[Web4lib] Security Gateway Question

[Michael McDonnell]

Vicky Moss wrote:
> Hi,
>  
> We are looking to purchase a security gateway.  We were looking at the Astaro Gateway, but our vendor fell through one too many times.  We were curious if any other libraries are using a gateway such as this.  We want to be able to see where our bandwidth is going.  We have four locations with 5 networks, and a VPN connecting our main location with three branches.
>  
>  
By "security gateway" what do you mean exactly?  What specific features 
do you need?

I know that Astaro calls their firewall product a "security gateway" and 
by that they want to draw attention to the "multi-threat" nature of the 
defense they provide.  In that category recommend Fortigate.  I manage 
over 10 firewalls for a large academic library and 6 of them are 
Fortigates.  They have excellent performance and features for the price.

We also have a system called a "FortiAnalyzer" that accumulates all the 
logs from our firewalls and generates reports on bandwidth usage, 
attacks detected by the firewalls, viruses detected in email, etc.

If all you want to do is measure bandwidth usage, you problem do not 
need a *NEW* firewall.  You just need to start measuring network usage 
using SNMP (Simple Network Management Protocol) software.  You firewall 
and your switch probably already support SNMP monitoring.

I use a program called Intermapper (http://www.dartware.com).  The 
education pricing (which applies to libraries as far as I know) is 
excellent.  It will capture your network usage from a switch or from a 
firewall via SNMP and produce nice graphs and textual logfiles.  It will 
also monitor for outages and send notifications.

There are many free open source products that will do the same thing 
(cricket for example).

--
Michael McDonnell
michael at winterstorm.ca