- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
| Intro to UTM Testing | Testing categories | Product Summaries | Click tabs to expand |
|---|
Editor’s note: This is a summary of our testing of this product, for a full rundown of how it fared in our testing across 10 UTM categories, please see our full coverage.
The Sidewinder 2150D is a proxy-focused firewall built on top of a secure Unix kernel. The 2150D itself is based on a general-purpose 2U Intel-based server, and Secure Computing has chosen an especially hefty (and noisy) Dell chassis for its system.
Secure Computing has been in the proxy firewall business for a long time, and it recently acquired its closest competitor, Cyberguard. For customers who want the type of security promised by a full proxy firewall (rather than a packet filtering firewall, the common strategy for most other vendors), Secure Computing represents a highly refined and very sophisticated security gateway. (For more on this topic, see Why are UTM Firewalls so slow?)
An important piece that came with the Cyberguard acquisition was its central management tool. We tested the Sidewinder 2150D at an awkward time, because Secure Computing had released Version 7 of the software — containing critical UTM features, such as an IPS — but had not yet released the central management tool for the Sidewinder.
We did most of our configuration using a local management system and were given a few hours to look at an early beta of the central management tool, but didn’t fully assess the two pieces working well together. The policy-management model we tested is sophisticated, letting you easily control policy in areas such as VPNs and NAT.
One clear difference between the Sidewinder and other UTM firewalls tested is that this is a “security wonk” kind-of firewall in that you will need a firm understanding of both security and Unix. For example, when configuring and managing the Sidewinder, you are very aware of whether you are using a simple packet filter, a generic proxy or an application-specific proxy.
These have huge configuration and performance impacts, as our testing has shown, so you have to be constantly aware of whether you’re using proxies or packet filters for any security policy you’re implementing. The Sidewinder is also not a firewall that discourages you from using the command line. In fact, there are some tasks you simply cannot effectively do without the command line, such as configuring dynamic routing, setting up antivirus filtering on e-mail and fully managing the IPS.
The biggest difference between the Sidewinder and other UTM firewalls we tested is the positive-security model. In Secure Computing’s world, you explicitly allow traffic in and out of the enterprise, knowing exactly what application is running on each port. Yes, you can work around that, but when you do, you’re not using the power of the Sidewinder and might as well pick up a cheaper, simpler, firewall.
In an enterprise environment where the positive-security model works well, the Sidewinder fits right in. However, if the policy is to generally control inbound traffic, but not do much to control outbound connections from users, then the Sidewinder would be a great source of frustration.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment