NetASQ U6000 UTM appliance

An enterprise level UTM appliance that combines tough firewall and IPS functions with strong anti-spam and web content filtering capabilities.

NetASQ U6000 UTM Appliance
Price
£20,326

Enterprises have traditionally favoured point solutions for their network security as these are capable of delivering high levels of protection within their areas of expertise.

However, the high costs for support, management and maintenance are driving many towards UTM appliances as these can offer a complete range of security features in a more cost-effective an easily managed solution.

A major concern for larger businesses is performance as a single appliance handling all security functions has the potential to become a bottleneck. NetASQ aims to solve this with its latest U6000 which it claims as the first carrier grade UTM appliance with a maximum throughput of 5Gbps. Another bonus is NetASQ's licensing model as it provides support for unlimited users as standard.

The U6000 brings together NetASQ's firewall and IPS capabilities and serves them up with anti-virus, anti-spam and web content filtering services. Central to the appliance is the ASQ (advanced security qualification) engine which runs on a hardened FreeBSD kernel and uses three traffic inspection modes where it watches out for malicious content, employs behavioural and statistical analysis and uses twenty signature databases. ASQ is designed to reduce scanning overheads as it handles all firewall, NAT and VPN functions itself before passing it over to the mail and web proxies so reducing the number of processes required.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The hardware package for the U6000 is adequate as this 4U Supermicro rack system is equipped with a single 3GHz Xeon 5160 teamed up with 4GB of memory. The storage arrangement does look a little dated as the appliance comes with a pair of 73GB Seagate SCSI hard disks configured in a mirror. Power redundancy is also on the menu as the appliance is supplied with a pair of hot-plug supplies.

Network connectivity options are extensive as along with two embedded Gigabit ports, the price also includes a quad-port Gigabit card. The appliance can support up to 24 network interfaces and the wide range of spare expansion slots allows you to mix copper and fibre. As the appliance represents a single point of failure, HA is an essential feature and the U6000 supports active/passive configurations.

For deployment the U6000 can route traffic between selected network interfaces, function as a transparent bridge or use a combination of the two. Web browser access isn't available as management is carried out by NetASQ's own Unified Manager, Realtime Monitor and Event Reporter utilities. For the mail and web content filtering services, NetASQ uses transparent proxies. There are pros and cons here as no client configuration is necessary but for mail it can't perform quarantining. It can only tag the subject line of suspect messages so you'll need rules for handling these either on your mail server or at each mail client. HTTPS scanning is also conspicuous by its absence.

We opted for the transparent bridge mode for testing in the lab and found installation easy enough and aided further by a useful CD-ROM based wizard. The Unified Manager utility is well designed and provides easy access to all functions. Network interfaces need to be defined for LAN, WAN and DMZ duties and then you can create objects to represent network entities, services, users and hosts. User authentication is provided as the appliance supports LDAP and can use a wide range of methods including RADIUS servers.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/operating-systems/microsoft-windows/354526/memes-and-viking-funerals-the-internet-reacts-to-the
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020