Integrated security: Symantec's Gateway Security 5600 series

This tip, courtesy of SearchSecurity.com, reviews the Gateway Security 5600 series integrated security appliance so that network consultants and value-added resellers (VARs) can offer an informed VPN equipment

    Requires Free Membership to View

recommendation to customers seeking an all-in-one solution.

Gateway Security 5600 series

Price: Starts at $3,150

Symantec's Gateway Security 5600 series integrated security appliance is an ideal solution for enterprises restricted by the expense and resource requirements of separate products.

The 5600 series offers firewall, antivirus, antispam, content filtering, IDS/IPS, VPN and client configuration compliance, all managed through a clean GUI.

Installation was a breeze. The front panel of the device includes a two-line LCD display and several command keys, allowing you to configure a network interface without a console cable. Unlike many appliances that leave you wondering about the Ethernet jack/interface relationships, the 5600 series is clearly labeled. The LCD screen displays a strong administrative password to connect to the device through a Java client.

The GUI allows you to create and edit security policies in a straightforward manner and to manage the various security features of the product in a single interface. For example, you may create a single rule that integrates firewall functionality with content filtering. The reporting and monitoring section of the GUI provides integrated reporting from all the components.

Administrators will still need a basic understanding of interfaces, ports and protocols. We created a firewall rule to allow access to our preferred name server; this required creating a service group that included the DNS service, a new host entry for our preferred DNS server and a rule allowing the outbound access.

The clientless virtual private network works similarly. After installing an SSL certificate, you may offer Web-based VPN services to remote systems. A separate rule base controls acceptable activity, allowing the use of disparate policies for local and remote users. Symantec also offers a client-based IPsec VPN solution.

The 5600 series leverages a number of familiar technologies in the Symantec portfolio -- its flagship antivirus technology and the intrusion detection/prevention capabilities used in its network security offerings. The antispam feature, on the other hand, was custom-developed for the 5600 series and is not based on Brightmail.

URL filtering is based on Symantec's internally developed categorization database, as well as its Dynamic Document Review to categorize unlisted URLs. The filter detected all of the well-known objectionable sites we tested it against, but failed to flag several obvious pornography and gambling sites that were not in the database.

You may also use the appliance to enforce client desktop security configuration -- provided that you use Symantec client security products, such as antivirus and personal firewall. Noncompliant clients may be quarantined for remediation.

The 5660 we tested is the high end of Symantec's integrated security series, with 10 built-in 1 Gb Ethernet ports, and support for four additional fiber interfaces. SMBs may wish to consider the lower-end 5640 or 5620. The base product includes the appliance, firewall functionality and unlimited gateway-to-gateway VPN sessions, with added costs for the other security features.

Some enterprises will prefer to diversify their security lineup, opting for best-of-breed and eschewing dependence on a single vendor. However, the 5600 series is an attractive choice for strong, easy-to-manage security capabilities or an integrated solution for resource-poor branch offices.

About the author
Mike Chapple, CISA, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for
Information Security magazine, and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.

This tip originally appeared on SearchSecurity.com. This product review also appears in the March 2006 issue of Information Security magazine.

This was first published in November 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.