FortiGate Network Protection Gateway 200
The FortiGate is a small 1RU unit that can be either rack mounted or simply stacked. It’s certainly not a complex looking unit—the front panel features five status LEDs for Power, Status, Internal LAN, External LAN, and DMZ LAN (the three 10/100 Ethernet ports and a COM port). The unit is sealed and with one exception has no user serviceable parts—the exception is the 2.5in 20GB hard drive that resides in a removable cradle at the rear of the unit. The FortiGate is also much more than an AV appliance because it also includes integrated firewall, intrusion detection, and VPN.
Installation and configuration was very simple, a stark contrast to the Symantec unit for example. We simply connected a notebook to the internal LAN port with the supplied crossover cable and, using a Web browser, accessed the unit’s Web interface.
The Web interface is far from complex, in fact it is one of the simplest we have seen, and although it’s very easy to navigate it is nevertheless still feature rich. The unit can be configured to screen HTTP, SMTP, POP3, and IMAP protocols and set to either Network Address Translation (NAT) or transparent mode. Both antivirus scanning (which includes scanning for worms) and content filtering can be configured to screen between all three LAN interfaces (internal, external, and DMZ), in both directions if required. Now while the unit is quite flexible in terms of the interface and directions screened, it’s pretty heavy-handed when a virus is detected: the offending file is simply deleted from the data stream and replaced by a message alerting the receiver of the infection and the deleted file. Setting the AV software up to block specific types of files functions in much the same way—the offending file is deleted and again the receiver informed. File types that can be specifically blocked (or allowed as the case may be) include exe, bat, com, vbs, zip, gzip, tar, hta, rar, scr, dll, and MS Office files containing macros. What is neat, but perhaps not all that useful, is a feature that enables a list of all viruses and worms that the FortiGate recognises to be displayed. The virus signatures can be updated manually or automatically on either a daily or weekly basis.
As far as Web traffic is concerned the FortiGate can block specific URLs, or all URLs for that matter and then you can simply allow a couple of enumerated ones through. Content blocking also allows the definition of banned words and these can be in English, Chinese, Japanese, or Korean.
Full event logs are maintained by the appliance and these can be saved on the unit’s internal hard drive or, if you choose, on a nominated remote PC. The log files are not particularly pretty and if your organisation suffers quite a few attacks and attempted virus incursions it can be a pain to wade through, however there is a useful search feature so you can zero in on particular incident types.
| Product: | FortiGate Network Protection Gateway 200 |
| Price: | AU$7400.80 |
| Vendor: | Hallmark Computer International |
| Phone: | (03) 9540 8555 |
| Web: | www.hallmark.com.au |
|
|
|
| Interoperability: |
Screens HTTP, SMTP, POP3, IMAP with a good set of virus and content scanning features but not as extensive as McAfee. |
|
|
|
| Futureproofing: |
Automatic virus signature updating. |
|
|
|
| ROI: |
Very reasonably priced for an AV appliance with the added bonus of an integrated firewall, VPN, and intrusion detection. |
|
|
|
| Service: |
½1-year warranty; phone, e-mail (Mon-Fri 9 to 5 but other options are available); currently no Web support. First year support is free. |
|
|
|
| Rating: |
½ |
|
|
|
8%
1%
Once you know what modern worms do with emails (hint: they fake "from" field), thinking like "it would be helpful if the AVA sent a message back to the sender warning them that they passed on malicious code" is, in my opinion, step in spreading spam around the world.