Safety First

Hackers, crackers and other virtual outlaws are increasing their attacks on small networks, but you can turn them away with a firewall-assuming you have one, that is. According to the National Cyber Security Alliance, only 60 percent of broadband users have a firewall. If you fall into the other 40 percent, it's time to make protection a priority.

This month, the CRN Test Center reviewed two new firewalls designed for small networks: the WatchGuard Firebox SOHO 6 and the SonicWall SOHO TZW (Trusted Zone for Wireless). Both firewalls include wireless and VPN capabilities, extending encrypted tunnels to mobile and remote users so they can connect to the company network without creating vulnerabilities in the firewall. A hardware appliance is easier to install and set up than a software firewall and offloads security processing from your overworked server.

With an 802.11b wireless access point, a wired four-port switch and a Web-based interface, WatchGuard's new Firebox SOHO 6 is one of the most versatile security products for growing businesses, remote offices and telecommuters. The Firebox SOHO 6 offers sophisticated data encryption and user authentication, along with antivirus protection and Web content filtering. It installs between a network and its Internet connection, connecting to any Ethernet port. In addition to its four Ethernet ports for wired devices, its WAN (Wide Area Network) port provides wireless security coverage.

With the firewall, WatchGuard includes a 90-day renewable subscription to its LiveSecurity Service, which provides software updates, technical support, security broadcasts, and access to help and training resources. It costs $529 (all prices street) for a 10-seat license.

For just a little more money, the SonicWall SOHO TZW will support up to 25 users. It, too, combines firewall and VPN technologies with an integrated 802.11b access point and a Web management interface to provide both wired and wireless security through the use of IPSec VPN encryption. Thus, the SonicWall unit can be configured as a combination firewall, VPN and gateway to support LAN and WLAN (wireless LAN) zones. It provides an easily accessible guest zone for Internet connectivity in hot spots, lobbies and conference rooms, while restricting corporate LAN access.

Like the Firebox SOHO 6, the SonicWall unit is configured through a Web interface and setup wizard that can be used to administer passwords, time zones and network settings. VPN clients and wireless guest services are also configured from the setup wizard.

The SonicWall SOHO TZW is available for $895. Antivirus, user authentication, and Web and e-mail content filtering capabilities are included, as is a 90-day service contact for e-mail, telephone support and software updates. Extended support contracts are available.

Both appliances are easy to use and offer similar functionality. For networks of 10 to 25 users, the SonicWall unit is more cost-effective. But WatchGuard's three additional Ethernet ports do leave room for growth without having to add another switch or other hardware.

---

Marc Spiwak and Michael Gros are affiliated with the CRN Test Center, the technology testing facility for CRN, a weekly newspaper aimed at IT consultants and solution providers.