• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
 
 © SmoothWall Ltd. 2008: www.smoothwall.net All trademarks are the property of their respective owners
Firewall Feature Comparison Chart
31
st
March 2008
Feature Description AdvancedFirewall 2008
(&SmoothGuard1000-UTM)
 CorporateFirewall 2008Express 3 NotesFirewall:
Stateful Inspection Yes Yes YesLocal IP Addresses Unlimited Unlimited Unlimited F1Users Supported 250 to 5000 n/a n/a F1Dynamic Network Address Translation Yes Yes YesStatic Network Address Translation Yes SmoothHost No F2Outgoing (Egress) Traffic Control Yes Yes Limited F3Support multiple public IP addresses Yes SmoothHost No F4Port Forward from public IP address to DMZ/local IP Yes Yes Yes“Round Robin” Port Forward to multiple DMZ servers Yes No No F5Detection and blocking of port agile Peer to Peer traffic Yes Yes No F6Administrator maintained IP Block list Yes Yes YesObject based Port Rules Yes Yes NoInternal firewall Yes No No F7, A6Traffic Blocking includes drop and reject options for bothsource and destination addressesYes Yes No
Networking:
Total Network Interfaces 4 Standard,Maximum 203 Active + 1Failover4 N1External Network (Internet) Interfaces 1 to 19 (of total) 1 1 N2Internal Network Zones (Local Networks and DMZs) 1 to 19 (of total) 1 Local + 1DMZ1 Local +,DMZ + 1WirelessN3Ethernet Yes Yes YesPPP connections (ISDN, ADSL and analog modem) Yes Yes Yes N4PPPoA ADSL support Yes Yes YesPPPoE ADSL support Yes Yes YesPPTP ADSL support Yes Yes NoLoad balancing between multiple external networkinterfacesYes No No N5Split traffic between multiple external network interfaces Yes No No N5Split external traffic based on source or port Yes No No N5Fall-over from one external interface to another Automatic Automatic No N6Routing protocol support (RIP) Yes No NoConfigure static routes Yes Yes NoVLAN Trunking (802.1Q) support Yes No No N7Naming of Network Interfaces Yes Yes NoMultiple local network subnets Yes Yes NoBind multiple IP addresses to a Green NIC Yes Yes NoRed interface MAC address spoofing Yes Yes No N8Configurable Maximum Transmission Unit (MTU) andTCP transmit/receive window sizesYes Yes NoAutomatic Hardware Failover (HA) Yes No No N9Inbound Load Balancing Yes No No N10
Proxies and Application Helpers:
Web Proxy (Transparent and Non-Transparent Mode) Yes Yes Yes P1GUI configuration of Web Proxy Server Yes Yes No P2SMTP (Email) Relay / Proxy SmoothZap SmoothZap No P3POP3 (Email) Transparent Proxy SmoothZap SmoothZap Partial P4SIP (VoIP) Registering Proxy Yes Yes Yes P5Transparent SIP (VoIP) Proxy Yes Yes Yes P6H323 (VoIP) Application Helper Yes Yes No
 
