Strengths: Offers a comprehensive range of security funcionality.
Weaknesses: The set-up process was not the most intuititive we have seen.
Verdict: Capable and well-specified.
We began by following the set-up specified in the well laid-out quick-start guide. We had problems connecting using a crossover cable, so moved on to attempt a connection via the device’s serial port, but our login was constantly rejected. Then we discovered an extra reviewers’ set-up guide and had more success.
Then we hit another snag – the device would not allow us to log in via the web-based GUI, as it thought another user was already logged in. We forced the console to end the session of this phantom user and then were able to finally access the device ourselves via an https connection.
Next came a Java-based set-up console. We were puzzled to keep getting a warning message telling us that the application’s digital certificate was invalid. In order to continue the view, we had to opt to trust the content from the device in order to be able to run the application.
Ironically, we had to reconfigure our Firefox browser to accept pop-ups so we could receive one advising us that Internet Explorer 6 or later was recommended for the interface. As other devices under test appear to be browser-agnostic, this seemed strange.
A second pop-up listed the number of tasks that we were required to perform before the device became fully functional. This involved installing the license key, updating the firmware, configuring notification responses for events, configuring the firewall and updating the anti-virus definitions and intrusion prevention signatures. There were also a host of other recommended tasks.
The main screen is clutter-free and provides an excellent snapshot of the system’s state. However, the GUI appeared sluggish compared with some others under test here.
Setting up core functionalities – such as anti-spam, anti-virus, firewall, intrusion prevention and web filtering – are also easy. Anti-spam options were particularly good: the device offers a learning mode that gags subject lines of all potential spam, and also a delete mode that removes spam over a user-defined threshold.
It was also a simple matter to configure ISS X-Force’s protection responses, which use "Virtual Patch" technology to guard against zero day exploits.