Check Point VPN-1 UTM Edge review
Aimed at SMBs and branch office deployments, this compact desktop unit combines a solid range of security measures, such as an SPI firewall and support for site-to-site and mobile client VPNs. The inclusion of integrated web and email anti-virus scanning earns it the right to be classed as a UTM (unified threat management) appliance. As well as this, it offers hosted web-content filtering and anti-spam services, traffic management and intrusion detection and prevention. The unit also provides a pair of USB ports for sharing printers over the network.
The web interface is common to all VPN-1 Edge devices. Initial configuration is handled adeptly by a wizard that helps you to select your primary internet connection. The appliance then contacts a Check Point service centre, where you provide a code that activates all the features you’ve subscribed to. The secondary WAN port can be used as the main internet connection, as a backup link and also as a DMZ that supports a single system. Three firewall modes are available, with the Medium setting blocking unsolicited inbound and outbound Windows file-sharing traffic.
Both content filtering and anti-spam are hosted services, and for the former you can pick and choose from over 30 categories to block or allow, although you can’t add custom entries. The anti-spam service performed extremely well during testing. We ran the appliance on a live network for a week and found that it picked up over 90% of spam messages with no false positives. Each suspect message has its subject line modified, while the body provides a complete rundown of the message’s spam score.
Virus scanning is provided for web traffic and inbound and outbound email, with all signature updates to the VStream service handled automatically. No attempt to cure infected emails will be made. The offending attachment is simply removed and comments added to the subject line and message body to advise the recipient.
When we reviewed the wireless version, we weren’t very impressed with reporting facilities. The management interface only showed a list of traffic blocked by the firewall. However, Check Point’s new hosted reporting service more than makes up for this, as it sends a monthly report to the administrator’s email address. The report provides a complete breakdown on all user activity. It includes graphs and tables showing the status of each service, top attackers and attacked services, blocked websites and the IP address of the user that attempted to access them, plus anti-virus and anti-spam performance.
For such a compact box, Check Point’s VPN-1 UTM Edge offers a top range of security features at a very reasonable price. Each service is easy to configure, the new reporting service is informative and we’re particularly impressed with Check Point’s anti-spam capabilities.