Update 8/15/2007: Corrected annual fee information.
|At a Glance|
|Product||Yoggie Gatekeeper Pro (YGKPPRO01)|
|Summary||Cool new category of security appliance. Provides a strong suite of security features for a reasonable price in a tiny, portable package.|
|Pros||• Almost perfectly cross-platform compatible
• Very small for portable use
• Can protect one, or multiple computers
|Cons||• One more thing to carry on the road
• Support from Israel imposes some delays
• Relies on client software for spyware and virus detection
The Yoggie Gatekeeper Pro is the second product I've reviewed for SmallNetBuilder that promises unified threat management (see D-Link DSD-150: Good idea, flawed implementation). The idea of the Yoggie Gatekeeper Pro is to take big enterprise information technology security and bring it painlessly to SOHO networks (and laptops) to provide UTM (Unified Threat Management).
Figure 1 shows you what comes in the box with a Yoggie Gatekeeper Pro. The manual is a 12 page double-sided map-folded brochure where each page is 4.5" by 4.5". You get an Ethernet cable and a CD with Version 1.03 of the Yoggie software setup program.
Figure 1: What you get
Figure 2: Front panel
The product shot above (Figure 2) shows the (extremely small) icons on the face of Yoggie. The blue LEDs on my evaluation unit were also very small. To monitor the LEDs on the Yoggie you need to keep the unit perpendicular to your angle of view. The SD activity LED seems to indicate something besides SD activity as the LED blinks pretty much constantly, even when an SD card is not in the Yoggie.
The back side of Yoggie has a rubber door covering the rear. On the left of Figure 3 is the recessed reset button. In the middle is the SD card port, used for recovering / restting your password (more on that shortly). Finally, on the right-hand side is a power port (the optional power adapter is $17.99 on Yoggie's web site).
Figure 3: Yoggie Gatekeeper Pro - back view
With double-sided hook-and-loop or duct tape, you can mount the Yoggie Gatekeeper Pro as a semi-fixed security appliance for a laptop. While this seems like an awkward way to protect your laptop, it could be an interesting way for IT departments to give back some user-friendliness while controlling risk. For example, by turning off the annoying Vista confirmation that Apple made its "Security" commercial about, while retaining a pretty robust list of security features that do not need to be installed in Vista.
There are two ways to set up Yoggie with a laptop. You can connect LAN cables (in-line) to put Yoggie between your computer and the Internet (Figure 4). If you set up your computer using the in-line method, Yoggie defaults to a 192.168.4.x public domain subnet. My home subnet is 192.168.3.x so this wasn't a conflict for me, but it is conceivable that you might run into a conflict if the hotel you stay in happens to have a 192.168.4.x subnet.
Figure 4: Yoggie in action (wired version)
When I saw the .4.x subnet initially, I assumed that the Yoggie took whatever public domain IP it was on (i.e., the 192.168.y.x) and incremented the subnet (y) by 1. Actually, no, the subnet is settable in the Management Console. When you set up Yoggie in the USB-only wireless configuration, your Ethernet ports use DHCP as assigned by your local DHCP server.
The other connection method is to dangle Yoggie by itself from a USB port, so that it will redirect and filter wireless and wired Ethernet packets. The USB-only configuration is called the "wireless" configuration in Yoggie's manual even though it filters both wired and wireless packets.
Figure 5 shows Yoggie connected in its "wireless configuration". The wireless configuration requires Yoggie to be plugged in to a USB port for power; when using the in-line configuration you can either plug Yoggie in to your USB port, or, you can buy an optional extra power supply to provide power.
Figure 5: Yoggie in action (wireless version)
The Yoggie USB cable is a rubberized, flat cable, that acts like a collar going around the face-plate of the unit. You unplug the USB connector, unwind the USB cable, and then plug it into a USB port.
In addition to connecting a Yoggie Gatekeeper Pro to laptops, Yoggie can be used on LANs (see Figure 6). Install a Yoggie between your router and your modem to implement security from the outside-in. If you do this you will enter the "port forwarding zone" and have to forward ports for the games, incoming mail, ssh, etc. that you'll need.
In fact, Yoggie is very similar to my ClarkConnect 4.1 Enterprise server. The main differences are that Yoggie is less complex (no root access means more safety and less tinkerability), Yoggie does not have a proxy server cache to speed up all the client PC updates that I do and Yoggie does not have an annual fee attached to it like ClarkConnect's $85 a year.
Update 8/15/2007: Update subscription is $40/year, with the first year included in the purchase price.
Figure 6: Yoggie Gatekeeper SOHO
The best sumary of what Yoggie does and how is provided by a product comparison page on Yoggie's web site. I've reproduced the comparison in Table 1.