There are, of course, a handful of drawbacks. The biggest one at this time is the fact that this is a new product, still forming and working out some creases. Although the major components are done, it has room to grow. Given this package's price, I recommend you examine it closely in relation to your network's needs before you dive in to a purchase, but you probably will like this product.
The biggest drawback to the AstroFlowGuard's newness is the work flow within the application. The reporting interface is done well, and it allows you to drill down to various levels of detail. But, the configuration interface for adding bandwidth and firewall rules, for example, is in need of some maturity. The biggest complaint I had was figuring out the order in which various options should be configured—it's by adding classes and then specific rules.
One feature I found lacking is the IDS functionality. It seems to be a minimized feature in version 1.002; one that probably will receive an overhaul in the future. The configuration interface in this version was rather thin and didn't give much detail to the signatures within the IDS database, nor was there any way to configure new rules. When I enabled it on my home network, I received various alerts for traffic that didn't make much sense, but I didn't find the reporting interface for the IDS module very helpful either. I'd probably skip the IDS functionality at this point and hope it improves in future revisions.
Matt Olander, from Offmyserver, the company that distributes the AstroFlowGuard system, tells me that many of these issues will be addressed in the next revision of the software. The browser dependency will be removed. Secondly, the IDS functionality will be improved, allowing you to edit and escalate classes and events more significantly. And finally, the host management internals will be more automated, using automatic host detection on your local network. Combined, these new features significantly improve an already good product.
The AstroFlowGuard device certainly is a product worth looking at to bring a small network up to speed. Because it's an appliance, hardware and software configurations are kept at a minimum, meaning the staff can focus on other aspects and not have to worry about compatibility or installation issues. Currently at a 1.0 revision, some kinks need to be worked out, and not all of the features are mature at the time of this writing. Despite this, AstroFlowGuard compares favorably to other commercial offerings and beats them in terms of price.
José Nazario, PhD, works as a software engineer and security researcher for an unnamed Internet security company. He also develops on several open-source projects, has contributed to various Linux publications and likes to travel and give presentations.
|diff -u: What's New in Kernel Development||Sep 04, 2015|
|Android Candy: Copay—the Next-Generation Bitcoin Wallet||Sep 03, 2015|
|The True Internet of Things||Sep 02, 2015|
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
- diff -u: What's New in Kernel Development
- Using tshark to Watch and Inspect Network Traffic
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- The True Internet of Things
- Android Candy: Copay—the Next-Generation Bitcoin Wallet
- September 2015 Issue of Linux Journal: HOW-TOs
- Firefox Security Exploit Targets Linux Users and Web Developers
- Concerning Containers' Connections: on Docker Networking
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects