- Simple to install -- just plug and forget.
- Noisy, and could lead to complacency.
The easiest approach to security for many small and medium-sized enterprises (SMEs) is to buy an appliance that does it all, and then forget about it. Although this minimises the management burden, it's not optimal, not least because threats change over time -- for example, as new viruses are born and the network's configuration changes.
Alternatives are either to outsource security entirely or to hire an expert, but neither solution is cheap. Instead, Network Box offers a halfway house between the two approaches: you buy the box, pay an annual management fee and then leave it alone. Network Box or one of its resellers runs the appliance for you, configuring it to fit in with your security policies, and you still save compared to the alternatives.
The SOHO-targeted appliance we evaluated sits at the bottom of a range of five products and offers a range of services from basic security such as a firewall, intrusion detection, virus protection and an IPSec VPN, to spam and content filtering.
The firewall is a home-grown product, offering packet and stateful inspection; the VPN security deploys 3DES and 2,048 RSA encryption algorithms; and the bi-directional mail filtering technology uses SurfControl's filters, with the ability to block individual Web sites and/or categories of sites as required. It works using common email protocols POP, SMTP or IMAP.
Claimed performance at this lower end of the scale is up to 2,000 messages per hour for the AV module and 20Mbps for the VPN. Moving higher up the product range buys you higher throughput up to the one gigabit level, plus redundancy (including mirrored disks and power supplies), all in a rack-mounted chassis.
The deal is that a Network Box reseller will assess your requirements, and then install and configure the unit, the aim being to minimise disruption to client setups. For our purposes, Network Box sent an engineer to insert the product into our ADSL-connected network, connecting it between the router and the main 10/100Mbps switch.
A front panel assembly offers a rotating status report, along with off and reset buttons, and status LEDs, while inside is an AMD CPU on an Acorp motherboard coupled to a Seagate 40GB disk and 128MB of RAM. In addition to a pair of Ethernet ports, the back houses a series of sockets that are mostly redundant as far as the functionality of the box is concerned, including IEEE 1394, S-Video and audio outlets. Network Box reckons some of them might be used in future products.
Startup revealed a few initial problems, including a brief period when, oddly, SurfControl blocked The Guardian newspaper's Web site on the grounds that it was pornographic. These and one or two other minor teething troubles were swiftly fixed remotely and, other than that, the standalone box, neatly tricked out in ribbed black plastic and Perspex, performed exactly as expected. The hard disk also acts as a cache, speeding up browsing.
There were one or two drawbacks, chief among which is the noise it makes, most emanating from a 3,200rpm fan. The off button is also very easily pressed by accident -- another reason why you'd want to site this appliance away from users. There's also nothing to stop users opening the box, access being very easy via a pair of thumbscrews. Sadly, this all seems rather a waste of its snazzy styling.
That said, Network Box claims that none of its products' security has yet been breached, and that new threats are countered by swift reactions from the centre, pushing new signatures and control files down the wire to boxes on customers' premises.
You can view what the box is up to by logging into it and examining the detailed logs and configuration, although any changes must be made by the supplier. It also emails you a weekly, top-level report summary, which includes the number of viruses blocked, firewall alerts issued and spam emails detected -- it marks these clearly as spam for easier processing by email client rules.
Overall, this is an innovative approach that has many merits, and will strike a chord with those who want their networks secured with minimal hassle. It will only remain for Network Box's customers to ensure that their end-user security policies are similarly kept enforced and up to date.