A Guide to Technology,
Products, and Deployment
|
Internet @ppliance Industry Report: A Guide to Technology, Products, and Deployment |
|
| Internet Appliance Inc. SES 1500
Small-to-medium Internet security and web server. Supports Virtual Private Networks (VPNs) and has built-in firewall and email servers, as well as support for Windows file sharing. Various options available from dial-on-demand to Ethernet and ATM connections.
Price:
Contact: |
 The Internet Appliance Inc. SES 1500 is a good balance of sophistication and simplicity. It is a VPN appliance that combines web, firewall, and dial-in servers together in a nice package, all administered from a series of browser-based configuration screens. It is an appliance geared towards medium-sized businesses who require capacity to support 30-50 users along with the security features to protect them on the Internet. |
What's inside?
The first thing you notice about the SES 1500 is its distinctive two-tone blue case.
Behind the colorful cover is an X86 computer running Linux on a 333 MHz AMD processor.
The model we tested had 64 MB of RAM and a 6.4 GB hard disk; other options can include
up to 256 MB of RAM.
Setting up the SES 1500
There are several ways to setup the SES. You can use Telnet to directly access
the command line operations of the server, or hook up a standard PC keyboard and
VGA monitor directly to the unit. But the easiest method is to connect the SES to
a network and use a PC-based browser to configure it.
All administration of the SES is handled through the browser and two series of menus:
one for the standard configuration options (shown at right) and one for the Virtual
Private Network options. The menus are clearly laid out and on screen help is provided
that walks you through what is needed to fill out each form.
The SES lacks its own name and address servers that may be found on other Internet appliances.
Web, Email and File Sharing Services
The SES supports Windows file sharing protocols, so users can connect to it as they would
any other NT or Windows 98 file server. This is setup with a simple configuration web form
as part of the main setup process. In addition to file services, the SES may be configured
to share a network print queue among Windows users. You can also make use of its built-in
FTP server to transfer files to the device.
The SES comes with a built-in Apache web server that includes the ability run CGI scripts.
To run a script, you go to the System Management | CGI Utilities menu, and upload your script
to the appropriate directory on the web server. (You can also copy the file directly within
Windows Explorer too.)
The SES automatically maintains several different log files, including a standard web server
log along with system and other diagnostic logs. All are readily available from a series of
menus. Not included in the SES are any pre-designed web templates. This is a lean and mean
web server, and it supports SSL v 1.1 secure web services too.
Speaking of setting up users, this is done via two screens: the first to add the account on
the server, and the second to setup an email alias or identity. It couldn't get much simpler.
Each user can have an individual public web directory on the server, using the standard format
of web servername/~username.
The SES is a full Internet-capable email server. It can support both POP and IMAP clients,
and the printed documentation describes how to set up various email clients such as Netscape
Messenger and Microsoft Outlook. The email server can be configured in one of three ways to
handle a wide variety of situations, and this is perhaps the most confusing portion of the SES setup:
One nice feature not found on many Internet appliances is the ability to screen or block
particular URLs from being accessed through the Internet, what the company calls "dynamic
Internet screening." You can add or subtract URLs via a web form, although having to type
in all the various addresses can get tedious. It comes preloaded with a series of blocked
sites, and for obvious reasons these sites are not displayed in the configuration menus.
Administrators can view a daily log of page accesses that were blocked by the system.
Finally, the SES has two important features. It can be configured as both a web proxy and
caching server, so that all outbound connections pass through the box before heading out
to the Internet. This can increase performance, and reduce the latency time that web pages
appear on user's browsers. The caching server comes pre-configured and runs automatically
and without any user intervention. The proxy server has a single form to specify the size
of the cache and the port address of the server.
Notable Security Services
The SES includes a complete firewall as part of the package, and it is setup with a clear
easy to use form to specify the various packet filtering rules. The filters apply to
particular IP addresses, ports, and protocols. You can also enable packet masquerading
for all rules to apply an extra layer of protection for your internal network, and you
reorder the rules themselves so they are applied to network communications properly.
Communication Services
The SES comes with a variety of built-in communication services, including support for
dial-out and dial-in servers. However, you must use two separate modems if you wish to
enable both directions. The dial-in server supports Microsoft Remote Access Server protocols,
and setup merely requires you to connect the modem to the serial port and specify a
particular IP address in a single web configuration form. The dial-out server can be
set to disconnect after a specified idle period or remain connected continuously.
The Internet Appliance SES 1500 is a good choice for medium-sized enterprises looking for
a simple but sophisticated appliance. It has a good mix of web, email and firewall services
and is noteworthy in its support for VPNs.
With this latter method, setup was very simple and took less than 15 minutes. We
reset a PC's IP address to be on the same network as the SES, and then rebooted
the PC and brought up a browser and typed in the default SES IP address with port 222.
We could use the quick start series of screens, which asked us to setup IP parameters,
host names, administrator password and other information. Once the quick setup is done,
we restarted and server and we were ready to go. If you can by on the default settings
for web, mail and other services that Internet Appliance has specified, you are ready
to use the server as-is.
In addition to the firewall, the SES (models 1500 series only) contains a full Virtual
Private Network (VPN) gateway. You'll need to have two SES devices connected to each other
over the Internet in order to establish a secure connection between them. While the procedure
is geared for experienced network administrators, the steps (and menu choices as shown in this
screen shot) to create a VPN are clearly documented, along with diagrams showing you typical
network configurations. Setting up the VPN option will take a few hours, even for the
moderately experienced administrator.
Final Word
Copyright ©2000 Core Competence, Inc. and David Strom, Inc.
No part of this report may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage
or retrieval system, without permission in writing from the publishers.
All Rights Reserved