Product Information

Yoggie Security Systems, Ltd. Yoggie Gatekeeper Pro

Vendor:

Yoggie Security Systems, Ltd.

Price:

$220

Summary

Consider. You’re sitting in an airport using the terminal’s WiFi service. When you connected you noticed that there are a lot of users in the area with their own WiFi access points set-up as peer-to-peer. You know better, of course and, besides, you trust your organization’s security set-up on your company laptop. Or do you? Wouldn’t it feel nice and comfortable to be safe behind your organization’s firewall, anti-virus, anti-spam gateway? Out there in the airport there is nothing to protect you, except your anti-virus software and personal firewall. Until now.

Now you can, for a very reasonable price (under $250) have a hardware device that contains 13 security devices, is about the size of a cell phone, and plugs into your USB port. The Yoggie Gatekeeper includes a firewall, IDS, anti-spam, anti-phishing, anti-spyware, anti-virus, and a VPN client among other functions. Each function is a world-class commercial or open source product, and Yoggie handles all updates for a single price that is less than the combined cost of updates from individual providers.

As an example, the anti-virus software is from Kaspersky, one of the best known anti-virus developers in the business. The IDS is Snort, well-known to most security professionals as a stable, full-function IDS tool. Content filtering is from SurfControl. The entire product runs on an embedded operating environment that the user can manage but cannot compromise.

How it works     
The Gatekeeper connects to your laptop in one of two ways: redirect or inline. For redirection you simply connect the attached USB cable to your laptop as you would any USB connector. The Gatekeeper is powered by your laptop and all network connections are redirected through the Yoggie. If you are connected via wire, you then connect the cat-5 connector to the Gatekeeper. If you are connected via wireless, network data is redirected through the Gatekeeper and its security before it enters your system. You can disable the Yoggie if you have the additional password. For inline connections you simply place the Gatekeeper inline between your network and your computer. It supports cat-5 in and out.

The Yoggie supports up to five IP addresses so it is an excellent product for home offices and telecommuters. Simply insert the Gatekeeper between your cable or DSL modem and your hub or switch and your home network is protected. The Yoggie is a proxy, so isolation is complete. You can set the level of security you want using the web pages that the Gatekeeper generates.

The Yoggie also has a system approach intended for use by larger organizations that want to protect road warriors’ laptops. The management server acts as a gateway and configuration manager for Yoggie Gatekeepers in the field. The Yoggie administrator can set security policies/configurations for the remote Gatekeepers, and users will not be able to change the policies or operate without the Yoggie plugged into their laptops. The management server collects logs from the field and generates appropriate security reports.

We tested the Yoggie Gatekeeper Pro in multiple scenarios. First, we placed it on a laptop in our lab and tested it using both inline and redirection configuration. Using our vulnerability assessment tool (NetClarity) and our penetration tool (Core Impact) we were unable to compromise the Gatekeeper or the computer behind it. The other Gatekeeper functions worked exactly as promised and we came away from our testing satisfied that the product delivers as advertised.

Following the lab testing, I took the product on the road with me on my laptop. I had a couple of configuration challenges initially, but once it settled in, I saw no impact on my normal computing. The couple of times I needed to contact support I got good answers. I use an add-in WiFi card to access my organization’s wireless provider and it worked smoothly in each airport where I tested it.

The Yoggie allocates an IP address to the laptop and picks up the external address in the normal manner (dynamic host configuration protocol or static). It performs full NATing, keeping the laptop isolated.

Yoggie was founded by Shlomo Touboul, the founder of Finjan Software. The Gatekeeper is a solid product and is available through a network of dealers and distributors. I am told that it shortly will be in computer stores as well.

One small caveat is in order here, however. If you are considering the Gatekeeper in a corporate environment, I recommend that you buy a few of them along with the management server and run a controlled pilot before deploying organization-wide. It is a simple product to set up, deploy and manage. However, it is an entirely new concept for help desks, users and administrators. It is a good practice to get the product up and running, learn its quirks (I didn’t find many, and none of any particular importance), and get your help desk comfortable with supporting it.
— Peter Stephenson

Product: Yoggie Gatekeeper Pro
Company: Yoggie Security Systems, Ltd.
Availability: Now
Price: $220
What it does: Full-featured miniature hardware security gateway for laptop computers.
What we liked: We really liked the portability of and the ease of set up and management. The wide range of security functionality is impressive.