Panda GateDefender Performa e9100lite review

Panda’s Performa e9100lite combines tough wired and wireless network security with good value and performance

Price
£2,646
  • Easy deployment; Single price for all subscriptions; Good security measures; Slick reporting; Remote management
  • Noisy cooling fans; Weak hardware spec

Panda's GateDefender Performa e9100lite aims to provide complete perimeter security for businesses of up to 250 users. This is more a limitation of the hardware as Panda doesn't enforce per-user licensing and you just pay a yearly subscription fee which activates everything. 

And features aplenty there are too as the e9100lite delivers firewalling, support for IPSec and SSL VPNs, anti-virus, anti-spam, web content filtering and application controls. Its mirrored hard disks serve as a web cache and spam quarantine area and Panda provides some cunning wireless security features as well.

The e9100lite has a modest hardware spec comprising an elderly 2.6GHz dual-core Pentium E5300 and 2GB of DDR2. We also found the cooling fans are very noisy making it a poor partner in an office environment.

Panda's dashboard view keeps you posted on proxy and appliance status plus traffic throughput

Proxies for all

The eight Gigabit ports can be used to provide LAN, WAN or DMZ duties. For installation we just hooked a system up to the first port, faithfully followed the quick start wizard and had it up and running with secure Internet access inside 15 minutes.

We particularly liked Panda's colour coordination as it uses green, red, orange and blue zones for trusted, Internet, DMZ and wireless services. This made light work of deciding where to apply our security policies as we could choose which physical ports were members of each coloured zone.

Proxies are used throughput Panda's security policies and control HTTP, HTTPS, SMTP, POP3 and FTP traffic. You have non-transparent and transparent proxies for HTTP and we plumped for the latter as it avoided making any changes on our users' browser settings. 

Profiles are used to assign filtering policies to sources and destinations and enforce authentication using the local appliance, Active Directory, LDAP or RADIUS. For web filtering, Panda offers five general URL categories covering themes such as parental control and security and within these you have a total of 83 sub-categories so filtering can be easily fine-tuned.

Panda's colour schemes made it easy for us to assign policies to the correct ports

Anti-spam and wireless security

The POP3 proxy is easy to configure where it applies anti-virus measures and the SpamAssassin service to inbound mail. However, it can only tag the subject line of suspect spam messages and can't move them to the quarantine area.

The SMTP proxy uses the more sophisticated CommTouch hosted service but can only be applied to mail traffic being passed to an internal mail server. However, along with virus and spam checking, it can send suspect messages to the hard disk quarantine area for further examination.

For wireless network security you simply plug an AP or a switch carrying wireless traffic into the ports placed in the blue zone. For secure Internet services, all proxies can be applied to the blue zone and the firewall configured to allow wireless traffic only between blue and red zones.

The Hotspot feature is a standard service across all GateDefender appliances and supports access and billing controls. You can also use it to redirect wireless users to a login web portal complete with AUP.

Performance surprises

For performance testing we used the lab's Ixia Xcellon-Ultra NP load modules and IxLoad control software. Prior to starting we disabled the appliance's web caching by adding the Ixia's virtual servers to the proxy's non-cache list.

We're not sure how Panda tests its appliances but even with caching disabled we saw significantly better results than those claimed. With the HTTP proxy disabled, we saw an average firewall throughput of 915Mbits/sec - 14 per cent higher than Pandas' figures. 

Enabling the proxy with a basic non-filtering policy saw throughput drop to 480Mbits/sec and with AV scanning enabled this fell further to 230Mbit/sec. IPS takes its toll as with this enabled, IxLoad recorded an average HTTP throughput of 180Mbits/sec still nearly twice Pandas' claims.

To check the appliance's caching efficacy, we reran the test with the proxy only enabled and confirmed our 480Mbit/sec results. Halfway through the test, we enabled the cache for all web traffic and saw the throughput graph jump rapidly up to around 650Mbits/sec.

Along with good on-board reporting, the appliance can be managed remotely using the PMC portal

Perimetral controls and reporting

Panda's Perimetral Management Console (PMC) will appeal to larger businesses and MSPs with multiple appliances spread over different locations. To use the PMC web portal we just needed to register our appliances with it during the setup phase. The portal opens with a list of assigned appliances each with status icons and remote access facilities for management and updates.

On-board reporting facilities are good as the appliance's web interface provides a dashboard overview of all activity and a wealth of graphs for the services, proxies and firewall. The traffic monitoring page provides some slick graphs showing flows and top hosts while live logs for all proxies let us keep a close eye on the action.

Conclusion

The e9100lite is better value than the Dell SonicWALL NSA 2600 as although this appliance is much more powerful, a one-year Total Secure bundle and anti-spam subscription pushes costs to nearly 3,000. What we also like about the e9100lite is its easy deployment, the port zoning features and its vendor agnostic wireless security measures.

Verdict

The Performa e9100lite delivers a good range of security features which includes anti-spam measures and mail quarantining. It’s not as powerful as the Dell SonicWALL NSA 2600 but it is better value and easier to deploy.

Chassis: 1U rack

CPU: 2.6GHz dual-core Intel Pentium E5300

Memory: 2GB DDR2

Storage: 2 x 250GB SATA hard disks

Network: 8 x Gigabit (LAN, WAN, DMZ)

Other ports: 2 x USB 2, RJ-45 serial, VGA

Power: Internal PSU

Management: Web browser

Options: Further yearly subscriptions, £1,408 ex VAT

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

SonicWall hacked via zero-day flaw in remote access tools
Security

SonicWall hacked via zero-day flaw in remote access tools

25 Jan 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021
Hackers publish over 4,000 files stolen from SEPA in ransomware attack
Security

Hackers publish over 4,000 files stolen from SEPA in ransomware attack

22 Jan 2021
Weekly threat roundup: SAP, Windows 10, Chrome
vulnerability

Weekly threat roundup: SAP, Windows 10, Chrome

21 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021