Symantec Gateway 5460
June 05, 2004
- Ease of Use:
- Value for Money:
- Overall Rating:
The system is designed for high availability in the enterprise environment.
Although there are several optional features, it is not always clear how the system integrates with third-party alternatives.
This is a powerful firewall with plenty of upgrade options that can be tailored to suit most requirements.
The device is set with an IP address and subnet mask using the LCD and buttons to select fields and enter data. The system generates and displays a password used to access the unit's administration functions from a web browser via an SSL-encrypted connection.
The browser needs to support Java, and Symantec recommends Internet Explorer 6 with Java Runtime Environment 1.3.1_04. The necessary Java files have been included on the device, so they can be uploaded if required. Once the browser connection is made, the system runs an initial set-up wizard.
The system's date and time, domain, host and gateway details can all be set and the front panel buttons can be locked to prevent them being used to change the configuration.
Some services, such as mail (smtp), web (http) and file transfer (ftp) will be configured with default rules that will allow clients on the internal network to have internet access.
Defining security policies and rules is slightly complicated: objects (Network Entities) need to be created for all aspects of the network, including locations on internal or external networks (defined using IP address ranges), hosts, domains, and gateways. These entities are used in rule definitions and can have spoof protection applied to them – defining the included and excluded interfaces as needed.
Although this approach requires a great deal of planning before making any changes to the security policy, this is not necessarily a bad thing. An advantage of using entities is that the system can be scanned to determine where a specific entity is used, so that the likely consequences of making changes to the network can be discovered beforehand. This system enables validation checks to be made on individual rules.
The device passed our port scans. It also reported the attempt, which indicates that the hybrid IDS was working correctly. The comprehensive logging and reporting system allows for reports to be generated in both pdf and html formats with various page sizes.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry