October 01, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Secure and affordable, lots of UTM features
- Weaknesses: VPN functionality and features are limited
- Verdict: This appliance is a great buy if you want its other functions as well as a VPN. But if all you need is a VPN, give it further thought
The FortiGate-500A-HD is a united threat management (UTM) appliance with SSL VPN capability. The web interface covers a lot of ground, but is not too overwhelming. We found that setting up the VPN on this device was a little complicated, due to the fact that the functionality is tied to the firewall and there are extra configurations that need to take place. We found the configuration of the appliance to be awkward at certain points.
This device is not strictly an SSL VPN, as it is also a full UTM. The virtual private network is very basic and does not include a lot of features you will find in other products in this category. The focus of the FortiGate VPN is primarily based on restricting and securing access rather than on creating application access on a web portal. The product does have a web portal of its own, but only allows access to web, telnet, ftp and Samba servers. We have reviewed the FortiGate in the past (SC, August 2006) and, generally, we liked it as a multipurpose appliance. Like many such all-in-one tools, however, it has its strengths and weaknesses. In this case, the VPN, while competent, does not always ascend to the level of a dedicated VPN device.
This device offers a lot of security thanks to its UTM base. Authentication methods include Radius, LDAP, local database, SecureID and X-Auth support for IPSec Clients. Also available are UTM features such as an intrusion prevention system and anti-virus protection. From the standpoint of vulnerability, this box is rock-solid.
Documentation for the FortiGate box is well-organized and comes complete with diagrams and screen shots. It provides easy-to-follow step-by-step instructions for setup and deployment. The manuals also give setup examples and fields to enter specific configuration information specific to the environment, so it is all in one place. The quickstart guide shows simple setup steps using various options such as web-based or command line.
The support center on Fortinet's website offers telephone and email asistance as well as an online knowledge base. We also found information on training and a place to download updates.
If a UTM is what you're after, this is a great buy. However, if you are looking for a full-service SSL VPN device, this isn't it. While its security is high, its VPN capability is limited. Almost all of that functionality is tied, in one way or another, to the other capabilities of the overall product.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry