anti-virus options that enable administrators to block viruses or suspicious file downloads received by email and from the web.
Web filtering, which empowers administrators to control which URLs are accessible to network clients, is achieved using technology from content filtering specialist firm N2H2.
This intuitive module allows network managers to easily set up and maintain blacklists of undesirable sites, which are automatically blocked by the SentryPilot.
A useful feature offered by SentryPilot makes it possible to test any of its security settings to ensure they are working properly before being deployed to end users.