Symantec Enterprise Firewall/VPN
A wealth of functionality that is impressive for a product at this price point.
Symantec once again impresses with this solid, fully-featured product.
Symantec is a very old name in the security business, but it is not going to rest on its laurels. Its software-based Enterprise Firewall with VPN has had yet another upgrade since the last time we looked at it, and it offers quite a few new features to what was already a very powerful application. The application is also available pre-loaded on one of Symantec's distinctive bright yellow appliances if you prefer.
Installation on Windows (although the product is also suitable for Solaris) poses no problems. In many ways, it feels as if you are simply adding a service pack onto your existing operating system. Indeed, this is quite close to the truth. The firewall is designed to recognize and address existing security weaknesses in Windows 2000 and actually leaves you with a hardened version of the platform.
The firewall is impressive. Application layer proxies providing full application inspection, circuit-level protection and packet filtering all come as standard. Management is through the much-improved Management Console, and configuration is a dream - you can manage clusters of firewalls with ease, pushing the configuration settings to them automatically.
For version 7, Symantec has added high-availability load-balancing. While this was previously available on the appliance version, the addition to the software package means that you have even more flexibility. AES has been provided for extra security, as well as support for some of the newer protocols, such as T120 (for Microsoft NetMeeting) and extended simple mail transfer protocol (ESMTP).
The product is no slouch where reporting and logging are concerned. Information is captured across the network (and all instances of the firewall) and presented in the required format.
It also comes complete with a built-in IPsec compliant VPN, with extended encryption (as well as AES, it also offers DES and triple- DES) and IKE. Extra security is provided by a host of authentication methods, such as RSA's SecurID, LDAP and RADIUS.
Thankfully, there is no danger of getting lost with all of this functionality. In addition to extensive contextual help, there is a whole library of manuals in PDF format, which can help both the experienced administrator and the novice.
Symantec is still keeping one step ahead of the opposition with this application, which is perfect for SMEs and small enterprises alike. Definitely one to consider.