Unified threat management tends to be a weighty matter, and not just in theory. UTMs are at times heavy, cumbersome rack-mountable boxes that can span a wide footprint when data center space is at a premium. It was a nice surprise receiving eSoft Inc.'s InstaGate 404e appliance—a lightweight contender in the integrated security market coming in at around 3.5 pounds and measuring a diminutive 9 inches x 6.25 inches.
But don't let the dainty appearance fool you: The Broomfield, Colo.-based vendor's device is actually a hefty threat-management solution with integrated firewall and VPN functionality. Capabilities include intelligent scanning for spam, spyware, malware and intrusion detection, Web and e-mail content filtering.
Once the device was connected to the network and was up and running, an initial test included configuring the Web security policy to block all gambling sites. Connected clients were instantaneously denied access to any site featuring online gambling, but the content filtering is intelligent enough to differentiate a Wikipedia entry for "gambling" as a safe site.
Then reviewers sent a Trojan virus to a server under InstaGate's protection. InstaGate blocked the virus, and the activity was immediately logged under Anti-Virus in Threat Monitor. Threat Monitor identified the Trojan signature file and the client to which it was sent.
Intrusion Prevention was set to Normal, allowing the alert logging and some attack blocking. The test network was bombarded with intrusion and exploit attacks using Core Security's Core Impact. Denial of service attacks and backdoor exploits were all thwarted. IMs were blocked and attempts to fire up an MSN Live messenger session were logged as a threat.
The next item on the list was InstaGate 404e's firewall and VPN. The device has system firewall policies already in place dictating rules for IPSEC, PPTP and Web access. These system policies cannot be modified, but an administrator can add his or her own customized firewall policies. Quality of Service policies can be defined. Priority and rate limits can be set against services like AOL, Telnet, SIP and VoIP.
It became clear that a PPTP VPN is easily configured. With DAST's iperf, VPN tunnel throughput was tested. The VPN connection taxed bandwidth somewhat, but not enough to render the connection useless. Throughput transfer rates through the VPN averaged at 2.26 Mbps and bandwidth averaged 1.9 Mbps.
There were limited incidents while testing, such as some latency on the device's side when changes were made to policies or settings and the device was trying to process the changes. The vendor says it's aware of this performance issue and has an update scheduled for release in May of this year.
Setup is easy with the interface. Setup and management are accessed through an SSL connection via a Web browser. Setup time depends on how many SoftPaks have been purchased to install. For testing, reviewers installed the gateway antivirus, intrusion prevention and site filtering SoftPaks.
Installation ends with the device synchronizing with the SoftPak Director, a platform from which the appliance receives realtime software and signature updates.
Before monitoring begins, InstaGate prompts for a connectivity test. Pings are sent to both external and internal interfaces and to DNS servers. During the connectivity test, the ping did an endless loop. The test network had a domain controller running DHCP. Once DHCP was stopped on the network and enabled on InstaGate, the test was successful and the device began monitoring network traffic.
ESoft has a broad channel program and sells 99 percent of its products through the channel. Its partner program has three levels: Authorized, Gold and Silver. Certification and training are available.
The 404e supports up to 25 users per device and is available at a suggested price of $799.99. Gold-level resellers get the product at $559.00. The Web, E-mail and Network ThreatPaks each cost $299 per year for the 404e for a one-year agreement. Upgrading to the 404, which supports unlimited users, costs $1,200.
The results of testing prove eSoft's InstaGate 404e to be an excellent addition to network security infrastructure of a small to midsize environment.