If you're worried about security, this is better than any software solution.
We Mac users can be forgiven for feeling a little smug when the conversation turns to security, spyware and viruses.
After all, we’re safe, right? Well, to be totally honest things are a little less clear-cut than this. Sure, there are currently no known Mac viruses in the wild, and the Mac’s general system architecture is fairly secure. But complacency is no safeguard, which is why Yoggie has launched the Gatekeeper Card Pro for Mac. This fits into any Mac with an ExpressCard 34 slot, and provides a hardware-managed secure network gateway that watches for a wide range of threats such as spam and undesirable web content. It also selectively allows, flags or blocks things according to controllable settings. There’s even a USB stick version for users of other Macs.
The Gatekeeper Card Pro runs using a ‘hardened’ Linux installation that acts as a stateful inspection hardware firewall. It appears in the System Preferences Network list as an Ethernet adaptor, and the kernel extension that the software uses ensures that all network traffic is routed through the device, where it is analysed and handled according to the chosen settings. Unlike software solutions there’s no overhead imposed on the host Mac, as the card itself does all the required processing.
The status of the security device, including details of any intrusion attempts and suspicious activity, is shown using a password-protected browser-based interface. This can be accessed from the Yoggie icon installed in the Menubar, and it provides reports and full settings controls as well as the dial-style status display.
Customising the settings starts at a pleasingly easy level, although the simple choice of High/Mid/Low will seem too basic for some. Fortunately, it is possible to adjust these settings in a more detailed way. Clicking on Advanced in the Settings panel opens up rather more sophisticated options, including a number of VPN options (this is a business-class device after all), highly-configurable content filtering and more.
Our main concern here is that the documentation assumes some prior knowledge, which could leave someone floundering if they wanted to adjust particular settings, but didn’t have existing technical knowledge.
The email controls filter for spam as well as malware attachments, and suspicious items have subjects tagged with strings such as [SPAM] and [Possibly SPAM]. Customisation extends to creating sets of custom filters in addition to the built-in ones, although it remains a relatively simple tool.
We did have some unresolved trouble connecting to a standard Network Attached Storage device with this in place, but other than this our test results and experience in general use were satisfactory. BitTorrent clients did produce a host of IDS/IPS events and raise the general risk level, but legitimate traffic wasn’t hampered. It won’t catch a virus that is already on your machine; it is a gateway filter after all.
Of course, the question of how urgently necessary virus filtering is for Mac users remains. If you’re at all concerned about security, want to block Windows viruses (they can’t touch you but you might forward them to Windows users), guard against intrusions, and perhaps implement content filtering, then this is clearly better than any software solution available on the market. If you’re required to run security measures as part of an IT policy, this is the only non-external choice we’ve seen that has no noticeable impact on system performance, so it must rank high on any shopping list.