iApplianceWeb.com

EE Times Network
News Flash Appliance Insights Appliance Directory Standards in IA Webcasts


 

Can the WatchGuard SOHO Stand Guard?

By
iApplianceWeb
(09/05/01, 02:15:40 PM EDT)

Computer security is a pressing issue today with hackers out there who quite possibly have better technology to break into your network than you have to protect it and more time to crack code than you have to stand guard at your system, especially if you have an always-on Internet connection that leaves you exposed 24/7. If you are concerned about protecting your system, you've probably looked into or heard about some of the firewall devices that are on the market. CastleIf you're not familiar with firewalls, they are basically hardware or software components that you add to your network to keep unwanted visitors (hackers, Trojan horses, etc.) out of your system. Think of a 13th century castle with tall, fortified walls, and you have the basic concept a firewall. But why would you need all of that protection? What harm could these unwanted visitors cause? Well, imagine your biggest competitor stealing your database, or going to your corporate Website one day and seeing a paragraph of profanity instead of your corporate mission statement. Unwanted visitors in your network could do those things and more.

Watchguard SOHORecently, WatchGuard sent iApplianceWeb one of their firewalls to put through its paces. The WatchGuard SOHO is part of WatchGuard's family of hardware and software products designed to add security to small and home office (SOHO), as well as enterprise-level networks. As its name indicates, the SOHO is meant for smaller-sized networks. The basic model will allow you to network up to 10 computers together to exchange emails and files, and to share a broadband Internet connection and a variety of peripherals. Users can upgrade the SOHO to a 25-user model for an additional $199, or to a 50-user model for an additional $449.

Upon opening the SOHO box, you'll see it is small enough to sit almost unnoticeably on the corner of your desk, especially if your desktop happens to be red (mine is). It officially measures 6.5 x 1.0 x 6.1 inches and weighs 10 ozs. Also packed in the box were an RJ-45 10BaseT Ethernet cable and the power supply. Finally, the box contains the set-up instructions -- one placard of information. For a non-technical soul like me, I was quite happy to find such a short instruction list. But my joy was short-lived as upon completing step two I was advised to print out 10 pages of more detailed instructions. And I'll just go on the record now, saying that before all was said and done, I printed out the full 80-page SOHO User Guide and Troubleshooting FAQs.

TCP/IP SettingsPrior to setting up the SOHO, you need to find out how your ISP (Internet Service Provider) issues the computers on your network an IP (Internet Protocol) address. This determines how complicated your setup process will be. The SOHO supports DHCP (Dynamic Host Configuration Protocol), static addressing, or PPPoE (Point-to-Point Protocol over Ethernet). The system I was running used DHCP, which I discovered by checking the network configuration TCP/IP properties. Because of this, I would not need to modify any of the basic configuration settings on the SOHO. After finding out my computer setup, the next step was to physically hook the SOHO up to my Internet connection and my computer. As expected, this was a simple task to complete. The general idea is to get the firewall device hooked up between your Internet connection, a DSL or cable modem, and your computer using the included Ethernet cable. The following diagram gives a good visual indication of the setup layout.

Physical Setup

Once the device was hooked up, it was time to configure all of the network settings and tell the device what was welcome in the network and what was not. To do this, you need to access the System Administration page housed on the SOHO. All of these devices ship out with a standard IP address, http://192.168.111.1, which is accessible through a normal browser. There is no need for you to change this IP address, unless you add the VPN (Virtual Private Networking) feature to the device. In fact, the SOHO will not allow you to change the address if you want dynamic configuration, for instance, unless the range of your IP addresses ends in ".1". Now, if all is connected properly, you should easily be able to access the WatchGuard SOHO home page. However, if you tried to connect to a Web page on the Internet, you would find that this is not possible, as your External Network setting has not been configured yet. On the Configuration => External Network page, you are able to tell the device if you have a DHCP, static, or PPPoE Internet connection.

External Network setup



For DHCP, you simply select DHCP and hit submit, for PPPoE, you select PPPoE and submit the Name and Password supplied by your ISP, and for static, you will need to change the Network settings on your computer to allow DHCP addressing, and then submit the TCP/IP settings that were in your computers Network settings to the Manual Configuration page. Upon completing and submitting the configuration setting for your device, you will have to reboot the SOHO so the new settings can take place. For some reason the rebooting process takes almost a minute to happen, which seems a bit long for such a process. Because my system was DHCP, the simplest process to complete, my computer should have seamlessly been issued its own IP address, but for some reason, it took me several reboots to get my network to recognize the device and assign my computer an IP address through it. After completing this step, however, I was able to access the Internet with the protection of the firewall.

