WatchGuard FireBox II - An economical network security solution
WatchGuard FireBox II for unlimited users is an economical solution to network security. Read the article to know its features.
Most firewalls require users to first install an operating system and then install the firewall software. WatchGuard FireBox II package makes it simpler. You get a completely pre-configured device with the operating system (Linux) and the preinstalled firewall ready to customize and use. To configure the firewall, just connect it over the LAN using remote management tools. Device configuration requirements
Interface
The firewall has a graphical interface with numerous Windows based management tools to customize devices for network. The tools are available as a separate package. They give you a visual indication of the network's bandwidth in use, traffic flow, sources & destinations of the IP traffic, data link and other conditions. They also launch your web browser and display a useful help page for support. The interface allows you to remotely administer any number of firewalls from a single computer. Using the centrally stored policy files, you can maintain consistent pass/drop rules for all firewalls on LAN. Customizing these rules is also easy as the interface is user-friendly. Just press the Help button for any assistance.Security features
Dynamic packet filter
The firewall has a dynamic packet filtering mechanism which is not exactly connection oriented but it prevents exploitation against the firewall itself. All data packets are filtered to ensure that no constructed packets pass through the network.
Application proxies
The firewall is a security proxy and includes many strong proxy applications. It performs NAT, packet filtering and protocol proxying. The custom security proxies are available for HTTP, SMTP, FTP, DCE RPC, VDO Live, Real Audio/Video and H.323 protocols. Different protocols can be used to block different contents on internet.
Network Address Translation (NAT)
As FireBox II supports NAT, port forwarding and client hiding facilities are available for internal servers. NAT is built on the inspector filter to allow content from only legal IP addresses.
Authentication & VPN products
The authentication package is available for this firewall separately. It includes support for Firebox, Cryptocard, NT server and Radius server. A VPN package is also not included in the firewall and it includes VPN using IPsec or the WatchGuard proprietary tunnel software.
Real time monitoring tools for event detection
Arbitrary applications are themselves executed upon any event detection. Databases are being logged and email notifications are sent to administrator in case of any suspicious activity. There are superior real-time monitoring tools for event detection. Scan detection and spoofing detection are automatically performed. Automatic blocking of illegal IDs takes place. Complete details of all logins, time and status of connection are shown in the lower half of the interface so that the users remain updated and aware.Pricing
To purchase the package, visit WatchGuard's official website. The firewall will cost you $3200 if you opt for a 12 month support service. For a 12 month Firebox Security subscription to Livesecurity, you will have to pay extra $650 per subscription. Note that there aren't different versions for different number of users. There is only one pack and that is for unlimited users. The documentation you get at the time of purchase is in HTML format but it is a bit context sensitive. Other than this, the file is very task driven and precise. Network administrators should not face any trouble in understanding it.Review
WatchGuard FireBox II is a compact firewall with an integrated & preconfigured unit. The advantage of the preconfigured unit is that you get a standard configuration which is tested by security experts for all possible vulnerabilities. It provides VPN support, centralized authentication and very high speed application proxying contributing to high performance but users must understand that the hardware is not field upgradeable. This means, you may not be able to avail the benefits of high performance if the hardware falters at some point. The cost for unlimited users is a fair bargain if we look at the costs of other firewalls.
Read eBay hacking and lessons learnt to stay secured online