Gatekeeper Pico for Mac – Yoggie Personal Security Device 5.2.2
Reviewed by Robert Pritchett
![](GatekeeperPico_files/image003.png)
Yoggie Security Systems Ltd.
Beth Halevy 310
Beth Halevy 42870
Israel
Phone: 972 9 894 4900
Fax: 972 9 894 4800
info@yoggie.com
http://www.yoggie.com/Gatekeeper-Pico-for-Mac
Watch the (non-Mac) video reviewÉ
Contact form: http://www.yoggie.com/contact
Released: October
13, 2008
$149 USD for Gatekeeper Pico for Mac and $199 for
Gatekeeper Card Pro for Mac
Store: http://www.yoggie.com/e-store
|
![](GatekeeperPico_files/image006.png)
![](GatekeeperPico_files/image007.jpg)
|
Requirements: A
Portable Mac running Mac OS X Leopard or later. Intended for Road Warriors.
Unused USB port.
Comes with: CD
(Driver), QuickStart Guide, Linux-based 520 MHz Intel processor with 128 MB
of memory, 128 MB of flash storage and 8 MB of read-only storage.
Patent: http://www.faqs.org/patents/app/20080276302
Strengths: Uses 12
Internet security apps in a standalone configuration without using onboard
CPU resources. Protects against any Internet Maliciousness.
Weaknesses: Has a
1-year subscription for Linux-based software updates and licenses. Requires
other Apple-based safety apps (Firewalls, Email anti-spam, etc.) be turned
off in order to function properly.
Apparently it is designed for only one Email address?
Simplistic interface that hides access to real apps and functions.
And it is a dongle.
Requires a CD-based driver to be installed.
Other Reviews: http://www.linuxdevices.com/articles/AT8368967523.html
http://blogs.zdnet.com/hardware/?p=506
|
Introduction
Yoggie Security Systemsª
today launched the worldÕs first miniature hardware internet security devices
for MacBooks and Mac desktop computers. The new Gatekeeper Picoª for Mac and
Gatekeeper Card Proª for Mac, provide 12 internet security applications on a
dedicated hardware that offloads security, improves productivity and protects
users wherever they connect.
With predictions of over
10 million Apple Macintosh¨ computers sold by the end of 2008, Macs are rapidly
becoming attractive targets to attackers. Additionally, the typical Mac user is
more mobile than a Windows user and as such has a higher risk of exposure to
internet borne threats.
The Gatekeeper Pico for Mac is a USB
key-size Linux-based security mini-computer, with 12 built-in security
applications. The device boots up automatically with the Mac and begins
protecting the Mac host immediately. A specially created low-level driver
hijacks all network connections, routing Internet traffic through the device
before it reaches the host computer, ensuring that any attacks hit the
Gatekeeper Pico for Mac and not the host computer.
The Gatekeeper Card Pro for Mac is
inserted directly into the MacBookÕs ExpressCard slot and provides 12 security
applications. Like the Gatekeeper Pico for Mac, it is a full-blown
mini-computer with its own processor, memory and hardened operating system. The
Gatekeeper Card Pro for Mac marks the first time that an entire computer has
been designed for installation inside another computer – essentially a
computer within a computer – for the purpose of providing the most
advanced security protection on the market.
Shlomo Touboul, Founder
and CEO of Yoggie Security Systems: ÒAs a nomad Mac user myself, who is heavily
dependent on his computer and is always online, I want maximum security and
mobility without installing heavy duty software on my MacBook Pro. With our new
products, we believe that we are solving a growing problem; and are very
pleased and excited to make the Gatekeeper available to the Mac user community
at the same price as the Windows version.Ó
Full list of security
functions in the Gatekeeper for Mac products:
¥ Integrated stateful
inspection firewall
¥ Snort Intrusion
Detection System
¥ Snort Intrusion
Prevention System
¥ Sourcefire VRT certified
Snort rules
¥ Kaspersky anti-virus
¥ Kaspersky anti-spyware
¥ Mailshell anti-spam
¥ Mailshell anti-phishing
¥ SurfControl Web content
filtering
¥ Adaptive Security Policy
¥ Multi-Layer Security
Agent
¥ Layer-8 Security Engine
¥ VPN client (Card version
only)
The Yoggie Gatekeeper Pico
and Gatekeeper Card Pro for Mac are based on Yoggie Security Systems award
winning Gatekeeperª technology, and will run on all devices running Mac OS X
v10.5.4 (Leopard) and above.
