NetASQ U6000 UTM appliance
An enterprise level UTM appliance that combines tough firewall and IPS functions with strong anti-spam and web content filtering capabilities.
Dedicated plug-ins are used for protocol analysis where packets are checked for conformity and these function at the kernel level to further improve performance. All the plug-ins are enabled by default and are set to auto-attach to traffic as determined by the engine's protocol detection. Policies bring firewall and IPS functions together and are available for traffic filtering, NAT, enforcing implicit rules and applying QoS.
You can create up to ten separate rules with different configurations and use schedules to decide when each one is active. Traffic filter policies are easy enough to create as you pick your interfaces, choose a protocol, assign source and destination objects and select an action.
Anti-spam services are handled by the Vade Retro engine which uses DNS blacklist analysis and heuristic analysis plus domain blacklist and whitelist filtering. To test this we hooked the appliance up in the lab and left it to filter live email for over a week with the clients dropping tagged messages into a separate folder. At the end of the test the U6000 delivers a high spam detection rate of 93 per cent with a low one per cent rate for false positives.
For web content filtering you get NetASQ's own URL lists as standard but in the review unit we had the optional Optenet upgrade. Performance was also impressive as we configured a rule to block access to all gambling sites, Googled for online bingo sites and watched the appliance only allow access to three sites out of 100 visited.
The RealTime Monitor tool provides a handy dashboard overview of the appliance and its status plus plenty of information about network activity, filtering policies, interfaces and users. The Event Reporter will also prove useful as it offers detailed reports on all areas of operations including services, filtering proxies and IPS plug-ins and the results can be exported to text, CSV, XML and HTML formats.
The U6000 looks a good all-in-one security solution and during testing we found it easy to deploy and manage and capable of delivering high out of the box scores for anti-spam and web content filtering. The hardware platform offers a reasonable specification with plenty of options for network port expansion although HTTPS filtering needs to be supported to make it a complete enterprise security package.
NetASQ has always focused on UTM appliances and it shows as its firewall and IPS features are designed to have a minimum impact on network traffic. With no user limits on the license the U6000 offers good overall value and we found the anti-spam and web content filtering services performed well during testing. The only drawbacks are a lack of spam quarantining facilities and no support yet for filtering HTTPS traffic.
Chassis: 4U rack chassis
CPU: 3GHz Xeon 5160
Memory: 4GB 667MHz DDR2
Storage: 2 x 73GB Seagate Cheetah 10K.7 Ultra320 SCSI hard disks
RAID: Adaptec 2020ZCR Ultra320 SCSI with 64MB cache
Network: 6 x Gigabit Ethernet
Power: 2 x 800W hot-swap supplies
Management: NetASQ Unified Manager, Realtime Monitor, Event Reporter
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now