SmoothWall UTM-1000 review
Smoothwall’s latest all-in-one security appliance is a top performer but not so easy to install and configure.
Smoothwall has traditionally focused on delivering software network security solutions where you choose your own hardware platform enabling you to make some savings by calling up a retired system back into active duty. It made the move to appliances much later than a lot of the competition but its SmoothGuard family was recently expanded to three models, each aiming to score highly on value and features.
On review we have the SmoothGuard 1000-UTM, which offers a good hardware specification. Whereas some appliance vendors think they can get away with a cheap hardware platform, the 1000-UTM is a solidly built 1U rack chassis endowed with a decent processor, plenty of memory, a 120GB SATA hard disk and no less than seven Gigabit Ethernet ports. The LCD display panel and control pad at the front are used to reboot the appliance or shut it down, reset administrative access or restore factory defaults.
Smoothwall is offering a good deal for the price as the 1000-UTM comes preconfigured with its Advanced Firewall and Guardian web filtering plus support for 1,000 IPsec VPN tunnels, which can be increased to an unlimited number if required. You also get IDS/IPS, the SmoothZap email anti-virus service plus gateway anti-virus which comes courtesy of the open source ClamAV.
It certainly looks a bargain but bear in mind the 3,000 starting price only gets you Guardian web filtering support for ten users. It's easy enough to upgrade with demand and you can also pick and choose from options including the MailShell anti-spam, QoS and traffic management. Hardware fault tolerance is available as a pair of appliances and can be configured for load balancing and failover.
There are certainly plenty of security features on offer but we found the web interface isn't the best designed. It's not that intuitive so it isn't immediately obvious where some of the features are accessed from. For testing we located the appliance inline between our LAN and WAN and configured one Gigabit port as internal and another as external.
We encountered some irritating problems here as try as we might we couldn't get the WAN port to function as a DHCP client. Even Smoothwall's support couldn't get it to work and in the end we opted for a static address. With internet access configured, the appliance should automatically register itself with Smoothwall but this only worked after we granted remote access for an engineer so they could reset it.
The network ports support a range of roles so you can have internet access policies but by making ports members of different zones you can also have intra-zone policies as well. By default, all zones are hidden from each other and you simply create bridging rules to allow specific zones to access others.
The appliance uses a number of open source components with the well respected ClamAV looking after anti-virus scanning. Snort handles intrusion detection and prevention functions and you can activate different rules to look only for particular attacks. To apply custom rules you need to create a file and upload it to the appliance but if you want to automate this you can get yourself a Snort oink' code instead.