Source: Tom's Guide US | Keywords: security, firewall | Themes: Laptops and Notebooks, Networking, The Internet
2. Yoggie Pico to the Rescue!
For mobile notebook clients, envision a 500-MHz miniaturized computer about the size of a pack of gum that integrates into the runtime environment on an existing computer attached to a network. This mini-computer offloads network processing tasks onto its hardware, thereby relieving the primary CPU to focus on other, more general computing tasks. It also provides direct coverage for its host computer, delivers firewall and intrusion detection capabilities alongside spam and spyware scanning and runs a Linux 2.6 kernel. Imagine that such a device is so thoughtfully designed it even prevents itself from becoming a vector of infection, disables network interfaces when lost or disconnected, and can be controlled through a centralized management server or through a management server that the vendor operates. And it doesn’t plug into any network jack-it needs just a single USB 2.0 port.
Yoggie Security Systems Yoggie Pico Pro is everything we’ve just described. In fact, the Pico Pro is an all-purpose plug-and-play security tool designed to protect personal computers or notebook PCs against most anything the Internet (and intranet) can throw its way. The Pico Pro is built around the Intel XScale PXA270 520-MHz chipset, which also powers other compact devices such as smart phones, GPS units and even the Dell Axim PDAs. This tiny CPU delivers a power rating equivalent to a Pentium 3 computer from the 1990s, which is more than sufficient for most network routing and traffic analysis tasks. And with 128 MB of on-board SDRAM, the Yoggie Pico Pro carries nearly as much memory as P3s from days of yore. Altogether, the Yoggie Pico can firewall network traffic, provide IDS protection against various forms of remote attack, thwart virus/spyware/spam payloads in real-time and employ behavioral and signature-based scanning engines (updated hourly) for serious protection. All told, the Pico offers a baker’s dozen (13) of security applications, which run atop Linux 2.6.
To prevent it from becoming a vector for network-born infections, the Yoggie Pico uses a dual-stage loading process that isolates the original factory-sealed OS from its real-time operating counterpart. The original image (Flash A) is loaded into working volatile memory (Flash B), and is then disabled. To all intents and purposes, Flash A is inaccessible to Flash B, and the latter stores acts as a security appliance only so long as the unit receives power. When power is lost or cut off, Flash B is wiped (along with any potential changes, malicious or otherwise) and network connectivity comes to a screeching halt. The Pico also maintains a separate, writable flash area to receive updates and process information in real time.
Click on thumbnail for a full-sized exploded view of the Yoggie Pico. Please note it features two sets of flash RAM, one of which is read-only to protect the Pico software from compromise or alteration.
This behavior may be turned off with an administrative password, and the unit itself is remotely monitored and controlled from a management server (one difference between the cheaper Pico and the Pico Pro we reviewed for this story is that the former only works with Yoggie’s own management servers, whereas the latter may be configured to work with an organization’s private management servers instead). The Yoggie is tiny for such a mighty network appliance-it’s literally no bigger than a pack of chewing gum. Though looks aren’t always important, this unit features a sleek, black-and-silver trim and is furnished with blue LEDs and status indicators. Although the Pico Pro is designed for notebook computers, we included a desktop system in our analysis as well for completeness’ sake. Because the Yoggie Pico Pro has no external power adapter, it draws on the USB 2.0 port for both power and data. This is clearly an advantage for mobile computing platforms and a convenience for desktop computers.
- Previous page The Urge to Miniaturize Networking...
- Next page Yoggie Pico Security Components, Fit...
Or wait... maybe you're just saying that those OSes are all completely secure and don't need anything else... riiiiiight.
That bit published by Google that malware can install just by visting a site is rather disturbing. Downloading and running a malware program is one thing, but just clicking on a link and getting infected should be blocked by a device like this. Does the pico block such attackS?
Or do I need to maintain my clean and dirty setups. One setup is only for known good sites or offline activity and it is unplugged while the dirty setup is online. Normally the dirty setup is clean, but the anti-virus software has been eaten before.
My laptop performance after the install is way beyond what I had expected. Before installing the Pico, opening an Excel spreadsheet from a LAN drive took over 1 minute (with Norton 360 installed). After the Pico install and uninstall of Norton, opening the same Excel document took less than 5 seconds!!! Another performance boost that I noticed was when I wake up my laptop (after about 30 min of inactivity) - it used to take a long time to fully wake up to the point where it was usable again (at lease a min or more - depending on how long it was inactive), where it is virtually instantaneous now.
I've been raving about this little device all day. So far, it ranks among my top 2 gadget purchases ever (right along side my Harmony Remote).
I highly recommend it.