WinGate Pro: Top-of-the-line proxy server that comes with an e-mail server, spam filtering, and a full suite of plug-in features
Designed for the enterprise sharing an Internet connection on a LAN, WinGate Pro is one of the most complete proxy systems on the market. In addition to the top-of-the-line proxy server at its core, the server offers an e-mail server, spam filtering, and a full suite of plug-in features. But as thorough as WinGate Pro is, it’s not for the less technically savvy or the impatient.
Sharing an Internet connection on a LAN (whether in a home, a SOHO, or a small business) can be accomplished with a spectrum of approaches.
On one end is Microsoft XP, with its simple (“free”) route — a few clicks get it started right out of the operating system. However, in terms of usage and security there’s very little control over the who, what, where, or when.
At the other end of the spectrum are products that offer controls and depth of security, which do not come free. However, a good argument can be made that if an enterprise is going to the effort to protect a shared connection, then a program that has all the tools is the way to go. For this approach, WinGate Pro is a top contender among Windows-based proxy servers.
Developed by Qbik New Zealand, Ltd and marketed by Deerfield.com, WinGate Pro is one of the most complete systems available. But this comes at a price. To do the product justice requires reading the manual, some planning, and a certain amount of savvy about networks. WinGate has simplified the basic task so that the server can be set up at home with almost no manual tinkering. However, for a more secure system, encounters with the options involving NAT, WGIC, and proxies offer at least a clue that some knowledge is helpful.
What are NAT, WGIC, and proxies you ask? After you get through the installation procedure for the server, which takes all of 10 minutes, you’re at the point where you decide how you want to connect the other computers in the network (LAN). WinGate offers three approaches (or a combination). The simplest is the Network Address Translation (NAT), which is configured automatically on the server. NAT exercises control over outbound Internet communication and is friendly to software that uses standard ports (as most commercial software does).
What NAT doesn’t do is provide much internal LAN control, or inbound access protection. So WinGate offers the WinGate Internet Client, which must be installed on each computer using the LAN connection and potentially configured for specific applications.
For a network that has a lot of custom software (using unorthodox ports) or where it is necessary to tightly control external access, WinGate offers customizable proxy services. This requires editing IP addresses, which of course must be known in advance.
Getting the picture? We can’t do justice to a full explanation; the WinGate manual requires several sections. These options are one of the strengths of WinGate, but it is not a trivial task to understand them.
At the server level, most configuration is accomplished through the Gatekeeper. This is one of those tabbed, Windows-Explorer-type programs that provides access to an exceedingly large number of options and settings. Despite the volume, we found it well-organized and easy to use once you understand what’s possible.
The checklist of included features in WinGate is very complete. It has a built-in DNS/DHCP server. The proxy server (which, by the way, WinGate first introduced) provides numerous services that run a useful gamut from support for AOL connections to Real-Time Streaming Protocol (RTSP). The firewall capability offers very good monitoring and logging features. WinGate supports DSL, ISDN, cable, and most any other kind of Internet connection. Dial-up connections can be on-demand, automatic (even from the connected computers), or scheduled by the built-in system scheduler.
WinGate has good user management services, including the capability to load NT user lists, customization of access rules on a per-user and user group basis, and (our particular favorite) a database capability for users that provides in-depth configuration of user rules and policies.
From our testing, we believe that a fully configured WinGate Pro would have marginal benefits for an enterprise with a few computers on a dial-up connection (52K or less), but will serve quite well for almost any faster connection. Although WinGate can be installed on any computer within a LAN, the more users and the heavier the use, the more a dedicated server is appropriate.
In addition to providing features that are more or less common to other proxy servers, WinGate goes several steps further. The first is the inclusion of a basic mail server. While not intended to be a competitive stand-alone product (for example it doesn’t support IMAP 4), the mail server is appropriate in the context of Internet connection sharing on a relatively small network (LAN). WinGate VPN licensing is also included in the Pro and Enterprise versions of WinGate. This unusual feature underscores the flexibility and security orientation of WinGate.
WinGate Pro includes a single VPN server and a single VPN client, while WinGate Enterprise offers a more extensive VPN solution with a single VPN server, an unlimited gateway, and a remote client three-pack.
Two more add-on features round out the package: The GateFilter module provides content filtering for Web sites based on analysis of the site rather than using a blocking list or external database. The VisNetic AntiVirus package provides competent virus protection for all Internet connections and mail services.
One-year, upgradeable subscriptions for VisNetic AntiVirus and GateFilter are included in WinGate Pro and Enterprise, and six-month evaluations are included with WinGate Plus. GateFilter purchase pricing starts at $29.95 for a three-user, one-year subscription. VisNetic AntiVirus purchase pricing starts at $59.95 for a three-user, one-year subscription.
While there are products available with more depth for certain features (e.g., Kerio Mail Server has more anti-virus options), few have as comprehensive a range of features. Of course, to use all the WinGate capabilities requires more work and additional cost. Is it worth it? We think it is if the goal is to use server-based features to lower the cost on individual workstations (for example, you don’t need anti-virus software on every machine) and provide better control over access and security.
For these purposes we believe WinGate Pro 5 to be a top-of-the-list product.
Pros: Offers a very complete set of tools for filtering, de-spamming, and controlling Internet access;
comes with important inclusions, such as a mail server and VPN support
Cons: Manual and help systems are not written and illustrated for the non-technical
Reviewed by: Nelson King
Original Review Date: 1/2/2003
Original Review Version: 5.02.1