PineApp SeCure SoHo 1220 review
Based in Israel, PineApp has only recently made a big play in the UK security appliance market, and the SeCure SoHo family aims to deliver an affordable UTM solution to SMBs.
Offered in desktop or rack chassis, the 1220 on review is to the latter design and supports up to 50 users. It delivers a large security umbrella with SPI firewall and IPsec VPNs at the top of the list, further augmented by web content filtering, multiple antivirus scanning engines and tough antispam measures.
Installation got off to a poor start, leaving us with a rather dim view of PineApp. The sloppy documentation clearly states that for management access you should use LAN port 2. It’s actually port 1, and to discover this nugget of truth we had to access the CLI. The appliance was supplied devoid of documentation and, at the time of writing, PineApp’s support site didn’t even make the manuals publicly available for download.
We kept our existing firewall and placed the 1220 behind where it could provide all other security services. Alas, this was also problematic, as the WAN port can’t act as a DHCP client, NAT and port forwarding are switched off by default, and masquerading isn’t configured either.
Furthermore, we changed the IP address of the management port, but the appliance’s hosts list still kept the default address and subnet mask, which had to be manually changed before internet access for our LAN clients could be achieved.
Once we were up and running, we found that although the interface wasn’t overly friendly the level of features on offer was impressive. ***For messaging security as it can scan incoming email before passing it on to internal mail servers and suspect messages can be quarantined on the appliance’s hard disk.?*** However, it also works with external POP3 accounts, and during testing we created a mail domain for our ISP and added users that were allowed to retrieve mail.
The appliance employs a good selection of antispam measures, which can be customised with mail policies. PineApp also employs CommTouch, which works alongside a number of ISPs, allowing it to passively monitor mail messages and compute hashes for each one. This allows it to identify spam very quickly, as it compares hashes with its own servers.
PineApp employs a pincer movement on viruses with scanning engines from F-Secure and Kasperksy, which can be applied to web and mail traffic. For web content filtering, the appliance can act as a transparent proxy if you don’t want to reconfigure your clients, and had a proxy cache for improved browsing performance.
Web content is filtered using a URL database, black and white lists, phrase checks plus file type and MIME blocking, and you can also decide which LAN ports it is active on. For URL filtering you have around 60 categories to choose from, although many are too specific for our liking, making it more difficult to block an entire category such as gambling, as you may have to select multiple entries.
The SeCure SoHo offers a lot of security features for your money, with particularly good antivirus and ant-spam measures. However, the ultimately frustrating problems we encountered during installation and configuration simply aren’t acceptable, and particularly so at this level of the security appliance market.