Contents
Astaro Security Gateway 525
(Credit: Astaro)
The Astaro Security Gateway (ASG) 525 is the big brother of the ASG family. There are currently six models available with the smallest targeted at just 10 users, moving up from there. A software solution and virtual appliance are also available, so they have most bases covered.
The vendor claims that the ASG 525 is capable of handling between 600 and 3000 users, which is a wide-open claim. This would depend on the enterprise environment concerned, as well as the demands and network usage involved.
The ASG 525 and its siblings provide standard firewall and VPN functionality along with content filtering, spam filtering, malware scanning, intrusion detection and bandwidth management. Interestingly it can also handle mail encryption, which is a rapidly emerging consideration in many organisations these days.
The 525 is housed in a robust, full-length 2RU chassis. At the front are 10 Ethernet (10/100/1000) ports, along with an additional management Ethernet port, two serial and two USB ports. A small liquid crystal display (LCD) for status information and four buttons for scrolling through options are also available. Two pairs of status LEDs advise power and hard-disk drive (HDD) activity. Two LEDs for each of the Ethernet ports indicate connectivity and activity.
Both sides of the chassis have good ventilation grilles. The rear of the unit has two key-locked, removable, hard-disk enclosures; three exhaust fans and a VGA port (these appliances are built on standard PC architecture). The rear also houses the power switch, a reset switch, another power LED, and two power supplies that each utilise separate IEC power cables. Each power supply has two exhaust fans.
Astaro claims it differs from most other UTM vendors because it offers products as a hardware appliance or as a software ISO. This, the company argues, enables prospective customers to choose an unlimited style of licensing model on their own appliances (where the customer's hardware is the limiting factor as to how far the installation can scale upwards before requiring additional units or the purchase of a bigger unit) or choose a tiered protected-IP model based on Astaro's software ISO.
Astaro's software provides the exact same functionality as its appliances, however, it allows an end-user to use their own x86-based hardware. Customers therefore, could conceivably re-purpose servers for use as an Astaro UTM appliance, moving to bigger and better hardware as required, taking their configuration with them. The software ISO can also be loaded in virtualisation environments, further reducing hardware overheads.
Astaro states that its objective for the ASG range is to solve problems for companies, individuals and administrators. It focused on end-users and heeded their feedback. Over 70 per cent of the features and functionality of these products are a direct result of customer consultation. Astaro's users will see the product evolving as a direct result of their needs.
The installation and initial configuration of the device is relatively straightforward. A number of management options are offered and, as with most UTMs, there is an overwhelming array of features screaming out for attention. Astaro has presented these in a logical and easy-to-use way.
The administrative interface of the ASG device (Credit: CBS Interactive)
Design-wise the product is solid and supports a rich feature set. The physical quality of the craftsmanship of the device itself is very high, which is expected by the larger end of the business security market.
Maintenance packs for one, three and five years are available and include updates, hardware replacement and technical support (web, email and phone). Gold subscription packages are offered through Astaro partners during office hours. Platinum subscriptions are 24/7. You will need to be seated to read this: a one-year gold package costs AU$7457 for the 525 model, and it gets more expensive as you option up. The platinum package (for five years) costs a whopping AU$47,233!
This price range, even considering the product is aimed at the larger enterprise, is high at AU$40,800 – AU$60,100.
Astaro is up against some fierce competition at this end of the security device market. This Astaro product is, however, worthy of inclusion on your shortlist. Assuming, of course, that your CFO can stomach the price.
| The bottom line | Feature rich, easy-to-manage security product for the larger enterprise. |
|---|---|
| Vendor | Astaro |
| Price | AU$40,800 – AU$60,100 |
| Warranty & support | Gold (office hours support): one-, three- and five-year packs AU$7457 to AU$28,353. |
| Platinum (24/7 support: one-, three- and five-year packs AU$12,405 to AU$47,233. | |
| The good | ASG is available as an appliance or as software only |
| Good feature set | |
| Easy to use considering complexity of functions | |
| The bad | Expensive product |
| Maintenance packs are even more expensive |
I'm amazed that you didn't bother to test the platform with the most impressive security track record known to man - OpenBSD.
It's easy to configure. There are no licensing costs. The rule set for PF is human readable. It supports IPv6.