ISS Proventia M10 review
When ISS states the Proventia M10 is designed to provide industrial-strength protection to SMEs it doesn’t jest: this compact box is armed to the teeth. You’re not paying a premium either, as the M10 is offered at a price that’s remarkably low. Along with the usual firewall, VPN and anti-virus measures there’s anti-spam and anti-spyware, intrusion prevention and top-notch web-content filtering.
Build quality is excellent, as the M10 is based around an Advantech FWA-660 Internet security platform that looks and feels sturdy. Processing power is reasonable for an SME-level device, and it also includes an internal 30GB 2.5in hard disk used for holding the web-content database, virus signature files, firmware upgrades, infected file quarantine and OS image backups. Attaching an Actiontec ADSL modem to the WAN port, we found installation was quite swift. But it isn’t quite as easy as with the NetScreen-5GT, as a brief visit to the CLI over a serial connection is required first. However, despite the myriad features, the Proventia Manager web interface makes them easily accessible.
The M10 is certainly backed up by some capable support. ISS takes threat detection seriously and its X-Force team claims to have the largest security knowledge base in the world. To put this into perspective, a report in 2003 by Frost & Sullivan revealed ISS as identifying 55 per cent of threats for that period, whereas giant Cisco contributed absolutely nothing. ISS goes further and also claims it holds the biggest content-filtering database, with more than 20 million URLs and 2.5 billion web pages. All filtering is carried out locally, so performance isn’t an issue, and the appliance is supplied with the database already installed and only requiring automatically downloaded updates.
The integrated PAM (protocol analysis module) fends off attacks by using deep analysis similar to packet sniffers. If, for example, a buffer overflow attack is attempted, the PAM analyses the buffer field length and blocks the attack if it’s over a specific threshold. Anti-virus measures come courtesy of Sophos, which needs no introduction, and you can decide whether to scan HTTP, POP3, SMTP and FTP traffic. Infected files can be blocked and placed in quarantine on the hard disk to be examined at your leisure. The anti-spam component requires minimal intervention and uses a combination of black and white lists, text analysis, a database of known troublemakers and the ability to check email with embedded URLs. Using a simple threshold slider a learning mode simply tags the subject line of suspected spam, but once you’re happy with the chosen setting you can switch to a delete mode. The firewall’s default settings will be enough for most users but you can add your own rules. Don’t switch them all off though, as this will block all inbound and outbound access including management, and the appliance can then only be recovered from the CLI. Even alerting doesn’t get missed, as each component has its own alert section and events can be tied to email warning messages.
ISS manages to offer a stunning level of network security features at an extremely competitive price with the Proventia. This little appliance truly is a complete solution that covers every security requirement a small business could possibly need.