Astaro Corporation, a leading network security vendor, recently announced the launch of the Essential Firewall edition of its flagship security solution Astaro Security Gateway (ASG), available for free to all organizations worldwide. The Essential Firewall edition is claimed to include all the necessary functionality that all organizations need to secure their networks and operate a successful business, but we found some limitations.
As a result of wider economic pressures, IT in general today is shaped by one dictate: reducing costs. This is why more and more businesses, especially small and medium sized organisations, are currently using cheap solutions, or even consumer products, to protect their IT environments. The imperative to reduce costs also results in many postponed projects and more careful spending of budgets. The free Essential Firewall edition from Astaro aims to support small and medium business owners with the necessary functionality to be secure today at no cost, as well as expanding as their needs grow.
The Essential Firewall edition is based on the Astaro Security Gateway and delivers the fundamental functionality required to protect customers and their networks. If more functionality is needed over time, the customer can upgrade to the full Astaro Security Gateway.
As a free edition of the Astaro Security Gateway, the Essential Firewall offers the same easy-to-use Graphical User Interface and is available as Software and Virtual Appliance. Additionally, the Essential Firewall edition will come with the ability to receive support through Astaro’s user forum (www.astaro.org).
Features included in the Essential Firewall edition:
- Networking: Internet Router, Bridging, DNS server & proxy, DynDNS, DHCP server & relay, NTP support, automatic QoS
- Network Security: Stateful Packet Inspection Firewall & Network Address translation (DNAT/SNAT/Masquerading)
- Remote Access: PPTP and L2TP over IPSec support (including iPhone support)
- Logging/Reporting: Full logging on local hard drive, searching, real-time reports for hardware, network usage and network security, daily executive reports
- Management: Web-based GUI in local languages, setup wizard, configuration backup & restore, administrator notifications, SNMP support, centralized management via Astaro Command Center (also free of charge)
While this is a good move which will allow IT admins who have been “secretly” using the home version to protect their businesses breath a sigh of relief, we must note that the free business version drops the ball in providing the “essentials” that small and medium businesses need – web, mail and malware security are glaringly absent in this version.
This is a big mistake. The home edition provides more security than the business version – a reversed situation. Of course, the ultimate goal is to ease business owners in and allow them to see the business value and the need to get the “full” version.
I do not believe in teaser software especially for critical environments like businesses. If you want to give it away free, then make it truly free. Moreover, it goes counter to the statement by the CEO of Astaro, Jan Hichert, as to the company’s motivation for this release:
Small and medium sized businesses are the backbone of the world economy. They act more cautious, they maintain a stable business and they are not subject to the high demands of investors. But nevertheless, SMBs are affected by the current economic climate even more so than larger businesses. This is why we see more and more businesses fall back to consumer products to secure their IT environment (emphasis mine) – in order to reduce costs, they lower their level of security. This is a dangerous compromise. By launching the Essential Firewall edition we aim to provide those companies a professional alternative.
Terribly crippling the so-called business version, runs counter to the stated objective and seriously dampens the incentive to even try the software, especially when there are comparable products out there like Untangle, Smoothwall, ClearOS – formerly ClarkConnect, IPCop, and pfSense to name a few.