The concept of the Brick firewall and also the management behind it is excellent. This whole firewall device family is suited to businesses spread over multiple geographic sites and with varying sizes of operation. For example a corporate HQ with 800 employees could deploy the larger Brick solutions to protect their primary network and its interconnections with external networks, while the same company could deploy smaller Bricks in its remote sales and retail locations to protect their smaller networks. It can all be tied together with the Lucent Security Management Server (LSMS).
Alternatively the Lucent Brick technology can be deployed within an enterprise's single geographic network environment and used as a "defence in-depth" strategy to segregate, monitor, and protect different networks and sub-networks. The beauty of the system is in its LSMS management console application which enables security administrators to centrally control and manage hundreds and even thousands of registered Bricks from the one location -- 10,000 Bricks according to Lucent's LSMS Web site.
The Lucent Brick 150 that we were supplied for this review was a robust (read heavy) 1RU device. A neat feature is the ability to create virtual firewalls and policies within the one device. The primary system administrator can then assign quite granular access rights and privileges to nominated parties to allow sub-administration and report creation to be performed without allowing the operators full access to the device. These rules can be controlled to a point where each policy change can be sent to the system administrator to approve prior to its executions.
Logging in its most basic form is via text to a central directory. The Bricks can then be set to push this log out to a central repository or server for report-processing. There are quite a few popular report-management tools that can be used to create usable reports. The administrator has the ability to set several levels of logging for virtually every function of the device, enabling logging to be tailored to the owners requirements.
The Lucent Brick family is well suited to deployment within VoIP-enabled enterprises. Several specific rules and policies can be created to enable dynamic pinholes to be created in the firewall to allow SIP and H.323 traffic in and out. This saves great slabs of port ranges having to be open and therefore made potentially vulnerable. Again granular rules and policies can be enabled to allows control of this traffic -- even between virtual policy groups on the one device.
The Brick family enables the administrator to apply quite a comprehensive array of bandwidth controls, from maximum session speeds to individual group aggregate speed. Bandwidth availability can also be evenly spread across users and a percentage can be set to retain some usability in the event of a denial-of-service attack.
Lucent is one to shortlist for evaluation, particularly if the enterprise is spread geographically with many offices or if multiple firewall layers are called for.
|
| ||||||||||||||||||||||||||||||
How can you test all firewalls and leave the marketleader out ? All these are toys ! :)checkpoint rules