Yoggies Gatekeeper Pro is an engineering marvel—the tiny device provides in-depth network-based threat protection for individual hosts on the go.
Yoggie has packed some serious technology into Gatekeeper Pro, which is barely larger than a business card. The 500MHz security processor was designed specifically for security functions, and the dual-memory design makes it difficult for intruders to permanently alter the embedded hardened Linux operating system: One memory unit contains a read-only copy of the device OS, which is automatically written to the second memory unit at device boot time.
With this innovative design, Gatekeeper Pro offers a variety of security solutions in a dedicated personal device. Leveraging Kaspersky Labs anti-virus technology, Gatekeeper Pro can block the transmission of viruses and spyware before they touch the protected client machine. Integrated proxies for HTTP, FTP, SMTP and POP3 (Post Office Protocol Version 3) provide further protection to commonly exploited communications. A bi-directional firewall, IPSec (IP Security) client and IDS/IPS (intrustion detection system/intrustion prevention system) technology also are included.
The device performs spam filtering and phishing defense using MailShells engine; Web content filtering is based on SurfControls technology. The device also includes a protocol validation engine, which Yoggie calls Layer-8 technology, to provide a measure of defense against new or unknown attacks.
Because the protection is network-based, Yoggie (at least theoretically) eliminates many of the concerns administrators may have about host-based security solutions. Because Gatekeeper Pro is dedicated hardware, there is no need to worry about conflicting security solutions, wasted memory and CPU cycles dedicated only to security, or even the hassle of managing multiple systems.
All that said, though, Gatekeeper Pro cannot provide file system-level security—users can still get infected with malware introduced via USB thumb drives or CD/DVDs, and additional software is needed to clean existing malware. To combat this shortcoming, Gatekeeper Pro comes with a one-year subscription for Kasperskys desktop Anti-Virus, which, of course, administrators will need to manage and may be an extraneous and unnecessary cost for companies with existing anti-virus solutions.
Each Gatekeeper Pro appliance costs $220, which includes a one-year update subscription. Update subscriptions are $40 a year per device thereafter (which includes the Kaspersky client software license). Yoggie soon will also offer a Gatekeeper Basic model for $180 that lacks the e-mail security, Web content filtering and anti-spyware capabilities that come with the Pro model.
During tests, eWEEK Labs could install Gatekeeper Pro in two different ways: inline or redirect. In inline mode, we connected one of Gatekeeper Pros Ethernet ports to our network switch and the other to our Lenovo ThinkPad T60 test system. To power Gatekeeper Pro, we could either connect the device to the laptops USB port or use an optional power supply.
In the inline mode, Yoggie can protect any kind of device or operating system, as it is truly a network security product. The client is actually in a NAT (Network Address Translation) subnet behind the device, isolated away from the rest of the network.
However, inline mode works only if the user is connected to the wired network, something less likely in todays wireless world. Yoggie therefore offers a redirect mode, which requires that a driver be installed on the client operating system.
At this time, Yoggie offers a driver only for Windows XP. The driver sits below the operating systems network stack, diverting all incoming data to Gatekeeper Pro (which is connected to the PC solely via USB) for verification and cleaning before handing it back to the operating system. In this manner, Gatekeeper can protect the computer whether it connects to the network via Wi-Fi, WWAN (wireless WAN), Bluetooth, or a USB- or PCMCIA-based wired connection.
The driver recognizes when the Gatekeeper device is present, and, by default, will deny the protected PC access to the network when the Gatekeeper has been removed from the USB port. Administrators can configure a password for users to enter that will bypass Yoggie security, temporarily opening up the computer to network access (and, of course, attack).