GateDefender Integra 300 full review
Mac users don’t tend to lose sleep over security. A router firewall, anti-virus software, and a subscription to an anti-spam service such as SpamJab are usually enough to keep security tight, at least for home users with a broadband connection. The Mac’s famous resistance to PC viruses and the fact that Apple Mail is far more secure than Microsoft Outlook both mean that filtering out viruses isn’t quite the critical issue that it is for PC owners.
But if you’re running a business, lost time is lost money. And given that there’s more to security than viruses, it would be useful to have a simple one-stop plug-in box that can deal with spam, phishing, spyware, viruses, unauthorised access attempts and the kind of web filtering that makes sure your employees aren’t surfing for porn when they should be working.
That’s very nearly what the Integra 300 does. Physically it’s a 1U rack-mount server-style box that’s designed to slot into a machine room. It’s noisy – you couldn’t leave it in an office environment and expect people to work around it. In terms of functionality, it bundles all of the tools mentioned above and makes them available in a slot-in box that’s designed to plug into your network.
Panda develops two versions of the device – the Integra 100, designed for companies up to 100 employees, and the Integra 300 (which we’re looking at here) for larger organisations (100-250 users).
We tested out the Panda GateDefender Integra 300 in our lab network, and we installed it in a local business to see how it coped in a commercial environment. A successful small business might not find the price too painful – it’s certainly very much lower than the prices more usually charged for boxes with these features, although it’s still hard to describe it as ‘affordable’. The set-up process is less than straightforward, though – unless you have good network experience you will soon find yourself out of your depth.
For example – it’s nothing short of odd that if you want to use a Mac as a console computer to change the GateDefender Integra’s settings, you don’t plug it into the socket marked ‘CONSOLE’. Instead it has to be plugged into one of the sockets that also doubles as network I/O. You’ll also need to hand-configure your Mac’s IP address to suit the range that the Integra’s web server can communicate with. Although the manual does go through the setup process in some detail, generally, the Integra isn’t a triumph of thoughtful design. However, detailed installation information is available online at Panda’s website (www.pandasecurity.com/enterprise/support). We suggest having a look at it before investing to familiarise yourself with the procedure.
Once you’re into the system, you’ll find a wealth of options available. On the network side you can configure different sub-networks with different security features connected to each of the eight sockets, as well as an Internet/WAN input. Although there’s a wizard to help with this, it’s not a simple process, especially if you’ve never done it before, and it would have been helpful to offer more in the way of default configuration options, or even just some examples to get beginners started. You can also run the Integra in transparent mode, which means it slots in between your internet connection and your network more simply, but loses some of the more advanced security configuration options.
On the security side you can choose any or all of the spam filtering, site blocking, virus removal, spyware removal, VPN (Virtual Private Network), and firewall features. The firewall defaults to letting nothing at all in, which is good for security but you’ll need to start poking holes in it for services such as VoIP, and again this has to be done by hand. Virus filtering is by way of Panda’s own solution, which is robust and well-respected.
Other services have been imported from third parties. The web blocking system uses a solution by ISS (Internet Security Systems) which offers a regularly updated list of offensive or dangerous URLs that can be selected by category. You can also add your own keyword searches, although this takes a while to configure and needs to be set-up carefully to avoid false positives. Both incoming and outgoing email can be filtered for offensive content as well as spam, and there’s even an attempt to catch phishing requests – although these are evolving all the time, so 100 per cent reliability is unlikely. The unit can also filter out scripts from web pages, check for suspect files in FTP or web downloads, and use heuristics to track polymorphic viruses.
In testing we found that virus trapping was very good, but spam and web blocking could be a little capricious. This isn’t a complete surprise – spam lacks the hard edges of a virus payload, making it harder to spot definitively. But avoiding false positives took some fine-tuning, and this could be a distraction in an office environment.