Contents
IBM ISS Proventia MFS MX3006
IBM ISS Proventia MFS MX3006 (Credit: IBM)
The IBM ISS Proventia MFS MX3006 has five siblings, starting with the MX0804 and ranging up to the MX5110. This is good as it means that organisations can deploy the smaller devices in the regional or branch offices and scale up to the larger models in head office datacentres and environments, and/or mix and match dependent on the applications and networks needing security without being stuck with a single product that may not fit the purpose or be overkill.
IBM describes this device as a multifunction security product, which is simply another term for unified threat management (UTM). A UTM device typically includes the convergence of a number of separate security technologies into one appliance. Fundamentally, this consists of a firewall and with additional functionalities, such as network intrusion detection, network intrusion prevention, antivirus, Virtual Private Network (VPN) or content filtering bundled into the device.
The MX3006 unit is housed by a well-constructed, compact, blue 1RU chassis. Its dimensions measure 355x430x40mm. Upfront are six RJ45 network ports, a power status LED, a DB9 pin male serial port for console connectivity, a two-line liquid crystal status/information display and four small buttons for navigation. These buttons are quite difficult to press as they are moulded into the same plastic that comprises the bezel. One assumes there are small micro-switches beneath with very little tactile feedback, as there is no audio feedback either to provide any indication that a button has been pressed.
Both sides and the rear of the device have good ventilation grilles. The rear of the unit has an IEC power connector, power switch, two USB ports, two internal expansion port access slots and four small fans, due to the size of these fans they operate at quite a high speed, which is very noisy. Some vendors integrate thermal sensors into their appliances enabling the fans to spin according to the device temperature and thereby reducing noise when they are at idle, the MX3006 doesn't appear to have this feature or it always runs hot and therefore noisy.
The integrated security features available for the MX3006 are: firewall, VPN, intrusion prevention, antivirus, anti-spyware, URL filtering and anti-spam.
IBM states that this product can detect and protect against over 7400 vulnerabilities straight out of the box, and that it has the world's largest content filtering databases, listing nine billion URLs. The antivirus component verifies against 340,000 known virus signatures. It also attempts to identify and block unknown viruses using behavioural analysis. Protection against spyware is covered by the analysis of output from several resources, including the intrusion protection system, the behavioural AV protection engine and the URL filter. IBM's biggest claim is that the device filters over 95 per cent of spam.
A key selling point for this unit is that it uses attack-based as well as vulnerability-based security intelligence from IBM's ISS X-Force research and development team (sounds like something from a movie!).
Access to the administration console can be gained in a number of ways, most commonly via a web interface. Set-up instructions provided with the device are very clear and concise. On start-up the LCD offers information as each service is started, providing clear guidance to the operator about the status of the device. The administrator is guided through a series of simple set-up procedures prior to launching the management console. Enex would go so far to suggest that the IBM ISS MX3006 device is the easiest integrated security device to set-up of any we have had through the lab.
This impressive level of user-friendliness continues with the management console. Also web-based, the management console resembles the traditional left-hand, menu-based system. Its home page contains a number of panels for at-a-glance monitoring of the various functions.
The Management Console of the MX3006. (Credit: CBS Interactive)
In summary, the IBM ISS Proventia Network Multifunction Security MX3006 is a very well refined, extremely easy to administer and manage integrated security device. It is perfectly suited to the medium-sized enterprise and has just the right number of features, without going overboard or trying to be everything to everyone. We would even go as far to say that this device would suit remote/regional branch office deployment of larger organisations needing a simple straightforward well-featured security device.
The included warranty is one year; this can be extended by paying a quite hefty annual maintenance fee, which is AU$4228.40 inc. GST. The price of the product itself, at AU$16,000, while not cheap, is acceptable considering the intended market, features and functionality.
| The bottom line | Easy to use, well-designed, great features without going over the top. If you are responsible for the security procurement for a medium-sized enterprise then definitely shortlist this one for evaluation in your environment. |
|---|---|
| Vendor | IBM |
| Price | AU$16,306.40 |
| Warranty & support | One year warranty and antivirus licence for up to 500 users (maximum recommended users for this device), can be extended by annual fee of AU$4228.40 |
| 24/7/365 telephone support | |
| The good | Very easy to set-up and manage |
| Good set of features without going over the top | |
| One of a larger family of devices enabling scaling between offices/applications | |
| The bad | Relatively expensive |
| Buttons on front panel are hard to press | |
| Quite noisy due to the small size of the exhaust fans | |
| Annual maintenance fee is quite pricey |
I'm amazed that you didn't bother to test the platform with the most impressive security track record known to man - OpenBSD.
It's easy to configure. There are no licensing costs. The rule set for PF is human readable. It supports IPv6.