Problem solve Get help with specific problems with your technologies, process and projects.

Integrated security: Symantec's Gateway Security 5600 series

This tip reviews an integrated security appliance so that network consultants and VARs can recommend a product for VPN customers seeking an all-in-one solution.

This tip, courtesy of, reviews the Gateway Security 5600 series integrated security appliance so that network consultants and value-added resellers (VARs) can offer an informed VPN equipment recommendation to customers seeking an all-in-one solution.

Gateway Security 5600 series

Price: Starts at $3,150

Symantec's Gateway Security 5600 series integrated security appliance is an ideal solution for enterprises restricted by the expense and resource requirements of separate products.

The 5600 series offers firewall, antivirus, antispam, content filtering, IDS/IPS, VPN and client configuration compliance, all managed through a clean GUI.

Installation was a breeze. The front panel of the device includes a two-line LCD display and several command keys, allowing you to configure a network interface without a console cable. Unlike many appliances that leave you wondering about the Ethernet jack/interface relationships, the 5600 series is clearly labeled. The LCD screen displays a strong administrative password to connect to the device through a Java client.

The GUI allows you to create and edit security policies in a straightforward manner and to manage the various security features of the product in a single interface. For example, you may create a single rule that integrates firewall functionality with content filtering. The reporting and monitoring section of the GUI provides integrated reporting from all the components.

Administrators will still need a basic understanding of interfaces, ports and protocols. We created a firewall rule to allow access to our preferred name server; this required creating a service group that included the DNS service, a new host entry for our preferred DNS server and a rule allowing the outbound access.

The clientless virtual private network works similarly. After installing an SSL certificate, you may offer Web-based VPN services to remote systems. A separate rule base controls acceptable activity, allowing the use of disparate policies for local and remote users. Symantec also offers a client-based IPsec VPN solution.

The 5600 series leverages a number of familiar technologies in the Symantec portfolio -- its flagship antivirus technology and the intrusion detection/prevention capabilities used in its network security offerings. The antispam feature, on the other hand, was custom-developed for the 5600 series and is not based on Brightmail.

URL filtering is based on Symantec's internally developed categorization database, as well as its Dynamic Document Review to categorize unlisted URLs. The filter detected all of the well-known objectionable sites we tested it against, but failed to flag several obvious pornography and gambling sites that were not in the database.

You may also use the appliance to enforce client desktop security configuration -- provided that you use Symantec client security products, such as antivirus and personal firewall. Noncompliant clients may be quarantined for remediation.

The 5660 we tested is the high end of Symantec's integrated security series, with 10 built-in 1 Gb Ethernet ports, and support for four additional fiber interfaces. SMBs may wish to consider the lower-end 5640 or 5620. The base product includes the appliance, firewall functionality and unlimited gateway-to-gateway VPN sessions, with added costs for the other security features.

Some enterprises will prefer to diversify their security lineup, opting for best-of-breed and eschewing dependence on a single vendor. However, the 5600 series is an attractive choice for strong, easy-to-manage security capabilities or an integrated solution for resource-poor branch offices.

About the author
Mike Chapple, CISA, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for
Information Security magazine, and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.

This tip originally appeared on This product review also appears in the March 2006 issue of Information Security magazine.

Dig Deeper on Managed network security services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.