Fortinet FortiGate 60
Small, cheap, some strong features.
Some aspects of setup are laborious.
This is an impressive device in a small package if you can overlook some of the contrived setup processes.
The first two things that caught our attention with Fortinet FortiGate 60 is its small physical size and its similarly small price tag.
The device is based on customized application-specific integrated circuits. Speed and reliability should improve as the unit's security functionality is implemented directly in silicon, rather than running off an internal hard drive.
The appliance has two WAN Ethernet connectors and a demilitarized zone interface as well as four internal interfaces and a serial connection for connection to the management workstation.
Interestingly, the device also has two USB connections for dial back-up capability. The device can be dropped into the network as a gateway in NAT/route mode or it can monitor traffic transparently.
An initial wizard makes basic setup fairly simple, but after this you are on your own. As ever, there is a command line interface available, but also a fairly well laid-out and cleanly presented web interface for management. Configuring the firewall offers you a set of pre-configured options or you can use the intuitive profiles feature to determine whether virus scanning, web content filtering or spam and script filtering should be applied.
The anti-virus engine is updated by Fortinet, and you can set it up to receive regular updates automatically. It is capable of monitoring HTTP, FTP and SMTP traffic and, all in all, is quite feature-rich. However, the lack of an integrated hard drive makes quarantining suspicious files or mail impossible. It should also be noted that the content-filtering service, driven by Cerberian, can be rather laborious to configure (since the test, the vendor says it has dropped this service and is now shipping its own).
Another useful feature is the intrusion detection, which will defend against malicious floods, scans and denial-of-service attacks.
In terms of VPN functionality, the FortiGate offers port-to-port IP tunnelling and IPSec, with automatic IKE or manual key exchange. The device also offers DES, 3DES and AES hardware accelerated encryption.