Integrated Security: Symantec's Gateway Security 5600 series

This tip, courtesy of SearchSecurity.com, reviews the Gateway Security 5600 series integrated security appliance so that network consultants and value-added resellers (VARs) can offer an informed equipment recommendation to VPN customers seeking an all-in-one solution.

Gateway Security 5600 series
Symantec
Price: Starts at $3,150

Symantec's Gateway Security 5600 series integrated security appliance is an ideal solution for enterprises restricted by the expense and resource requirements of separate products.

The 5600 series offers firewall, antivirus, antispam, content filtering, IDS/IPS, VPN and client configuration compliance, all managed through a clean GUI.

Installation was a breeze. The front panel of the device includes a two-line LCD display and several command keys, allowing you to configure a network interface without a console cable. Unlike many appliances that leave you wondering about the Ethernet jack/interface relationships, the 5600 series is clearly labeled. The LCD screen displays a strong administrative password to connect to the device through a Java client.

The GUI allows you to create and edit security policies in a straightforward manner and to manage the various security features of the product in a single interface. For example, you may create a single rule that integrates firewall functionality with content filtering. The reporting and monitoring section of the GUI provides integrated reporting from all the components.

Administrators will still need a basic understanding of interfaces, ports and protocols. We created a firewall rule to allow access to our preferred name server; this required creating a service group that included the DNS service, a new host entry for our preferred DNS server and a rule allowing the outbound access.

The clientless VPN works similarly. After installing an SSL certificate, you may offer Web-based VPN services to remote systems. A separate rule base controls acceptable activity, allowing the use of disparate policies for local and remote users. Symantec also offers a client-based IPSec VPN solution.

The 5600 series leverages a number of familiar technologies in the Symantec portfolio--its flagship antivirus technology and the intrusion detection/prevention capabilities used in its network security offerings. The antispam feature, on the other hand, was custom-developed for the 5600 series and is not based on Brightmail.

URL filtering is based on Symantec's internally developed categorization database, as well as its Dynamic Document Review to categorize unlisted URLs. The filter detected all of the well-known objectionable sites we tested it against, but failed to flag several obvious pornography and gambling sites that were not in the database.

You may also use the appliance to enforce client desktop security configuration--provided that you use Symantec client security products, such as AV and personal firewall. Noncompliant clients may be quarantined for remediation.

The 5660 we tested is the high end of Symantec's integrated security series, with 10 built-in 1 Gb Ethernet ports, and support for four additional fiber interfaces. SMBs may wish to consider the lower-end 5640 or 5620. The base product includes the appliance, firewall functionality and unlimited gateway-to-gateway VPN sessions, with added costs for the other security features.

Some enterprises will prefer to diversify their security lineup, opting for best-of-breed and eschewing dependence on a single vendor. However, the 5600 series is an attractive choice for strong, easy-to-manage security capabilities or an integrated solution for resource-poor branch offices.

About the author
Mike Chapple, CISA, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine, and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.

This tip originally appeared on SearchSecurity.com. This product review also appears in the March 2006 issue of Information Security magazine.

Rate this Tip To rate tips, you must be a member of SearchNetworkingChannel.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    << PREVIOUS | NEXT >> VIEW ALL IN THIS CATEGORY RELATED CONTENT VPN Vendors SSL VPNs: Five popular products compared Virtual Private Networks (VPNs) VPN setup guide, part 2: How to configure Windows Vista workstations Vista VPN setup guide, part 1: How to configure Windows Server 2008 Windows VPN client side troubleshooting Troubleshooting Windows VPN connectivity on the server side Windows VPN user account troubleshooting How to set up a Windows VPN: A step-by-step guide VPN fundamentals for VARs and network consultants SSL VPNs: Five popular products compared IPsec VPNs: Identity and authentication options Remote access VPNs: Troubleshooting basics VPN Equipment and Services Selling affordable VPN, branch networking in tough economy with Aruba Selling advanced VPN technology FAQ Virtual Private Network (VPN) Podcast For VPNs with both browser- and client-based access, why would anyone use the client-based method? As customers start using mobile devices, they are using fewer VPN-enabled desktops. Are there new VPN solutions that can be offered for mobile workers? How would a value-added reseller sell a new SSL VPN concentrator to a customer who already has a firewall/VPN? Access limitation on Cisco 3000 concentrators Implementing ISA servers Avaya Partner Program Checklist VPN fundamentals for VARs and network consultants RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.