Integrated security: Symantec's Gateway Security 5600 series

This tip, courtesy of SearchSecurity.com, reviews the Gateway Security 5600 series integrated security appliance so that network consultants and value-added resellers (VARs) can offer an informed VPN equipment recommendation to customers seeking an all-in-one solution.

Gateway Security 5600 series
Symantec
Price: Starts at $3,150

Symantec's Gateway Security 5600 series integrated security appliance is an ideal solution for enterprises restricted by the expense and resource requirements of separate products.

The 5600 series offers firewall, antivirus, antispam, content filtering, IDS/IPS, VPN and client configuration compliance, all managed through a clean GUI.

Installation was a breeze. The front panel of the device includes a two-line LCD display and several command keys, allowing you to configure a network interface without a console cable. Unlike many appliances that leave you wondering about the Ethernet jack/interface relationships, the 5600 series is clearly labeled. The LCD screen displays a strong administrative password to connect to the device through a Java client.

The GUI allows you to create and edit security policies in a straightforward manner and to manage the various security features of the product in a single interface. For example, you may create a single rule that integrates firewall functionality with content filtering. The reporting and monitoring section of the GUI provides integrated reporting from all the components.

Administrators will still need a basic understanding of interfaces, ports and protocols. We created a firewall rule to allow access to our preferred name server; this required creating a service group that included the DNS service, a new host entry for our preferred DNS server and a rule allowing the outbound access.

The clientless virtual private network works similarly. After installing an SSL certificate, you may offer Web-based VPN services to remote systems. A separate rule base controls acceptable activity, allowing the use of disparate policies for local and remote users. Symantec also offers a client-based IPsec VPN solution.

The 5600 series leverages a number of familiar technologies in the Symantec portfolio -- its flagship antivirus technology and the intrusion detection/prevention capabilities used in its network security offerings. The antispam feature, on the other hand, was custom-developed for the 5600 series and is not based on Brightmail.

URL filtering is based on Symantec's internally developed categorization database, as well as its Dynamic Document Review to categorize unlisted URLs. The filter detected all of the well-known objectionable sites we tested it against, but failed to flag several obvious pornography and gambling sites that were not in the database.

You may also use the appliance to enforce client desktop security configuration -- provided that you use Symantec client security products, such as antivirus and personal firewall. Noncompliant clients may be quarantined for remediation.

The 5660 we tested is the high end of Symantec's integrated security series, with 10 built-in 1 Gb Ethernet ports, and support for four additional fiber interfaces. SMBs may wish to consider the lower-end 5640 or 5620. The base product includes the appliance, firewall functionality and unlimited gateway-to-gateway VPN sessions, with added costs for the other security features.

Some enterprises will prefer to diversify their security lineup, opting for best-of-breed and eschewing dependence on a single vendor. However, the 5600 series is an attractive choice for strong, easy-to-manage security capabilities or an integrated solution for resource-poor branch offices.

About the author
Mike Chapple, CISA, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine, and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.

This tip originally appeared on SearchSecurity.com. This product review also appears in the March 2006 issue of Information Security magazine.

Rate this Tip To rate tips, you must be a member of SearchSecurityChannel.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Security Key aspects of cloud computing services Check Point NGX R65 operational changes Top security tips for solutions providers What 2008 holds for unified threat management Making sense of network access control How to use shared object rules in Snort Snort frequently asked questions How to secure the chain of custody in a digital forensics investigation Checklist: Top five security assessment tools Using Microsoft Baseline Security Analyzer to detect security holes Virtual Private Network (VPN) Security Top security book excerpts of 2007 Network Access Protection enforces security on Windows networks VPN penetration testing VPNs: SSH Integrated security: Corrent's SR110 SSL VPN Web Security VPN security at-a-glance: True or false? VPN security and SOX compliance NAC, VPNs and behavior analysis in the Interop spotlight RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.