The stateful inspection firewall was invented and patented by Check Point in the early 90s and is now the de-facto standard used by virtually all security appliances today. As you’d expect, Check Point has built up an impressive range of products since then with its VPN-1 Edge family aimed at securing access in small businesses and branch offices. The latest to join up is the VPN-1 UTM Edge with the model on review offering a complete package of security measures and finally delivering an integrated ADSL2/2+ modem into the bargain.
UTM (Unified Threat Management) is the latest buzzword in the security industry with typical appliances delivering the usual firewall, intrusion detection and prevention and VPNs but augmenting these with a host of extra features including anti-virus, anti-spam and web content filtering. The UTM Edge certainly makes a good stab at this as this minuscule box combines an impressive range of security measures.
It offers the usual quad of Fast Ethernet LAN ports and along with the integral ADSL modem you also get a second Fast Ethernet WAN port which can be used instead of the modem as the primary connection and act as a WAN backup connection or as a DMZ. There’s more too, as you also get a couple of USB ports for sharing printers over the network.
Installation is nicely handled by the smartly designed web interface with a wizard that takes you through choosing your primary Internet connection and adding your ISP details. On my BT Broadband connection I was done and dusted in a couple of minutes. The next task is to register the appliance and from the Services tab go to a Check Point service centre to activate all the features you’ve bought a ticket for. This is also handled sweetly as you only enter one code and all the extra security goodies fire into life. A slider bar with four settings is used to configure basic firewall operations which defaults to allowing all outbound traffic but blocking unsolicited inbound traffic. The highest setting only allows outbound traffic for a small range of services through, which includes web, mail, FTP and VPN.
As you’d expect the firewall behaviour can be customised with the use of rules. Once again, a wizard comes into play and guides you through deciding whether to block or allow traffic based on predefined services or port ranges and applying them to specific network ports. One system can also be placed outside the firewall by using the secondary WAN Ethernet port as a DMZ.
Unlike other sites, we thoroughly test every product we review. We use industry standard tests in order to compare features properly. We’ll always tell you what we find. We never, ever accept money to review a product. Tell us what you think - send your emails to the Editor.