This device is equipped with IPS, VPN, URL filtering, anti-virus and
bandwidth management but doesn't have a SPAM Filter. But still it can scan
viruses from incoming and outgoing mails. Configuring this device is not easy,
either you should have full knowledge of the device or you should get it
configured by qualified personnel. This device has four 10/100 Ethernet ports,
one console port and two USB ports. Each of the ethernet ports can be configured
individually for separate usage, like LAN, WAN and DMZs. Leaving the first port
which can only work as a LAN port, the other three can be configured for load
balancing features, both for active-active and active-passive requirements. Like
others, this UTM provides virus screening over SMTP, POP3, HTTP and FTP.
Different addressing modes provided by this device includes NAT, PAT, one-to-one
NAT, etc. It also has URL filtering, which can be applied over a group for
allowing or disallowing specific websites and you can configure this
functionality on a schedule basis. That means you get the liberty to define the
time range when any specific sites will be open or closed. For instance you can
disable Orkut from 9 am to 5 pm, and after that Orkut will be enabled till 9 am
of the next morning.
|
Tests and results For testing vulnerabilites we ran Nessus, with the default
condition of the device, and it didn't show any warning and holes in the device.
The anti-virus performed pretty well and let through only 9% of viruses which is
actually one of the best reasult we get. We also tested it for some recent
viruses, and the results were up to the mark. This one doesn't have a built in
anti-spam, so if you are planning to buy this device then make sure that you
have other provisions for handling spams. We then tested it for spoof attacks,
which it successfully detected; however, it was not able to block it. Then we
tried for denial-of-service attacks, and this device was not even able to detect
it.
Bottomline: A nicely priced product for SMBs but doesnt have a spam
filter inbuilt into it.
BOTTOM LINE: A good UTM for SMB's, but only if you are planning to use
it as a second line of defense and already have a SPAM filter and client level
anti-viruses running.