eSoft ThreatWall 450
Strengths: Swift deployment, extremely good value, masses of easily accessible security features, good anti-spam and excellent overall web content filtering performance
Weaknesses: No anti-virus scanning or web filtering for HTTPS yet
Verdict: The ThreatWall delivers a bumper bundle of security features, all at a very competitive price
Most security appliance companies rely on third party vendors to provide different security features, but eSoft is quite unique as it has developed all its own solutions. These include anti-virus, anti-spam and web content filtering. And a bonus of its approach is that eSoft offers them all at a very competitive price.
ESoft has two ranges in this sector, ThreatWall and InstaGate. The ThreatWall 450 is aimed at businesses that have a firewall and want to place web content security behind it. The InstaGate aims to be a complete security solution for SMBs and includes a firewall.
The appliances can be customised with eSoft ThreatPaks. The Web ThreatPak, for instance, offers web content filtering, protection from spyware and phishing sites, gateway anti-virus and IPS, IM and P2P application controls. You can also turn it into a full mail server that can handle SMTP, POP3, IMAP and webmail, for just £399 per year.
The ThreatWall 450's decent hardware specification includes 512MB DDR2 memory, a quartet of Gigabit Ethernet ports and an internal 80GB SATA hard disk for functions such as quarantining suspect mail. Three modes of deployment are supported where the appliance can function as a transparent proxy with all its Ethernet interfaces bridged.
This allows all inbound and outbound web and mail traffic to be scanned. In standalone node, it requires all clients and devices to be configured to send all traffic to the appliance; or in routed mode it sits between two different subnets.
We opted for transparent bridge mode and had it up and running in minutes. The web console kicks off with a quick-start wizard that registers with eSoft and downloads all updates and options. The well-designed web console provides easy access to all the ThreatPaks. User authentication can be applied, but the 450 also supports LDAP and AD servers.
The useful ThreatMonitor screen provides a row of tabbed folders with plenty of graphical information. The Web Security tab, for example, shows a bar graph for total web traffic and a pie chart breakdown of blocked and allowed websites.
The appliance starts web filtering straight from the box, as it has a default policy that blocks access to all the defined categories. You can create multiple policies, with each assigned a custom schedule and you can create custom web warning pages to users transgressing your AUPs.
Web filtering is good, with best results if all categories are applied. With games blocked, we Googled for bingo sites and, of 60 visited, were blocked from 50.
Social networking is covered nicely and, with this blocked, we were denied access to sites such as Facebook and MySpace.
Mail scanning presents another simple setup where you add your mail domains, internal servers and trusted networks. Usefully, the 450 can also transparently scan inbound and outbound email. For anti-spam testing, we opted for a transparent scan and left a client behind the appliance where it downloaded mail from live accounts. Impressively, the 450 caught every bit of spam during the test period. Even if it isn't perfect it soon will be, as it uses an initial learning process to improve Bayesian filtering scores.
Gateway anti-virus measures can be enabled for inbound and outbound mail and you can enable them for HTTP and FTP, though not yet for HTTPS. Intrusion Prevention is where eSoft has been labouring hardest - and it shows, with a range of tough measures.
You can specify lists of operating systems to be protected and add specific mail and web servers as well. On activation, it creates sets of protection rules and action policies, which can be customised.
Appliances that are easy to deploy always get our vote of confidence and the ThreatWall 450 is one such. For a low price, it delivers a wealth of features, many functioning straight out of the box, delivering top performance.