In the security appliance market there are a large number of vendors that started with a software firewall solution that enabled customers to save some hard cash by sourcing a cheap and cheerful donor system themselves. Clavister is one such company and although it still offers firewall software it has since built up an extensive range of appliances that cover the full gamut of business use from small office right up to the enterprise.
In this exclusive review we look at the entry-level SG12, which is aimed primarily at providers looking to deploy customer premises equipment (CPE) to small businesses as a managed service. It can be used as a standalone device for a single office but as you'll see from our experiences this isn't to be recommended. The SG12 supports 10 users which can be increased to 25 and you can augment the 50Mbps firewall and VPN services with optional anti-virus, web content filtering and email security upgrades.
Installation kicks off with a serial port connection to the appliance's CLI (command line interface) where you set up a dedicated management port and assign it an IP address. We became croppers immediately as we are now using Windows Vista and Server 2008 RC0 in the lab and Microsoft has rather annoyingly removed HyperTerminal from both. However, there are free private edition versions available for download. Once you've added your management details the appliance fires up the CorePlus operating system and you can then shift over to Clavister's FineTune application for remote management.
On first contact with FineTune you immediately get a clear picture of the level of features on offer as the interface is packed with options. All configurations are stored in data source files, which hold information about the networks and associated appliances. You can create multiple data sources so all details of different locations such as remote offices to be maintained in separate files.
A fundamental concept used by FineTune is namespaces, which contain details of all network objects including networks, ports, hosts, VPNs, service, time schedules and ALGs (application layer gateways). Each data source has a global namespace and any modifications made to this will be propagated down to all devices declared within that data source. A Security Gateway folder is used for all appliances and you can add more namespaces here and collect selected appliances under different ones. As with the global namespace any changes made to these will be passed to all member appliances.