 © SmoothWall Ltd. 2008: www.smoothwall.net All trademarks are the property of their respective owners
PPTP Helper (for pass-through and forwarding) Yes Yes NoDNS Proxy Server Yes Yes YesIM logging and filtering proxy Yes Yes YesAdvanced IM logging and reports Yes Yes No
Hardware:
Multi Processor support (SMP) Yes Yes NoHardware RAID (SCSI, SATA or SAS) Yes Yes No H1Software RAID 1 (Disk Mirror) (SCSI,SATA,SAS or IDE) Yes Yes No H2SCSI (Non RAID) Disk Yes Yes Yes H3SATA Disk Yes Yes Yes H4SAS Disk Yes Yes NoIDE Disk Yes Yes YesIDE/SCSI CDROM support Yes Yes Yes10/100/1000 (Gigabit) Ethernet card Yes Yes Yes H5Multi-port Ethernet card Yes Yes Yes H6Full VMWare support including network drivers Yes Yes NoUSB ADSL modems and PCI ADSL modem cards Yes Yes Yes H7ISDN cards and terminal adapters Yes Yes Yes H8Analog modems Yes Yes Yes H9Compact Flash support Yes Yes Partial H101 GigaByte plus memory support Yes Yes YesUSB keyboard support Yes Yes YesSerial Console Yes Yes NoDisplay ADSL modem signal strength information Yes Yes No H11Un-interuptible Power Supply support Yes Yes No H12UPS Network Slave Mode Yes Yes No H12
Installation / Maintenance:
Streamlined / simplified installer with basic andadvanced modesYes Yes No IN1Includes security hardened Linux operating system Yes Yes Yes IN2SmoothWall and Linux security updates Free Free Free IN3Installation from CDROM Yes Yes YesInstallation from network sever Yes Yes YesInstallation from a USB CD/DVD Device Yes Yes YesConfiguration backup to hard disk file/floppy and restore Yes Yes NoBackup/restore configuration from USB device Yes Yes NoAutomatic configuration backup (time of day) Yes Yes NoBackup to multiple remote targets Yes Yes NoPartial configuration backup (time of day) Yes Yes No IN4Backup to multiple remote targets Yes Yes NoPartial configuration restore Yes Yes No IN4Install new device drivers from floppy disk/CDROM Yes Yes NoAutomatic download of new updates Yes Yes Yes IN5Install update automatically at configured time Yes Yes NoScheduled reboots Yes Yes NoBulk application of updates from CD at installation time Yes Yes n/a IN6Automatic installation of any modules present on thefirewall installation CDYes Yes n/a IN7Ethernet cable status reporting Yes Yes No IN8Un-install modules Yes Yes n/aPre-installed software Yes Yes n/a IN9
Configuration:
Configured via a web browser GUI Yes Yes YesDashboard, configurable GUI Home page display ofsystem status, VPN, firewall reports, traffic statistics etc.Yes Yes No C1AJAX Enhanced GUI Yes Yes YesNetwork interfaces (IP Address) configured via GUI Yes Yes YesRestrict configuration access to specified public IPaddressesYes Yes YesRestrict config access to specified local IP addresses Yes Yes No
 
 © SmoothWall Ltd. 2008: www.smoothwall.net All trademarks are the property of their respective owners
Administration users with limited access (eg reports, logviewers, VPN, Guardian web content filtering)Yes Yes NoDrop down lists of common IP services/ports Yes Yes YesOn-line Help appears in a separate pop-up window Yes Yes YesAll rule lists and log files can be sorted by any column Yes Yes No C2Validation of configuration parameter as they are typed Yes Yes YesInfrequently used options exposed by “Advanced” button Yes Yes NoTooltips Yes Yes YesRealtime display of service status, web proxy stats Yes Yes NoConfig replication between master and slave systems Yes Yes No C3
Authentication:
Microsoft Active Directory (LDAP) User Authentication Yes No No A1OpenLDAP User Authentication Yes No No A2Novell eDirectory (NDS) User Authentication Yes No NoLocal User Authentication Database Yes Yes No A3RADIUS Authentication Yes No NoAuthentication via Ident client for Microsoft Windows Yes Yes No A4SSL Login page (transparent mode user authentication) Yes Yes No A5Microsoft NTLM User Authentication (includingpassword protected mode)Yes Partial NoSmoothWall User Groups linked to Active Directory,eDirectory, LDAP user authenticationYes No n/aGuardian web access controlled by Group (userauthentication)Yes Yes n/aGuardian web access controlled by IP/IP AddressRange/Network AddressYes Yes n/aUser Internet access controlled by Group (userauthentication) or IP Address/IP AddressRange/Network AddressYes No n/aInter-zone access controller by user authentication Yes No n/a A6VPN user access controlled by user authentication Yes No n/a A7Multiple Admin/Configuration Users Yes Yes No A8Login page with configurable login messages and log-out facilityYes Yes No
Intrusion Detection:
Intrusion Detection System Yes Yes YesIntrusion Alert Messages by email or SMS text message Yes Yes No IDS1
Virtual Private Network (VPN):
SSL VPN for mobile (Road Warrior) or home users Yes Yes NoL2TP VPN for mobile (Road Warrior) or home users Yes Yes No V3IPSec VPN for site-to-site network connections Yes Yes Yes V1IPSec VPN for mobile (Road Warrior) or home users Yes Yes No V2Configure which Internet connection each IPSec tunnelshould useYes No NoVPN Tunnels 20 (Included) to5001 (included) to100See note V4AES Encryption (256 bit) Yes Yes No3DES Encryption Yes Yes Yesx509 Certificate Authentication Yes Yes NoCertificate Authority included Yes Yes No V5Pre-Shared Key (PSK/Shared Secret) Authentication Yes Yes YesNAT Traversal (NAT-T) Yes Yes No V6VPN secure local (wireless) connection Yes No No V7Logging of Road Warrior VPN connections (with optionto send alert messages)Yes Yes No V8PPTP forwarding and pass-through Yes Yes Yes
Logging and Reporting:
Disk logging of all firewall/IDS events, web traffic etc. Yes Yes YesConfigure/enable individual logging functions Yes Yes No L1
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...