Kerio Technologies Inc. has announced an update to its firewall software designed to block access to sites that are setup for the purpose of distributing malware. Analysts note this feature is common in other vendors’ products.
WinRoute Firewall 6.7 categories Web sites into 53 different categories and includes a Web filter as an optional module.
The software accesses a database and lets administrators block access to sites with known threats, said John Jones, a technical engineer for San Jose, Calif.-based Kerio.
“You can monitor what’s going on in your network,” Jones said. “You can say, ‘I don’t want any social sites or ‘I don’t want any job sites.’”
This feature is common on security products and is used by enterprises to enforce acceptable use policies, said Andreas M. Antonopoulos, senior vice-president and founding partner of Nemertes Research.
“It goes back to parental controls,” he said. “AOL had these features back in mid ‘90s and they became enterprise features very very soon afterwards.”
WinRoute Firewall 6.7 also has a virtual private networking (VPN) client for Windows, Macintosh OS X and Linux machines.
Triton Technical, a Seattle-based consulting firm that installs mechanical and IT systems on large yachts, has used WinRoute Firewall for two years.
Patrick Karr, the firm’s lead IT architect, said this is useful to his company, which has four sites with VPN connections to each.
The ability to block social networking sites and those with malware, and VPN support, are not unique, said Charles Kolodgy, research director for secure products at Framingham, Mass.-based IDC.
“Many vendors are using cloud services and other reputation based capabilities to block access to known bad Web sites,” Kolodgy stated in an e-mail to Network World Canada. “Some of this is being done at the browser level or at a gateway using (anti-virus) products.”
Kolodgy cited as examples include Trend Micro Inc.’s Web Reputation technology, initially announced two years ago, and McAfee Inc.’s Web Protection Service. He also cited the example of version 7.0 of Cisco Systems Inc.’s Intrusion Prevention System Sensor Software, which taps into a database of Web site reputation scores.
Combining firewall and VPN functions in one product is common, Antonopoulos said, adding it’s more common for VPNs to have firewall features than vice versa.
He added multi-function products, with VPNs, firewall, antivirus and intrusion prevention are “becoming the norm.”
“Enterprises are extremely reluctant to introduce new agents on the desktop,” Antonopoulos said. “Maintenance overhead is extremely high.”
WinRoute Firewall also does load balancing between different Internet connections, which allows one connection to fail over to another.
Karr said this comes in handy for Triton’s seagoing clients, many of whom have different ways of connecting to the Internet. For example, a yacht may connect using satellite service on the ocean, Wi-Fi service in a port and through a DSL connection while in a shipyard.
WinRoute Firewall 6.7 costs US$329 for 10 users, and US$395 if it’s bundled with McAfee Anti-Virus. The Web filter costs an additional US$150 for 10 users.
WinRoute Firewall includes standard features such as the ability to create inbound and outbound traffic policies, stateful packet and protocol inspection, plus filtering for viruses and worms. Kerio said it can also protect from peer to peer applications through port blocking, payload analysis and behaviour analysis.
Version 6.7 includes a new administration console that works with the Internet Explorer, Safari and Firefox browsers.