Yoggie Pico Pro
January 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: One handy plug-and-play security solution with a good firewall
- Weaknesses: Relatively expensive, still leaves gaps in security that competition solves
- Verdict: Great techie toy, but it's hard to see a real-world business case for large deployments
The Yoggie Pico Pro is a USB security device aimed at corporate road warriors. As mobile workers often rely on third-party WiFi networks to connect to corporate systems on the road, this can represent a loophole in enterprise security.
Yoggie claims that the thumb-drive-sized Pico Pro incorporates 13 different security functions, moving much of the traditional software suites' processing overhead from the laptop to the device. Updates are automatic, and handled by the device with no user visibility. Overall security policies can be set centrally using the Yoggie management server, available at an extra cost.
The Pico Pro is a Linux 2.6-based appliance powered by a 520MHz Intel PXA270 processor with 128MB of memory. In addition to blocking viruses, spam, phishing and spyware, security functions include intrusion detection and prevention, web and mail proxies, plus a firewall. The device also offers web filtering, parental content control, adaptive security policy, multi-layer security agent and a VPN client.
The funky black USB drive comes with a CD containing drivers and a very basic set of instructions. The installation of the drivers went smoothly, and all network traffic was soon being routed through the device.
Configuring the Pico Pro is done through a web interface, using Internet Explorer. The user is prompted to enter an email address and password, which is then used for access to the online management console. The settings are very basic, most processes and rules have been predefined by the company. This can be a good thing, but IT managers who are keen to configure the device for their specific network environment may be less enthused.
The Israeli security start-up's main pitch is the improved processing speed of a laptop running Yoggie, as the usual software security suite has been removed. Although booting up the test laptop was noticeably quicker than before, everyday operations seemed less affected.
Despite moving "all security functions" on to the Pico Pro, the firm provides a year's subscription for Kaspersky AV software, to be used to clean the laptop of any previous infections before installing Yoggie software. But continuing to run the device and the AV side-by-side will negate many of the processing savings.
Downloading trial malware files from eicar initially proved impossible, with Yoggie detecting all four http-based files as malicious and blocking the browser operation. However, things did not go so smoothly with SSL-encrypted files, as the device allowed https downloads. A separate AV package was needed to detect these as they were unzipped and executed on the desktop.
The Pico Pro is designed to scan network traffic, but ignores media-based malware transmission methods such as USBs and CDs. As one of the main reasons to deploy Pico Pro's is to prevent infected laptops being reconnected behind the corporate firewall, this omission seems somewhat strange.
Next stop was a firewall leaktest from Gibson Research Corporation, which the Pico Pro failed to prevent. However, incoming bot and Trojan probes to all ports appear to be well dealt with, following successful tests with several online probing services.
The Yoggie Pico Pro costs around £96, and annual renewal is £19. The Pico Pro's main strengths are its hassle-free approach to security, with no need for configuration, no pop-ups to hassle the user and no updates to worry about. It prevents unauthorised web access without the device, but the flipside is that if you forget, lose or damage your Pico, you're locked out too.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry