eSoft ThreatWall 200
- By Greg Crowe
- Sep 07, 2006
eSoft ThreatWall 200
The ThreatWall 200 is a simple, all-in-one-box IPS solution. It is by far the smallest and lightest appliance in the review, measuring only 11 by 9.25 by 1.75 inches and weighing only 4.75 pounds. Something this size could easily fit on a network room shelf or in a 1U rack slot if you buy the optional mounting hardware.
The ThreatWall 200 has two 10/100 autosensing Ethernet ports, as well as two serial ports, two USB ports and a parallel port. We found setup to be quick and easy. We simply hooked one of the Ethernet ports to our network switch and typed the default IP number into a browser. The ThreatWall even jumped the browser to the new IP number when the change was made. (Product registration was annoying'there was no avoiding it and all fields were mandatory, whether they applied to us or not. However, updates were automatic and totally painless.)
Next we set up our interface, a process that will depend on your needs. We chose to use the ThreatWall in Bridge Mode and place it in-line with our firewall. A few pings to make sure the connections were good, and it was ready to go.
As easy as the ThreatWall was to install, it was rather difficult to make changes to the security profile. The default configuration leaves over 200 rules inactive. Of course, that's because having all rules active out-of-the-box could affect throughput. But finding the rules we wanted to activate in order to defend against particular attacks was sometimes difficult.
ESoft has partially mitigated this through its Action Profiles, which are sets of rules grouped together to prevent attacks against a certain type of operating system. When an update is made and new rules downloaded, they are already associated with one or more Action Profiles so they're active or inactive depending on your settings.
Unfortunately, even after setting an Action Profile for our Windows OS, some of the simulated attacks got through. We had to experiment with turning groups of rules on and off until all the attacks were prevented.
The ThreatWall comes with other security features, such as e-mail and virus filtering. Each of these requires placing the device at specific locations within the network, however. And, you'll need additonal sotware.
The best thing about the ThreatWall 200 is its price. At a list price of $2,298 ($2,068 government price), it is far less expensive than others in the review, but it also supports far less network traffic (75 Mbps). And it offers less in the way of processor speed, memory and Ethernet ports. But for what you do get, we like the deal. The ThreatWall 200 is best suited to protecting a small network on a tight budget.
eSoft Inc., Broomfield, Colo., (888) 903-7638, www.esoft.com
Greg Crowe is a former GCN staff writer who covered mobile technology.