Panda Software GateDefender Integra 300

Panda's latest Integra family of security appliances moves it firmly into the small business UTM market and in this review we take a look at the top of the range 300 model which is aimed at companies with up to 250 employees.

Traditionally, Panda has focused on anti-virus software solutions but began dabbling with appliances a couple of years ago. It started off with the GateDefender 7100 which offered a simple plug and go anti-virus solution and augmented this with the GateDefender 8000 Series which provided additional anti-spam and content filtering options.

However, neither product range is capable of providing a full UTM solution as they both operate as transparent gateways at Layer 2. As such, they can't deliver firewall and VPN capabilities and Panda refers to them as content management appliances. By functioning at Layer 1 the Integra appliances can deliver the full gamut of security measures which include SPI firewalling, IPsec VPNs, anti-virus, anti-spam, anti-spyware, IPS and, of course, web content filtering.

The appliance is supplied as a 1U rack chassis with a decent specification which includes eight Gigabit Ethernet ports. These can function as LAN, WAN or DMZ ports and be used to provide security to different network segments. Furthermore, you can have multiple WAN ports for failover and a high availability option allows appliances to be clustered together for redundancy.

Installation is fairly straightforward and the appliance can also operate as a Layer 2 transparent gateway if you want, although you can only use the first two Ethernet ports and firewall and VPN functions will not be available making it a rather pointless exercise. For routing you need to manually create LAN and WAN ports and add a special firewall SNAT (secure network address translation) rule before the appliance will work properly. However, the appliance's web interface is well designed and easy to use and Panda also provides a wizard-based routine which steps through the entire process.

Commendably, the appliance blocks all inbound and outbound traffic by default and a single firewall rule needs to be unchecked to deactivate this. The appliance's home page opens up with a comprehensive status report showing each network interface, all enabled and disabled modules, system status and the current load. The Activity option goes into even more detail and shows connections and general throughput for each interface plus lists of files scanned and viruses, spam and spyware caught for each protocol.

Naturally, Panda uses it own anti-virus engine which we've always found has impeccable credentials. It's easy enough to configure as well as you simply decide which protocols you want scanned and how infections are to be handled. The appliance doesn't mess about with SMTP as any infected messages will be erased entirely but for other protocols you can opt to have suspect files either deleted or disinfected. If a file can't be cleaned up then HTTP and FTP transfers will be blocked and for all other protocols the file will be deleted. There's much more under the anti-malware tab as you can activate heuristics to try and sniff out new viruses, block dialler programs and hacking tools, set up anti-spyware and activate phishing protection. For the latter, each message is scanned for known phishing attempts and you can either delete or redirect dubious messages or attach custom warnings to the subject and body.