Weeks after it was taken over by Sophos Ltd., Astaro has updated its Security Gateway to include what the industry calls a next-generation firewall.
Version 8.2 of the gateway, released earlier this month, includes a new engine for Layer 7 application and control that lets network and security managers identify, block or give priority to selected applications.
It’s one of a list of added features that have been added to the latest version of the gateway, part of the Application Control feature set within the Web Security module. There is a free version of the gateway that has a basic firewall and router, but extra features come in modules that a turned on by paying a subscription fee.
While the next-generation firewall is new, Bill Prout, a senior Astaro pre-sales engineer said in an interview that the company has architected the framework of the gateway to handle it when version 8.0 was released.
“This is something that had been planned for a while,” he said.
The previous firewall let managers block users from accessing Web sites by listing URLs. A next-generation firewall refines control by identifying applications, letting mangers create rules to block or limit access to unwanted applications. At the same time quality of service rules can expand bandwidth for approved apps.
Version 8.2 also includes an Authentication Agent that authenticates users by name instead of IP address, allowing administrators another way to control application access.
An overhauled Web reporting tool now lists the full site addresses of Web pages staff
access, and not just their domain names. Reports can now be scheduled for periodic delivery to individuals as well as to groups.
The tool now also offers what Astaro calls Safe Search Enforcement, which records what is being looked for on search engines so rules can be set up limiting returns on certain words. It’s a capability which Prout said can be useful in educational institutions.
The new version adds support for 3G modems to be plugged into the gateway for organizations that need WAN failover or remote office control.
Astaro Security Gateway is sold as a hardware appliance in seven models which vary according to throughput performance and the number of recommended users. It’s also sold as a software appliance for organizations that want to put it on their own servers.
The modules include Network Security (which include intrusion prevention, VPN, advanced routing and other capabilities); Web Security (which includes Web filtering and advanced firewall); Email Security (spam and malware filtering); Web application Security; and Wireless access point security.
For the time being Astaro will operate as a separate division within Sophos, which is known for its antivirus solutions. Ultimately the companies will be integrated, with Sophos antivirus included in the Security Gateway.
