Astaro Security Gateway Essential Firewall Edition review

Personal firewall software is ten a penny with most vendors now giving it away free, but this generosity rarely extends to business products. Astaro’s New Year resolution is clearly munificence, since it now offers its Security Gateway software as a free download with no limits on time or supported users.

On review is the appliance version of the Essential Firewall Edition, but Astaro also offers a VMware virtual appliance version. Minimum hardware requirements for the donor system are reasonable, so for testing we dug out an old PC with a 2.4GHz Celeron and 512MB of memory, and blew the dust off a 40GB IDE hard disk.

You burn a CD with the downloaded ISO image and boot the donor system with it. The process takes fewer than 30 minutes and, apart from a few questions about IP addresses, it’s largely unattended. Once booted up you point a browser at the IP address you supplied and run through a quick start wizard.

This makes it easy to set up the LAN and WAN ports, the internal DHCP server and basic firewall rules. For the latter, you have a list that includes web access, common terminal services applications, IM apps, email and VoIP.

Astaro Security Gateway Essential Firewall Edition

The wizard asks you to activate IPS for a range of server types, choose the web categories you’d like to allow or block, and add internal mail servers for antispam protection. It’s only when you load the main management interface that you find everything apart from the base firewall, DHCP server, PPTP and L2TP VPNs, and reporting is unavailable.

The homepage provides a dashboard showing all activity, but with so much disabled there isn’t much to see. The most useful one was the system utilisation chart, which showed clearly that 512MB of memory wasn’t enough for even modest traffic loads.

To make general configuration easier it’s worth spending some time creating network and service objects. These definitions are used in packet filters, and when customising the firewall with new rules you can view them in a side bar and use drag and drop to add them to the relevant setting.

Rules are carried out in order of priority, and can be moved up and down in the list. Time period objects can also be applied to rules to determine when they’re active, but there are only four predefined time events available.

Reporting tools provide graphs of appliance hardware performance and network traffic throughput on all its interfaces, as well as filter violations. The network security menu opens with charts of the top dropped web hosts, along with flags showing their geographical location. An executive report gives you a complete overview of all the day’s firewall activity, but report archiving is yet another disabled feature.

Astaro has a good reputation with its network security products and the Essential Edition software is well worth trying out. However, it’s severely limited in features, so if you’re not prepared to put your hand in your pocket but want more features, then check out SmoothWall Express or IPCop.

Details

Software subcategory Internet security

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos