Gatekeeper / Firestick

The Gatekeeper and Firestick products from Yoggie Security Systems are portable devices designed to be plugged into laptop computers, providing them with a suite of security applications including intrusion detection and prevention, firewall, anti-virus, and anti-spam, among others. The devices themselves are designed as self-contained mini-computers; each containing its own Linux-based OS, memory (128 MB SDRAM and 128 MB Flash), and Intel-based CPU.

The devices are served in several configurations:

- Gatekeeper Pico, a USB key about the size of a typical thumb drive (with a built-in USB connector)

- Gatekeeper Pico Pro, also a USB key but with added VPN client and remote manageability (see below)

- Gatekeeper Pro, a stand-alone device that can connect via USB, ExpressCard, or as an inline device with Ethernet connectivity to and from the unit

- Gatekeeper SOHO, a stand-alone device with multiple ports that is also deployed inline and can be used to protect up to 5 computers

The Pico devices plug directly into the USB port of Windows laptops and automatically boot into their operating system and launch the security applications. For booting, a separate copy of the O/S is stored in read-only memory of the device and loaded just before boot; thus if the O/S is compromised in some way it will automatically be cleaned on the next reboot. Operationally, the USB devices install a low-level driver on the Windows machines, automatically redirecting all network traffic through the device for scanning and analysis before it is actually received by the Windows O/S and TCP/IP stack. If desired, the computer can be configured such that the device must be present before the laptop is allowed to connect to the network.

For the Gatekeeper Pro offering, USB-only, ExpressCard (new), and inline connections--where the device connects to the laptop via an Ethernet cable and to the network via a separate Ethernet cable--are supported; the latter configuration having the advantage of not requiring a Windows-based laptop and additionally not requiring the separate O/S driver.

Multiple security features and capabilities are provided by the Gatekeeper and Firestick devices, primarily the result of open source and 3rd party tools. Among these are IDS/IPS, both made possible by Snort; anti-virus and anti-spyware, both from Kaspersky; anti-spam and anti-phishing courtesy of MailShell; and content filtering from SurfControl. In addition to and facilitating these applications is the device's ability to act as an HTTP/FTP and and SMTP/POP3 proxy, with other protective capabilities including a Firewall and the Kaspersky Desktop Thin File System AV (which provides malware protection to data obtained from USB Flash drives or CDs). The Gatekeeper Pico Pro, Gatekeeper Pro, and Gatekeeper SOHO offerings additionally include a built-in VPN client and support remote central management.

The Firestick Pico device is similar to the Gatekeeper Pico (USB key) but includes only the firewall functionality.

For the central management of Gatekeeper devices (Gatekeeper Pico Pro, Gatekeeper Pro, and Gatekeeper SOHO), the vendor offers the Yoggie Management Server, each of which can manage the policies of up to 5,000 Gatekeeper devices via a browser-based console. The management server can both obtain local logs from the devices for visibility, as well as provide security policy updates (settings for the various security applications), signatures, and rule-based updates.

The Gatekeeper and Firestick device line is available now. Pricing ranges from $119 for the Firestick Pico to $249 for the Gatekeeper SOHO; with annual subscription pricing (Kaspersky updates, etc.) priced from $30 to $69. Pricing for the management server is based on the number of licenses required; with 100 licenses available for around $2,385 and volume discounts available.

Visit the Yoggie Security Systems Web site for further information.