By default, the WatchGuard is set up to block all incoming services or queries into your network, and allow all outgoing services or browsing. To change these settings, -- as you will surely want to, so you can receive emails and other common functions -- WatchGuard has created an "Incoming Services" and an "Outgoing Services" configuration page. The "Incoming Services" page includes the ability to add some of the more common protocol services, including FTP, Telnet, POP, SMTP, SNMP, PPTP, TCP or UDP, IPSec ESP, News, SMB Networking, NetMeeting, ILS, CUSeeMe, and other services. The SOHO will also allow you to host a Web server; however, you can only run one server at a time from behind the firewall. Adding these services is fairly simple, and when you go to this page, it will give you a running list of the allowed incoming services. You can remove any of the services at any time. One thing to keep in mind when you are adding incoming services is that the more you have, the more vulnerable your network is, so make sure that you are confident the services you are adding are necessary and secure.

Another feature supported by the SOHO to add security is dynamic NAT (Network Address Translation), which hides all of the private, internal network addresses of the computers in your network from potential hackers because the SOHO will only allow them to view the public, external address of the SOHO.

Similar to the incoming services, you can block outgoing services from your network using the SOHO. The protocols you can block include FTP, HTTP, POP, SMTP, PPTP VPN, IPSec VPN, SMB, TCP, or IP. Additionally, should keeping employees or family members off of certain Websites be an issue, you have the option of adding the WebBlocker service. For $49, this service will allow you to block certain URLs from your system. The URLs are gathered in a database owned and maintained by SurfControl, and are categorized by content, including Drug Culture, Intolerance, Sexual Acts, Violence/Profanity, and the like. You can choose the sites you wish to block and the users you wish to block from accessing them.

Once you have the WatchGuard SOHO set up, you can view the Event Log to find out what activity has taken place on the network, including instances of packet handling violations, duplicate messages, return error messages, and time-outs. Of course, you will need to set up a secure pass phrase to access the events on the log if it is hosted remotely. The Event Log will store a maximum of 150 messages at a time, and then it will begin discarding the oldest messages to replace them with new events. If you prefer, you can even have the Event Log hosted by a WatchGuard log server, so you can save some of the WatchGuard's internal resources for other activities. At this point, the WatchGuard customer support can also monitor your logs to help troubleshoot security problems.

Once you have the device set up the way you want, you can set up a user name and password so that nobody else can go in and change your settings. You would do this via the System Administration screen.

The final item you get with the WatchGuard SOHO is a one-year subscription to the LiveSecurity service. This will alert your network to updates to the software, as well as allow you access to customer support should (heaven forbid!) anything go wrong with your firewall.

Overall, is the WatchGuard SOHO worth its $449 sticker price? Well, in all honesty, it would depend on what your network requirements are. If you are running a small one or two computer network from home, you may just want to go with a firewall software package for about $30 a year, and if you have 75 computers in your corporate network, you would definitely want to go with a more robust firewall, more along the lines of the Firebox System from WatchGuard. But for a 10-computer network, running only one Web server that wants to monitor potential hackers and add a fairly effective fortress around their computer network, the WatchGuard SOHO would be a good device to consider.


Product Name Watchguard SOHO
Operating System Windows 95/98/2000/NT 4.0
Apple Macintosh
Linux
Unix
Processor Toshiba TMRP3907
Memory 4 MB SDRAM
1 MB Flash
WAN Connectivity (1) RJ45 10BaseT Ethernet Interface
LAN Connectivity (4) RJ45 10BaseT Ethernet Interfaces
Management Internet Explorer 4 and higher
Netscape Navigator 4.0
Security Dynamic Stateful Packet Filtering
Dynamic NAT
Static NAT
VPN with IPSec (optional)
WebBlocker (optional)
Dimensions 6.5 x 1.0 x 6.1 in
Weight 10 oz



Copyright © 2004 Appliance-Lab
Terms and Conditions
Privacy Statement