What I Learned
If you watched the video review posted above, you will
eventually see it is a PC-based review hiding on the "Gatekeeper Pico for
Mac" and mentions the price for the PC version is about $50 USD less than
for the Mac version, even though Shlomo Touboul says otherwise (same price).
When I upped the security to the highest level, I found the
port access for Email had been changed and security changed to SSL and stopped
working.
Since I began this experiment with the computer plugged into
the LAN instead of using AirPort, the network access didn't work immediately
when I disconnected the cable and turned on AirPort. It had to seek and find
automatically until it was able to use the wireless connection. Email was
restored after I manually changed the port back and unflagged the SSL option.
The test file I downloaded for checking the function of the
Gateway Pico didn't register in the Pico onboard logs. I unzipped. I texted.
But the file didn't get recognized as malware. Oh, I didn't disconnect anything
that is currently, since it is in stealth mode without the dongle, but the
parental controls work for filtering out "Adult" websites. I noticed
a definite lag in performance on site address access, so I know that part is
working fine.
I upload and download large files, but have not noticed an
appreciable decline in performance yet.
Subscriptions beyond first year use is $30 a year for
updates.
The main difference between the Pico and the Card, besides
USB vs. Card slot locations, is the card also does VPN and fetches from any
local enterprise servers instead of going to Yoggie's central servers. Yes, you
do need to register when adding the USB-based dongle to the computer to gain
access and have the device running. Do you trust Israel-based servers?
Yes, the unit really does have an independent Linux server
on board.
![](GatekeeperPico_files/image010.png)
While the interface has some excellent graphics for
analog-looking functions and graphs for different functions, in reality, they
tend to be too "simplistic" with the browser interface. That is where
the Open Source SDK comes in so we can develop it further to meet our specific
needs and perhaps find holes that the original developers have not uncovered.
The
dongle doesn't show up on the desktop, so it is not looked at as a thumb drive,
but is recognized as a 2nd Ethernet adapter and the original
Ethernet system is disabled when the LAN cable is removed.
Could you do it cheaper without the unit and snazzy software
interface? Yes. USB Pendrive and either Damn Small Linux or Puppy Linux and use
Live CD Session to make the drive bootable, but it would not be
write-protected. And then you would need to load all the Shareware apps and
make them work. How valuable is your time?
I have eschewed most commercial security solutions for the
Mac, because they adversely affect performance.
This hardware device really doesn't, because it is using a
separate dedicated Intel (Bulverde) CPU - PXA270 - http://en.wikipedia.org/wiki/XScale
I'd like to be able to get behind the scenes and see how
Linux is functioning on this micro-computer. I'd like to know how to access the
other apps on the machine and make sure they are really functioning. I'd like
to be able to feel I have control and that there isn't some big brother in
Israel looking over my shoulder and monitoring my traffic without
authorization. I'm not too keen on things going on behind my back and this is
one of those.
It's bad enough that I'm tracked via my iPhone. I don't need
intelligence agencies watching my every move too. Just saying.
Kaspersky – Russian security software. Israel – Masoud. How do I know if
I can't even see the apps are working as advertised? I mean, come on, only one
Email address that is in the system to do filtering on?
Who's to say this isn't really a Trojan itself? Prove it
isn't so. Microsoft still has NSA code in MS Office.
Conclusion
I guess it all depends on how much security you think you
need if you spend a lot of time in airports waiting for planes or working in
Wi-Fi hotspots around the world and how vulnerable you may feel using those
Internetwork access systems.
If you are not a road warrior, you do not really need this
device. If however you have to have secure access to the Internet from
anywhere, this might be the ticket to gret you there in one piece without
compromise.
Meanwhile, I'm not giving up my Apple-based apps for
security anytime soon.
References: http://catless.ncl.ac.uk/Risks/21.29.html#subj15
German armed forces ban MS software, citing NSA snooping
http://www.tscmvideo.com/
The Red Balloon
http://www.bugsweeps.com/info/eavesdropping_detection.html
Eavesdropping Detection