The PacketLogic appliance from Swedish company NetIntact takes a simple modular approach to network traffic management that makes it a highly versatile product. The base product kicks off with network surveillance to which you can add a range of tools including firewalling, traffic shaping and statistics allowing it to be customised to suit a wide variety of environments from SME to enterprise, ISP and beyond.
The firewall component has stateful packet inspection at its foundation but of far more interest are the Layer 7 inspection capabilities that allow it to identify unwanted traffic such as games, chat, radio or video streaming, and file sharing. As these traffic types generally use HTTP Port 80 they can get round more basic firewalls, but the PacketLogic can identify the application generating the traffic and successfully block it if required.
The system on review came kitted out with all the modules activated, along with Gigabit LAN and WAN interfaces and a licence for 128 IP addresses. For smaller businesses with lower bandwidth requirements NetIntact offers lower cost 4Mbps and 10Mbps versions. For remote management NetIntact doesn't support web browser access as performance is too slow to provide real-time traffic statistics. Consequently, all management access to the appliance is via the PacketLogic client utility which enforces 256-bit SSL encryption. Furthermore, a separate 10/100BaseTX port is provided specifically for management access, which could be placed on another physical network or VLAN for added security.
The appliance functions as a transparent gateway and we encountered no problems connecting it in-line on our test WAN link. The client interface is a simple affair and easy to navigate. Your first job is to get to grips with the concept of objects, items and rules, which are used throughout the different modules. Top level objects are used to represent areas including networks, services, ports, time intervals, traffic shaping and VLANs, and underneath these you can more objects and items. For example, to describe a physical network you create a new NetObject, using the editor tool, and specify items for IP addresses, ranges and networks to include and exclude. The same procedures apply to creating ServiceObjects, and NetIntact provides a huge list of predefined services. For ShapingObjects you specify parameters that determine available inbound and outbound WAN bandwidth.
Firewall and shaping rules comprise objects and conditions and are simple to create. If you want to block access to a specific service, add the appropriate network and service objects to your rule, plus an action that determines whether this application specific traffic is allowed, denied or just dropped. Adding a time period object also allows you to control when the rule is active. If any blocking action does occur, such as an attempt to visit a banned web site, PacketLogic doesn't provide any notifications as it is designed to be totally transparent to users.
Traffic shaping is just as easy to set up as your rules contain a predefined shaping object to which you add network, individual client or subnet objects. Add service objects to prioritise your traffic and leave the appliance to manage them all. A handy feature is that shaping rules can be set up to borrow available bandwidth from other rules that are being underutilised.
The statistics page is the most basic as it only provides graphs of data over the selected period but you can customise this to show a range of protocols, applications and services. Export functions are also on the weak side as you can only currently convert the data to PDF or print it out.
Network surveillance provides views of inbound and outbound traffic and is extremely detailed as you can see bandwidth usage by local host, application protocol and even VLAN. Once objects for local networks have been created, you can see active hosts on the selected subnet, and more detail can be easily viewed by double-clicking an entry in the tree and drilling down to see each host’s client and server connections. Selecting a connection takes you deeper into its properties where you can see client and server IP addresses plus hostname, port and service, whilst a separate table below reveals traffic statistics, the connection direction, URL and even filenames being downloaded.
The PacketLogic provides an extensive range of traffic management tools and its simple installation will cause minimum disruption to network services. The statistics module is the weakest link but otherwise it provides extensive firewall and traffic shaping capabilities allowing costly WAN links to be managed effectively.
High end traffic management products are comparatively expensive, so it pays to investigate your requirements carefully, as other solutions such as content filtering and enforcing AUPs may be all you need. If that isn't enough then the PacketLogic is a very good choice for total control over your WAN link and is extremely simple to implement.