We have covered many types of firewalls (both appliance and
software based) in our previous issues. This time we are looking at a firewall,
which can be used to actually create an appliance-based firewall. The Secure
Point Security Manager Suite (henceforth referred to as Secure Point) is a Linux
based firewall for an enterprise. This not only protects your network from
external attacks, but also discards broadcast traffic, which is the main cause
of network congestion leading to poor performance. You can download a trial copy
of its latest version from http://securepoint.cc. This firewall is not only very
easy to configure, but also has a built in proxy server and VPN configuration
tool that allows you to protect your VPN links. Besides configuring the firewall
from an admin machine, it can also be configured from a web browser over a
secure port.
Secure Point requires a machine with at least 5 GB HDD, 128
MB RAM and two-network interfaces. Adding more RAM will give you better
performance. For management of the Suite, you require a windows machine,
installed with Secure Point Security Manager. This lets you configure and manage
the firewall remotely. The firewall is based on Linux and has a client/server
architecture that is very easy to setup. Besides the firewall, the Suite also
gives you features such as a VPN, virus scanner and content filtering. Secure
Point Security Solution runs on systems ranging from small devices up to large
multi-processor systems utilizing gigabytes of memory. You can even configure
the solution as a redundant high-availability system for automatic fail-over in
case of hardware and network failures. In order to use the organizational
bandwidth in an efficient way, the Suite has load-balancing capabilities. This
feature helps improve performance and does traffic shaping, which in turn helps
set priorities by network, service and protocol.
Price: Euro 1,995 (up to 100 users) |
Meant For: Enterprises |
Key Specs: GUI and text based configuration, VPN, anti-virus, and content filtering support. |
Pros: Easy to set up, blocks all ports by default, drops all attacks and continues to run smoothly. |
Cons: None |
Contact: info@securepoint.cc RQS# E20 or SMS 130320 to 9811800601 |
The Firewall Setup Price
Secure Point comes as an ISO image, which can be burnt on a
CD. This CD is used to boot a firewall machine, and you must have at least two
network cards in the machine. The installation can be either text or graphics
based. The graphics installation is simple enough and similar to setting up any
other Linux firewall, but has a few exceptions. For one, it let's you choose a
file system to use for the firewall installation, which can be either Ext2 or
Raiserfs. If you have multiple hard drives installed on the system, it let's
you activate Software RAID (Level 1 mirroring) for better fault tolerance. From
here, it moves on to the usual process of selecting your network cards, defining
the internal and external ones, assigning them IPs, etc. Then there's a
separate step for defining the Global settings, wherein you specify name of the
machine, gateway, IP address of the administrator computer on the internal
network, etc. The rest of the process is automatic and takes about ten minutes.
Client Setup
One thing we liked about the firewall is that you have to configure a client
machine specifically to manage the firewall. For this, you need a separate
machine and install the Secure Point client on it. This client will then encrypt
all the configuration files kept on the client and ask you to define a key for
it. This ensures that nobody else can actually play around with it. From this
interface, you can configure various aspects of the firewall, such as the rules,
reports, etc.
Management
The good thing about this firewall is that it blocks all traffic by default.
This ensures that even if you deploy the firewall, it's perfectly secure. You
have to define each and every policy on the firewall, which includes defining
the various computer groups on your network, including those in the DMZ
(De-Militarized zone). We tested the firewall by flooding it with Denial of
Service (DoS) attacks. The firewall was able to detect the DoS attack and
subsequently, started dropping packets. We also ran the Nessus port scanner to
find out whether the firewall had left any ports open. As we said initially,
since all the ports were blocked by default, the attack was fruitless. The
firewall discarded all broadcast traffic that was flooding the network, which is
what a firewall should do.
Bottom line: We found this to be a pretty good
firewall building software, as it let's you control each and every aspect of
the firewall. Another thing that one should check is the support provided by the
vendor, since it has to be purchased online.