Astaro Security Gateway: Rich in features, poor in performance

Astaro's Linux-based firewall appliance stands out with a laundry list of capabilities, but runs several steps behind top competitors

Bottom Line

Astaro's ASG425 offers a massive collection of services for the price -- much more than what you could get on a roll-your-own box. However, performance is disappointing. You have to want its copious feature set to consider it over more affordable competitors.

How important are flexibility and a rich feature set to you? If these elements are your top considerations, then the Astaro Security Gateway should be high on your short list. With roots in the Linux world, the Astaro is a serious firewall with serious capabilities for a distributed enterprise UTM box.

Although not a top performer by any stretch, the system truly stood out because of its kitchen-sink take on features, including proxies, cache, server load balancing, destination NAT, routing, bridging, packet filters, IDS/IPS functions, anti-virus, anti-spam, and so on. Along with a Web GUI not tied to any particular browser, this system has a bit of extra security with user and admin log-ins on different TCP ports.

[ Read the overall results of the InfoWorld Test Center's great UTM challenge. Read the other reviews: SonicWall NSA E7500 | WatchGuard Firebox Peak X5500e | ZyXel ZyWall USG1000 | Compare the UTMs feature by feature. ]

Most products in the UTM category reward careful study before the management interface is touched. WatchGuard, in particular, requires a fair amount of planning before deployment because of its whitelist approach to traffic flow (you start by allowing all outbound traffic). For the Astaro, though, our suggestion is to try clicking on stuff; there are lots of buttons and widgets that give you access to features.

An upside, this method of learning is likely to expand your concept of what the system can do for you. The downside is that it tends to expose drawbacks in the user interface. One that threw us for a bit was the side-by-side red/green button that served to turn interfaces on/off. We were expecting it to be merely an indicator and not a button. If you're one of the many men who are somewhat color-blind, you'll want to pay very close attention to starting states and make sure you keep track of what you've done, since the green and red buttons won't really help you.

Test Center Scorecard
Astaro Security Gateway ASG4255888877



1 2 3 Page 1