NAI Gauntlet - A reliable solution for network security
NAI Gauntlet is one of the most trusted firewalls when it comes to network security. Read details about its set-up, interface, security features and prices.
NAI Gauntlet is one of the most trusted firewalls in the security industry. The firewall uses not only stateful packet inspection but also security proxies for all secured services. All the versions ahead Gauntlet 5.0 support adaptive filtering for high performance. In this type of filtering, the proxy server first inspects initiating connections at the application layer and once they are authenticated, they are dropped to the network layer for stateful filtering. NAI Gauntlet is a multi-threaded firewall that gives even higher performance on multiprocessor machines.Installation and set-up
The firewall is available for UNIX and Windows NT but do not install it on the Windows NT Server Service Pack versions less than 5.0. If you do, you will have to install additional software to fix problems with the service pack.
In the process of installation, you will be confronted with a short automatic security survey. If your computer fails to meet the minimum requirements (1 GB hard disk drive, 64 MB RAM, two network adapters and 133 MHz Intel Pentium), the installation process will stop. A dialog box will pop up and show what your machine lacks.
As the installation continues, you will be asked whether the network adapters in your computer are inside or outside. From the IP addresses of the inside adapters, all the trusted network information is attained by the firewall. Packet filters are then configured to block TCP/IP services' ports, spooler service, locator service on port 135 and NetBIOS services on ports 139, 138 and 137. Interface
The interface of Gauntlet is very simple to understand but suffers from some design problems. A tabbed view is used to switch between dialogs but the screen is not sizeable and can't be expanded more than 800x600. As for security, the pass/drop rules decide packets from which source and for which destination will be allowed or dropped. The rules can be created by the user also.Security features
Packet filter
When a connection is established, the packets pass through application proxy. Now, the application proxy may proxy all the data packets or it may direct the packet filter to directly forward the packets without inspection if the connection is identified as trustworthy. Your security settings will determine which of the two options the application proxy chooses. Usually, security proxies suffer load problems but the approach of direct forwarding of packets solves this problem while retaining the security offered by application proxy.
Proxy services
The firewall supports a range of traditional internet services (FTP, HTTP, POP3, PPTP, SMTP, SNMP, SSL, Telnet etc.) as well as new multimedia & database services (NetMeeting, NetShow, RealAudio, RealVideo, Microsoft, Oracle etc).
Network Address Translation (NAT)
If NAT is in an environment where valid IP addresses of others are in use in your network, these must be translated to the legal addresses so that a proper operation can be maintained on internet. It is here that Illegal Network Address Translators (INATs) come into use. Use of INATs can deal with problems posed by illegal IP addresses which are not in 176, 10 or 192.168 domains.
Authentication
NAI Gauntlet is supported by SecureID, ActiveCard, CryptoCard, S/KEY, Radius and Microsoft Windows NT Response authentication tools.
URL filtration
Gauntlet filters URLs to block the sites having illegal content. However, as search engines regularly come up with new illicit sites, the filtration is not very useful.
Content Vectoring Protocol (CVP) technology
Gauntlet's virus protection and Java filtering functions make use of CVP technology. As stated above, URL filtration is not very useful but CVP technology takes care of the shortcoming. It allows vendors or service providers to create content scanners for higher security.
Trusted policies for proxy servers
Trusted policies of Gauntlet are mapped to the network adapters inside during the process of installation. These policies allow FTP, HTTP, SMTP, Netshow, Telnet, VDOLive, H.323, LDAP, NNTP, PPTP and Streamworks proxy servers. It disallow MS-SQL, POP3, SQL-GW, Sybase-SQL and SNMP proxy servers to block attempts by internal clients to communicate with untrusted foreign e-mail or SQL servers.Pricing
The prices of NAI Gauntlet are on per-configuration basis and can be obtained from the company's sales representatives only. However, it is known that the 10 node perpetual license costs $1750, 25 node perpetual license costs $5500 and the 100 node license costs $17500. You can download an evaluation edition from the official website of NAI before purchasing the firewall.
Read Compaq's AltaVista Firewall - a security proxy for network