Collax Security Gateway is a Linux based distribution. Here’s what they say about their product …….
Just like all Collax products the Collax Security Gateway is based on Linux and Open Source. True to the Collax slogan ‘Simply Linux’ you will find Linux’s complexity ‘hidden’ in the depths of the software. Via a user-friendly user interface you simply and easily use the security package without any Linux know-how. With its simple operation the Collax Security Gateway is of interest to every company, and especially for small to medium sized companies.
The installation is painless enough, you have some defaults set for LAN IP address, netmask, FQDN, which you can override before the install starts. I set it to be in the private network space I use and let it start the install. A few minutes later after writing this far, I checked and the machine was finished. “Press enter to continue”.
There are a ton of scripts writing configurations for things like Postfix, Spamassassin and Apache2. After it completes the install displayed on the screen is.
The installation and first configuration is finished now. Please open a browser on your desktop computer and point it to the following address to accesss the WebGUI.
https://192.168.0.254:8001
So I connected as instructed and the first thing I see is the license. I won’t quote it here, but essentially it says, some of this is open source and carries an open source license. There are proprietary parts including trademarked and copyrighted images and logos. You can’t resell this packaged software under a sub-license. So they are protecting their rights of their branding, and you can’t resell it without a specific license from them.
Next, it requires you to set the root password. Which I did. However there is a special user, admin, for the GUI. Since I haven’t had time yet to RTFM, I’m kinda stumbling along. So I go back to the console and set the password for admin, and voila!, I can login to the web interface, as admin.
The first screen you see after you login is the System Information Screen, there are tabs for Status CPU, RAM and Hard Drive. Nice graphics showing you at a glance how your gateway is performing. It looks like the initial install only took about 1.20 GB of space.
First thing that comes up after the initial formalities.
The menu layout if quite good, tab groups of System, Wizards and Settings with sub-menus on each tab. Under the System Tab, you have subgroups, Status Statistics Log Files and Remote Management. After System Information, the next menu item for Status is Services.
The Services page shows running programs.
This provides a page showing the services currently running on the system. Link Status shows you which interfaces are active. Since I’ve only configured and plugged in one interface, that’s all I see. Most of the rest of the Status Links are empty, since I haven’t configured them either. Not much is visible here, before the system has been configured. The Event Monitor seems to be a web interface to Nagios.
Event Monitor lets you view events, set up Agents and create Filters
The Remote Administration interface allows stopping, starting, and rebooting the gateway through the web interface.
Stopping and Starting can be accomplished from the WebGUI
I decided to check out a couple of the Wizards. I chose to use the Internet Connection Wizard and the Users Wizard.
Configuring the Internet Network with Internet Connection Wizard
Choose applications to allow out bound connections, for egress filter
Users Wizard showing script run to configure applications. Lots of scripts getting run.
To get into the nitty-gritty of the system look at the Settings tab. There are expandable menu items for Usage Policy, Networking, Mail and Messaging, Services, Filter and System Configuration. It appears you can set about any configuration option through this web interface. For example there are seven different Policy options, provisions for three different methods of authentication.
Settings -> Network -> Configuration
In the networking section you can create policies and do policy routing. You can create allocations for applications to carve up available bandwidth. You can configure VPN tunnels using SSL. I couldn’t find any option to set up IPSEC tunnels for gateway to gateway. There is a set of menus where you can look at and configure Firewall rules. There are five menu choices for DNS, including Forward Zones, Reverse Zones, Hosts, and Dynamic DNS. DHCP is configurable under Settings -> Networking. Even the web proxy settings are displayed under the Networking Menu.
SMTP Mail Server Configuration
Settings -> Mail and Messaging give you access to the Postfix configuration. You can configure SMTP Auth. If you have generated certificates, you can configure TLS for incoming and outgoing connections. Although I consider Postfix to be a relatively simple server to configure, Collax chooses to hide that all behind a web interface. So much better to give you a consistent view of the system configuration. You can run mailing lists from the Mail and Messaging interface. The External Mailbox menu allows the administrator to configure the system to fetch mail from a remote pop3 or imap server and place it into a local mailbox. There is also an option to adjust the time intervals for fetching mail.
The Services Menu give an administrator access to the file shares, configuration of Samba, Web Server and Time Server configuration. Like most of the services on the system, you first need to enable the service before any configuration options appear.
Configuring Samba under the Services menu
Services -> Filter helps the administrator manage Spamassassin spam filter and Clamav antivirus for filtering incoming mail and web connections. The administrator can also manage Squid web proxy with the dansguardian module and Cobion for filter web content. Cobion is a subscription image filtering system.
Configuring Spam Filters
The System Configuration menu under Settings is where you find menus for Configuration Management, Hardware Configuration, Software Update Configuration, Time Configuration, Backup Configuration, UPS Configuration and Monitoring Configuration. Configuration Management gives the administrator a peak into the configuration and it looks like you can save and reinstall configurations through this menu. There is a master toggle that will cause the system to reread it’s configuration and run the scripts that set up the configuration. The Hardware configuration lets you know what the system knows about ethernet and serial ports. Software Update Configuration allows the choice of a proxy for updates. Time Configuration give access to the Time Server and controls access lists. Backup Configuration allows you to configure the built in backup solution, bacula and schedule backups. If you have a UPS , you can configure Collax Gateway Server to watch and manage it. The Monitoring menu allows you to use SNMP, or other methods to monitor your network. This is one of the interfaces into Nagios.
General Backup Configuration in Settings -> System Configuration
Conclusion: Collax Gateway Server has too many moving parts for me to trust it I don’t care much for the number of scripts that are required to make the WebGUI work. It seems overly complicated for something that is advertised as a security device. It is simple to configure through the web interface. However, if the administrator is inexperienced, there’s a lot of services that have the potential of a future vulnerability. The help system isn’t context sensitive and uses a pop-up web page. I didn’t spend a lot of time with the help, the part I did look at seemed to have concise information. I wouldn’t trust the Collax Gateway Server to protect my network, but I would run it as an easy to manage departmental server.
Thanks for reading.
