StoneGate High Availability Firewall & Multi-link VPN
November 01, 2005
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A very powerful data center-level firewall and multifunction appliance.
- Weaknesses: The limitations of the printed documentation means firms are better off leaving installation to Stonesoft.
- Verdict: A highly scalable solution that is worth considering for enterprise data center protection.
The first thing we noted with this substantial 2U steel-clad device was the lack of a redundant power supply, but there are multiple network ports – four fiber Gig Ethernet connections and 10 copper Gig Ethernet ports.
As for hardware, the unit is based on dual 3GHz Intel Xeon processors, a 40GB hard drive and 1GB of system memory. The front of the unit has bays for six RAID drives, but the unit we tested had only one drive.
Installation is usually carried out by Stonesoft’s engineers, so we reverted to the manual’s setup procedure – connecting a monitor and keyboard directly into the back of the device. From here, we fired up a DOS-based screen from which we configured timezones, admin password and the management network interface.
The device automatically detects the network interfaces present and allows the user to specify the management port. It then gives the option to acquire an IP by DHCP or to manually set a static address. After this, the unit resets itself and reboots.
The quick start guide was not the clearest we have seen, and the documentation does not run in a logical order – we were prompted to jump to chapter five to set up and define the firewall engine, then jump back to setting up the management GUI control panel.
From the supplied CDs, we began by loading up the GUI-based StoneGate Control Panel application and from here began to actually configure the firewall appliance.
The documentation on the CDs in PDF format was vastly superior to the printed instructions.
We set the internal firewall rules from the fairly clear control panel, configuring the network interfaces to firewall off discrete elements of the data center. This means that users could, for example, define security polices for different network areas. From here, we were also able to configure VPN access and IPS functionality.
The unit has excellent scalability. Up to 16 firewall appliances can be grouped into a single cluster, and around 500 firewalls and clusters can be managed from one management server.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report