Astaro Security Linux
June 05, 2004
$390 per ten seats
- Ease of Use:
- Value for Money:
- Overall Rating:
: A well-designed system with a comprehensive feature set.
: The system's Linux roots may discourage Microsoft fanatics.
: This system includes features that are provided at extra cost on more expensive systems.
As the system is pre-configured, a number of security issues that would need to be addressed with a standard Linux installation are avoided. Once installed, the firewall must be administered from another machine on the network using a web browser capable of supporting SSL communications. The interface is mostly intuitive, but some parts had us reaching for the 244-page printed manual.
It is possible to configure the firewall in minute detail, but the system makes reasonable assumptions. The port scanner detection is disabled by default and can be set to accept, reject or ignore port scans. This worked when tested with our port scanners, with the attempts being logged and dropped as the scanners failed to detect any open ports.
The system provides a stateful inspection firewall, comprehensive VPN facilities, virtual LAN (VLAN) support, anti-spam, content filtering, wireless LAN (WLAN) security and denial-of-service protection as standard. Licensing costs depend on the number of seats, and the system is free to home users.
The system provides a wide range of logging and monitoring services, and a wealth of system, network, and firewall information is available. There is a facility to set alert conditions and send warnings to administrators if necessary, but this will only work if the DNS Proxy feature has been enabled or if the SMTP proxy has been set to allow incoming email.
There is no facility to schedule the dispatch of email logs to specified users at a specific time. All logs have to be viewed at the browser or downloaded to the workstation for later review. This is inconvenient if there are several firewall systems being managed remotely, and the ability to automate the collection and distribution of routine log data would be a useful addition to the system. The software does support upload of logs to a syslog server.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Cyber-security must reflect risk not just regulation
- Met Police grab suspect with phone unlocked to get hold of data
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report