eSoft InstaGate 404s review
Strong web content security measures, but it's pricey and easily overtaxed
Review Date: 5 Dec 2012
Reviewed By: Dave Mitchell
Price when reviewed: £570 (£684 inc VAT)
Features & Design
Value for Money
The InstaGate 404s appliance from US company eSoft targets the SoHo market and offers tough web security for networks of up to 15 users. The base system provides an SPI firewall and VPN support, while eSoft’s Web ThreatPak adds IPS, web content filtering, gateway antivirus and anti-spyware, plus IM and P2P app controls.
It’s a compact appliance with four Fast Ethernet ports providing WAN, dual-switched LAN and DMZ duties, and would seem to be the ideal candidate for use in a small office. However, the 1GHz VIA C7 processor’s cooling fan is noisy: it will be hard to ignore in cramped environments.
Installation is a smooth process: a wizard helps with registration and the Web ThreatPak download and, once active, it keeps all scanners and signatures updated automatically. The firewall has predefined rules so you’re ready to go, but you can add your own if you want more control over specific services.
Options are provided for creating site-to-site IPsec VPNs with other InstaGates or client VPNs for mobile workers. For web content filtering, you can swiftly set up HTTP scanning using the transparent proxy mode. Policies can either be applied to all users or selectively to networks defined by their IP address ranges.
Proxy authentication comes into play with the user mode, where you can employ the appliance’s local database or an Active Directory server. Unlike most competing products, content filtering is carried out locally and not in the cloud, so eSoft’s own URL database needs to be downloaded to the appliance.
This didn’t take long and we were then able to create blocking policies using any of the 17 URL categories and more than 50 sub-categories. You can leave policies permanently active or apply a schedule so they’re active only on selected days and times.
Gateway antivirus is enabled with a single click, and you can create lists of IP addresses that are exempt from scanning. Anti-spyware is just as easy to activate, and for IPS you can add details of specific servers you want protected, where the appliance will then create custom profiles.
eSoft claims a firewall performance of 100Mbits/sec, although in reality, this is the throughput limit of the WAN port. To test this, we hooked up the 404s to the lab’s Ixia XM2 chassis and its Xcellon-Ultra NP load modules. The Ixia IxLoad app confirmed the firewall was good for around 90Mbits/sec, which dropped only slightly with all UTM functions activated. However, using the appliance’s web interface during testing had a big impact on performance.
As we refreshed the ThreatMonitor interface, we saw IxLoad register a significant drop in performance, with throughput falling as low as 10Mbits/sec for brief periods. With such a small supported userbase we don’t see this as a serious problem, but if you have bandwidth-hungry users you’ll have to avoid using the web console where possible.
There’s no denying that the web content security features of the InstaGate 404s are highly accomplished, but there are serious issues. The noisy operation dampens its appeal for the smaller office, and our tests show that it’s operating at the limits of its performance. The price is the final stumbling block: stack it up against the PC Pro Recommended WatchGuard XTM 25-W and it really isn’t such good value for money.
Author: Dave Mitchell
- Microsoft patches TIFF flaw in next Patch Tuesday
- Microsoft expands encryption over NSA spying "threat"
- UK Cloud Awards 2014: nominations now open
- BlackBerry says "we're still alive" as sales hit new low
- Has HP turned a corner?
- Adobe admits it's struggling to notify hack victims
- Microsoft rolls out Office 365 admin app for mobile
- Office 2013 Service Pack 1 to arrive early next year
- Backup the best defence against CryptoLocker
- UK SMBs can now buy ads on Twitter
- Switching from iPhone to Android: what I miss, what I don't
- Tech City: Easy to score when you move the goalposts
- How to remove SkyDrive from the Windows 8.1 Explorer
- Switching from iPhone to Android? Switch off iMessage
- Why is Google pumping more money into Firefox?
- Sky Broadband Shield review
- Samsung Galaxy S4: how to double your battery life
- Motorola Moto G review: first look
- IBM Watson meets Willy Wonka
- Google’s support policies shove users towards Chrome
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- Can Microsoft survive? The future of Office
- A real-world guide to business VoIP
- Sack your PA: how to stay on top of your work life
- Power lies with the internet giants, not the governments
- Software subscriptions return us to a life of servitude
- How to get a job in cloud computing
- Are today's tech start-ups simply get-rich-quick schemes?
- Choosing the right tablet for business
- The importance of load balancing
- Windows Phone App Studio: an easy way to create your first Windows Phone 8 app
- The end of Windows XP support: what it really means for businesses
- Don't rely on Chrome's password vault
- Using Buffer to manage your social media
- Microsoft needs its own Steve Jobs
- Forget credit cards: hackers want your Facebook account
- Can't get fast enough broadband? Here's what to do
- Leap Motion and the battle against UI stagnation
- How to build a really bad network
There are dozens of exciting prizes up for grabs on PC Pro Competitions. All our competitions are free to enter. Try your luck.ENTER NOW