Linux distributor ships security appliances
Jun 24, 2005 — by Henry Kingman — from the LinuxDevices Archive — viewsAstaro has embedded its own Linux distribution for enterprise firewalls and VPN routers into a line of Linux-powered firewall appliances. The Astaro Security Gateway family includes three models that support between 80 and 420 Mbps of firewalling throughput, and 26 to 270 Mbps of VPN throughput.
(Click for larger view of Astaro Security Gateway 220)
Previously, Astaro marketed Security Linux as a software-only product designed to be installed on the hard drive of a standard x86 PC. Astaro partner Toshiba has previously shipped Astaro-based appliances, however.
Astaro's Security Gateway appliances are based on Intel x86 processors. Models include:
- 110 (pictured at right) — Desktop case, 256MB of RAM, 20GB hard drive, three Ethernet ports, two USB ports, and one each serial, VGA, and PS/2 ports. Supports 10 users, 80 Mbps firewall throughput, and 26 Mbps VPN throughput.
- 220 (pictured at top) — 1U rackmount case, 512MB of RAM, 40GB hard drive, eight Ethernet ports, two USB ports, two RS-232 serial ports, and has an LCD display. Supports unlimited users, with 280 Mbps firewall throughput and 105 Mbps VPN throughput.
- 330 — 1U rackmount case, 1GB of RAM, 80GB hard drive, four 10/100 and four 10/100/1000 Ethernet ports, two serial ports, and an LCD display. Supports unlimited users, with 420 Mbps firewall throughput and 270 Mbps VPN throughput
Astaro's Security Gateways feature a web-based configuration manager and policy definition tool that works with local and remote sites, the company says. All Gateway models come standard with:
- Stateful packet-inspecting firewall
- Application-level deep packet filtering
- Security proxies
- NAT and masquerading
- DoS protection
- Traffic shaping and QoS
- Detailed reporting
- VPN gateway
- AES (Rijndael), DES, 3DES, Blowfish, Serpent 128-bit, Twofish 128-bit, MPPE (40 and 128 bit)
- IPsec and PPTP VPN clients
- PSK, X.509v3, RSA, CHAP, MSCHAP, MSCHAPv2, PAP, and Radius authentication
- IKE, ESP, L2TP, and NAT-Traversal IPsec
- Internal CA
- Extensive intrusion prevention and detection features
Available options on all models include high availability, email and web anti-virus scanning, spam filtering, and URL/content filtering with spyware protection.
The mid-line 220 model Gateway appliance recently garnered a highly positive review at PC Magazine:
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.