Panda GateDefender Integra eSeries eSB review
Panda’s GateDefender Integra eSeries eSB matches its lengthy model name with a similarly long list of security features – and backs them up with a decent hardware platform as well. The eSB has a 1.8GHz Atom in the driving seat, partnered with 2GB of RAM and a 160GB hard disk for web caching, spam quarantine and log storage.
Installation is taken care of by a startup wizard, which took us through the process of choosing bridged or routed mode, configuring port zones and enabling internet access. The appliance’s web console is easy to use, and we had the eSB up and running inside 15 minutes.
We like Panda’s colour-coding system: using green, red, orange and blue for trusted, internet, DMZ and wireless services made it easy to work out where to apply our security policies. The blue zone simply defines a port on the appliance through which wireless access point (AP) traffic is sent for internet access; the firewall can be set to permit wireless traffic only between blue and red zones, and the HotSpot service can be used to create access and billing controls. As a bonus, it doesn’t care whose APs you’re using. You can also redirect traffic to a login web portal, complete with an acceptable-use policy.
Panda has proxies for everything, and uses them to control HTTP, HTTPS, SMTP, POP3 and FTP traffic. For HTTP, there are non-transparent and transparent proxies; we opted for the latter, so our users didn’t have to change their browser settings.
We used the HTTP proxy to apply virus scanning and web-access controls, and created filter profiles to block non-productive websites such as games and gambling. Panda offers five general URL categories with a total of 83 subcategories, so filtering can be easily fine-tuned. Policies assign filter profiles to sources and destinations, and we were able to enforce user authentication using the local appliance, Active Directory, LDAP or RADIUS. The web filter worked extremely well during testing, with no sites in the blocked categories slipping past Panda’s proxy.
Tests using our Ixia load generators returned a respectable 262Mbits/sec HTTP firewall throughput. Activating the proxy hit performance hard, however, causing the reported average to drop to 94Mbits/sec. With antivirus enabled on the HTTP proxy, we saw it dip to 72Mbits/sec.
The Snort-based intrusion-prevention system (IPS) is simply turned on or off for all inbound traffic, but enabling it created more overheads. Oddly, though, the 43Mbits/sec HTTP throughput we observed was 10Mbits/sec higher than Panda’s own claims.
The POP3 proxy also applies antivirus scanning to inbound mail; the SpamAssassin service can be enabled too, but this only tags the subject line of suspect spam messages. The SMTP proxy goes further, allowing messages passed to an internal mail server to be scanned for spam and viruses and, if need be, quarantined on the appliance’s hard disk.
Reporting is good, with the web UI offering detailed activity graphs on web, mail, IPS and virus scanning. We had no problem finding out what was consuming our bandwidth, seeing which users were causing trouble, and reviewing live logs of all services. Businesses with multiple appliances spread over different locations will find Panda’s Perimetral Management Console particularly useful: it lists all managed appliances, shows their operational status and provides remote upgrade services, plus remote access to their web console.
Our main concern is that the Integra eSeries eSB’s comparatively low performance limits the number of users it can service. But it’s simple to deploy, and provides versatile security features at a low price, so smaller businesses shouldn’t rule it out.