Caymas 318 Access Gateway v2.5.1
Price: Starts at $24,995
As organizations extend their information resources, they're deploying a hodgepodge of security technologies to block attacks and prevent malicious or compromised users from gaining network access.
The Caymas 318 Access Gateway simplifies protection by combining access control, IDS/IPS, firewall capabilities, and endpoint and application security in one appliance. The appliance supports up to 500 concurrent users and 300 Mbps throughput (the high-end 525 model supports 2,500 users and 1 Gbps).
The Access Gateway uses granular policies to allow client machines (Windows 98/NT/2000/XP, SuSE Linux 8.2, or Macintosh OS X) flexible, identity-based access to remote, internal and extranet resources such as e-mail, applications (e.g., MS Terminal Server, HTTP, FTP) and files (CIFS/Samba and NFS) via SSL proxy or tunnel. IPSec is also supported.
Endpoint security policy enforcement includes checks for up-to-date AV signature files, properly configured and operating personal firewalls, and patch levels.
Its IDS/IPS is Snort-based; signature matches can generate user-defined actions ranging from logging the event to disabling the account. However, existing threat rules and responses can't be edited; you have to delete them and create new ones. Also, signatures have to be manually updated.
The Access Gateway can cryptographically sign cookies and/or URLs. Rate limits can also be set to protect against DoS attacks.
Granular policies can define access rights to specific resources. Time-of-day limitations and per-method or file-extension qualifiers (e.g., "delete" HTTP method not allowed, .exe files prohibited) can also be enforced. The Access Gateway provides single sign-on to Web servers and file shares.
Security managers can easily create profiles and groups to define users, machines, and/or networks, and how they must authenticate--Active Direc-tory, local database, LDAP, RADIUS or RSA SecurID.
The Java management interface is complex but well designed. Documen-tation is excellent.
Organizations can enable detailed logging per user or resource (e.g., logins and logouts, resource accesses). Specific events, such as an attempt to access a denied resource, can be configured to generate an alarm and send an SNMP trap to a network management system, such as Hewlett-Packard's OpenView. We would have liked to have been able to directly generate e-mail and/or pager alerts.
The Access Gateway can generate a variety of useful reports, including system performance, resource activity summaries and user activity details, but they can only be exported to .csv files.
With its plug-and-play architecture, multiple authentication options, granular access control, strong security features and detailed reporting, the Access Gateway is a good choice to enforce secure access to business resources.
Reviewed by Information Security technical editor Steven Weil. This review originally appeared in the June issue of Information Security magazine.