All-in-One Network Security Appliances

Join NWC contributing editor Hugh Smith as he begins examining all-in-one network security appliances (IPSec-VPN, firewall, intrusion detection, content filtering, anti-virus products) for our March 18, 2004, issue.

December 22, 2003

3 Min Read
Network Computing logo

Evaluation Particulars

What Do We Consider Appropriate for This Review?
We will consider network security appliances offering at least four of the following features: Firewall, VPN, Intrusion Detection (IDS), Anti-Virus (AV) and Content Filtering (CF).

We will test these devices in both a real-world setting and in our network performance laboratory. Initially, we will set up the device on a live line between a small network and our campus backbone. Behind the device will be a number of clients and a single server. The server will provide Web, e-mail, DNS and file services. The clients will require Internet access across your device, including Web, SSH, telnet and H.323.

In addition to the real-world test, we also will test your device in our laboratory. We will utilize Ixia's IxWeb, IxVPN and IxAttack software to analyze the efficiency and effectiveness of your implementation. Our traffic mix will include HTTP, SMTP, FTP, ICMP and DNS.

To participate in this review your device must meet the following requirements:

  • The network security appliance must support four of the following five features: IPSec-VPN, Firewall, AV, CF and IDS.

  • It must have a WAN link speed of 100 Mbps or less. The physical interface must be Ethernet/Fast Ethernet with an RJ-45 connector.

  • It must be a single device and cannot require multiple devices to provide the features.

  • It should be targeted at small to midsize businesses or remote offices.

We will be judging products based on the following criteria:

Management and Logging Testing
In testing the products, we will assess the management interface and processes, including configuration, logging and alerting methods, the detail of the logging, log export mechanisms and log viewer features. Because small organizations with limited IT support are intended to set up and use these types of devices, the management interface assessment will be weighted heavily in our final analysis.

VPN Client and Interoperability Testing

In testing the devices' VPN functionality we will configure them to run both with your VPN client as well as in tunnel mode to another VPN device. This will allow us to assess both the client configuration process and how well the device interoperates with other VPN devices.

Firewall, IDS, AV and CF Implementation Effectiveness
We will send a number of attacks/viruses (using IxAttack as well as some in-house developed scripts) to the device to determine how well the attacks/viruses are detected, logged, denied or contained.

As part of our testing we will look at the performance of your device (throughput) using the traffic mix described earlier. We will assess the impact of turning on the different features. Because these devices are used in small-office settings, we do not consider performance to be as critical as some of the other tests and will not weight it as heavily in our final analysis. While we feel it is important to give our readers data on how the features will affect their performance, there are alterative (larger) solutions available if higher throughput is required.

We need the list price for the products actually tested (including all the features) in the review as configured. The pricing will be for unlimited users or connections.

Additional Features Available (e.g., remote management, spam filter)

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights