It looks more like an MP3 music player than a piece of high-tech computer hardware, but the Yoggie Gatekeeper Pro is a security device its Israeli creators claim took them two years of hard graft to fashion. For all that work, they’ve come up with a laptop security device that packs a long list of protection features into a plastic box still portable enough to sit in the palm of the hand.
The principle of its design is to put every conceivable security function into a single device to the extent that no other security software is needed on the laptop itself. What this adds up to is pretty comprehensive. The basic layer includes a NAT-based SPI firewall, an intrusion detection engine based on Snort, and useful things you’d expect like a VPN client. Since the Yoggie is proxying everything that comes into the laptop from either the wired or wireless network interfaces, it can apply filtering to application traffic too by running a clutch of security agents. These cover anti-virus and anti-spyware (supplied by Kaspersky on a 1-year license), anti-spam (from MailShell) URL filtering, (SurfControl) and something the company calls a “layer 8 security engine”, which equates, we presume, to a sort of heuristics for unknown attacks.
The web interface to configure all this might be expected to be complex, but in fact the options to adjust security settings are sparse. Mostly, it’s is just about turning on or off various features, and deciding what category of websites the unit should filter. When we tested the latter, it did a great job of stopping us visiting the types of website we asked it to block. According to Yoggie’s creators, the various security engines update automatically every five minutes using an encrypted SSL channel, a frequency which can’t be adjusted.
The Gatekeeper can be used in one of two modes, ‘wired’ (redirect) or ‘wireless’ (pass-thru). In wired mode, the device monitors the Internet connection as an inline firewall, sitting between an ADSL modem and the network router, while in wireless mode, it simply hangs off a USB port of the PC or laptop being protected, with all traffic directed through it.
The latter, wireless mode, requires a special driver to be loaded (XP-only at the moment), but laptop users can take advantage of both modes depending on how they are likely to use it. Take it on the road as a portable firewall, and just put it in front of the laptop when connecting through a hotel Internet system, say. Alternatively, use it as a hardware protection device to secure traffic through Wi-Fi or Bluetooth when away from RJ-45 sockets.
The unit runs a hardened Linux OS on a 520 MHz Intel PXA270 XScale CPU, which in the Pro version (there is also a less powerful ‘basic’ model) has 128 Mb of onboard RAM, with a separate store of flash memory. Apart from performing the function of accelerating security functions that would otherwise have to be run on the laptop itself, the physical configuration of the hardware design is not incidental to its security capabilities, of which the company offers more detail on its website.
Outwardly, there isn’t much to the Yoggie. It has three tiny – and hard-to-see - blue status lights on the front, while on the side and rear are located a single 10/100 Ethernet port, an power port, reset pinhole, and slot for an SD memory card. The USB cable used when in wireless-redirection mode winds neatly round the body of the unit, and can be un-tethered as needed. To allow it to be powered without the need for external power, the USB interface is the slower 1.1, which will work through the laptop. Despite this, we didn’t notice any particular overhead while working in redirect mode.
The Yoggie is an interesting attempt to make an all-in-one security product for business use, the advantage of which is probably threefold. First, being a hardware add-on, it doesn’t tie down the laptop running a number of security systems, and second, it does everything in one device which makes for simplicity. In fact, there is no need to load separate software at all. Finally, for enterprises, the device can be distributed to a fleet of laptop users and managed using the separate Yoggie Management Server, something that helps overcome the drawbacks of a standalone security product.
It could be argued that the Gatekeeper is overkill. Does the average laptop user really need all this complex security? We’d argue the answer is probably not, but the key issue is not how many security functions it offers, but how well it does the important bits. The evidence is that its makers have chosen the third-party security engines well, and the web filtering is particularly strong. If the admin can stop laptop users from visiting the types of website from which they are likely to catch malware, then most of the job is done.
So, does it stack up against just doing the important security functions by loading them as software on to the laptop itself? This is tougher to assess, and it probably depends on a host of operational factors in the particular company. One advantage of software is that it can’t be lost or damaged as can a physical device, though managing software on a PC is always going to be more complex than having it embedded in a standalone bitof harware. Some companies will take the view that they don’t need such complexity in a security device because they use VPNs for remote access and therefore provide most of the Gatekeeper’s functions in the network layer. What definitely makes no sense it to load licensed security software on the laptop while also using the Gatekeeper as an extra layer. While possible, the concept really stands or falls as an all-in-one system.
A slight disappointment with the Gatekeeper is that while it monitors wireless links, it doesn’t actually control the channel itself, which is one of Wi-Fi’s biggest vulnerabilities. There is no way to impose order on precisely *what* is being connected to in the manner of products in that area such as Sana Security’s Air Cover. So a rogue hotspot connected to without encryption turned on (as is the case most of the time) is still a data security risk.
The Gatekeeper is really just another laptop security option, and one that ads to the panoply of security possibilities out there. It won’t be for every company, but still shows a lot of good thinking. Looking at the future of laptop security, the idea of plugging in a special device looks more and more like a plausible solution.