Linux firewall fits inside Windows laptops
Apr 23, 2008 — by LinuxDevices Staff — from the LinuxDevices Archive — 2 viewsYoggie will offer its tiny Linux-based hardware firewall in the PCMCIA ExpressCard form factor. Available next month, the Gatekeeper Card Pro firewall fits completely inside host laptops, and runs 13 different applications aimed at keeping Windows-based PCs safe from viruses, spam, malware, and other security… threats.
(Click for larger view of Gatekeeper Card Pro inside illustrated laptop)
digg this story |
The Gatekeeper Card runs the same 13 security applications as Yoggie's earlier Pico and Gatekeeper models. It also comes with Kaspersky anti-virus software aimed at scanning for any malware that has already found its way onto the host PC. The combination of anti-virus scanning software with a dedicated hardware firewall based on a secure OS like Linux provides an unbeatable combination, Yoggie claims.
Unlike Yoggie's earlier USB key based Pico firewall (pictured below. left), the Card Pro does not protrude from the laptop. Instead, it fits securely within the host's PCMCIA bay. It requires a ExpressCard slot, a kind of PCMCIA that connects to the host PC's PCI Express bus. Older PCI- and Cardbus-based PCMCIA slots will apparently not work.
Yoggie's earlier Pico (l) and original Gatekeeper models
(Click either for details)
The Card Pro requires no dongle to interface with network cables, nor does it have an antenna or built-in wireless interface. Instead, like the USB-connected Pico Pro, it uses a special NDIS driver to reroute all network traffic through the Card. The driver is currently available only for 32-bit Windows Vista and 32-bit Windows XP. Unfortunately, Windows XP Embedded is not supported.
For devices running other OSes, Yoggie still offers its original Gatekeeper model (pictured above, right). That device offers 10/100 Ethernet ports at either end, along with a USB cable that draws power from the host PC. It can work in USB mode using the modified NDIS drivers, or else as an inline device. However, when run in in-line mode, it can be easily bypassed (by children wishing to visit censored websites, for example).
Gatekeeper Card Pro
(Click to enlarge)
Yoggie's earlier Pico was based on an XScale PXA270, a mobile applications processor with an ARM9 clocked at 512MHz. The Gatekeeper steps up to a Freescale i.MX31, boasting an ARM11 core clocked at 400MHz. Presumably, the lower-clocked i.MX31 runs cooler inside the confines of an internal laptop PCMCIA slot, while likely matching or bettering the ARM9-based part in performance. A Yoggie spokesperson confirmed that performance is “at least as good.”
Like the Pico, the Card Pro boots Linux from 128MB of Flash, and runs it in 128MB of RAM.
Each time the host PC is powered on, the Yoggie devices boot up and scan Yoggie's website for available security updates. This process works well most of the time, although connectivity lapses of an hour or more may be experienced several times per year, when Yoggie deploys large security updates, the author has found in the course of extended testing. Corporations therefore may wish to maintain their own “Yoggie Management Servers,” in order to streamline updates, and have some control over when they are pushed out.
YMS mirrors Yoggie's security updates locally
(Click to enlarge)
Yoggie CEO Shlomo Touboul stated, “The Gatekeeper Card Pro has been developed to allow IT security managers to pre-install high level security when providing laptops to their workforce. This meets a growing need to provide the highest level of security to the workers that are most vulnerable to attack — those on the road or connecting to insecure hotspots. We're also responding to the demands of our enterprise customers by providing remote, centralized management of security for all workers.”
The Gatekeeper Card Pro goes on sale May 26, priced at $200.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.