Introduction, Inside, Configuration Feature Summary, Networking Wireless, VPN Security Firewall, Routing Perf, WLAN Perf, Closing Start

Prev

1

2

3

4

5

Next

End

Introduction

Unified Threat Management (UTM) devices are all-in-one devices that provide networking, firewall, and security solutions for small-to-medium sized networks. UTM devices typically provide a wide array of security features including anti-virus, web filtering, anti-spyware, spam controls and intrusion prevention.

UTM devices also commonly support VPN services, a rules based firewall and flexible network options. The Cisco ISA500 series are Cisco's UTM devices with all of these features, targeted at small businesses.

There are four models in the ISA500 series, the ISA550, ISA550W, ISA570 and ISA570W. The "W" denotes the wireless versions of each platform. Cisco recommends the ISA550/ISA550W for networks with up to 25 users and the ISA570/ISA570W for networks with 25-100 users. In this review, I'm going to look at the ISA550W.

The ISA550W is housed in a gray metal case with a black plastic front and external power brick. It measures 12.1”W x 7.1”D x 1.9”H, is mountable in a 19” rack and comes with mounting brackets. The ISA550W is passively cooled, so runs silently.

Cisco ISA550W front panel

Indicator and status lights are on the front and the Ethernet ports are on the back. In addition to the Ethernet ports, the wireless antennas, a power switch, power port, Kensington security port, and a single USB 2.0 port are on the back. (The USB port is used for loading or saving various files.)

Cisco ISA550W rear panel

Inside

The ISA550W runs on a 1.6 GHz Marvell 88F6282 CPU, with 1 GB RAM and 256 MB of flash. Other key components include a Marvell 88E6171R 7-Port Gigabit Ethernet Switch and a 2.4 GHz N300 Ralink wireless SoC, hidden under the RF shield at the bottom of the mainboard picture below.

Cisco ISA550W board

Configuration

The ISA550W is managed via a web GUI, which Cisco refers to as the “embedded Configuration Utility.” If you were to deploy the ISA500 series in your business and rely on a third party to manage it for you, Cisco recommends deploying an ISA500 with the Cisco OnPlus service, which provides additional remote access to the device and monitoring options.

When you log into the ISA550W, you're presented with a useful dashboard, shown below. This dashboard provides a quick summary of device utilization, log counts, VPN status, port status, interface status, and wireless status.

Cisco ISA550W dashboard

To make things easy, there are six different configuration wizards. There is a basic setup wizard, dual WAN wizard, remote access VPN wizard for both IPsec and SSL, a site-to-site VPN wizard, a DMZ wizard, and a wireless wizard. I found the VPN wizards helpful.

As would be expected in a UTM, the ISA550 has quite a few configuration options. However, I found the layout of the menus easy to navigate. Main menus are listed along a panel on the left side, which can be expanded to reveal further options. Clicking on an option brings up a page with one or more tabs of configuration screens.

There are 9 different main menus, each with 4-15 submenus, some of which have additional submenus. I often put together a chart in my reviews listing the menu headers of a device, but in this case there are simply too many. Suffice it to say, the ISA550W is highly configurable.

The ISA500 series' 432 page manual covers the configurations of the ISA500 relatively well. In addition, there is a help button in the ISA550W configuration utility that brings up an online version of the manual, which is quite handy. As I'll cover in the VPN section, a few more configuration examples would be useful, though.

On the downside, boot time and menu response time on the ISA550W are very slow. It takes about three minutes for the router to boot and the ISA550W's screen response is sluggish when applying configurations. Waiting to apply configurations or to navigate from screen to screen can make configuration and administration of a device a drag. Unfortunately, I've seen menu lag on other Cisco small business devices, such as the SG500-28P switch.