A few weeks ago I mentioned the newly released Yoggie Pico security appliance. The Pico is actually a complete microcomputer based around the Intel PXA270 processor, which runs many of today’s smart phones and portable gadgets. When combined with some flash memory, Linux, and smart Windows drivers, the Pico becomes a self-contained security appliance running thirteen security applications.
- Adaptive Security Policy™
- Adaptive Security Policy™
- Multi-Layer Security Agent™
- Layer-8 Security Engine™
- URL Categorization & Filtering
- Transparent E-mail Proxies (POP3; SMTP)
- Transparent Web Proxies (HTTP; FTP)
- Intrusion Detection System / Intrusion Prevention System
- VPN Client
- Stateful Inspection Firewall
I have been lucky enough to get my hands on a Yoggie Pico to try out. Let’s see how it fares.
The Yoggie Pico comes in two flavours, Pro or Personal. The two variants are almost identical except the Pro has the ability to be managed centrally via the Yoggie Management Server (a black box appliance). In managed mode, multiple Yoggie appliances can be controlled from a central point; that’s bound to make any administrator’s life a little easier. The Yoggie Pico Personal offers all of the same protection as the Pro only without the capability to be managed remotely. I have the Pico Pro, but as I don’t have a management appliance, I’ll be running it in Standalone (Personal) mode.
So we have a nice list of the Pico’s features including Anti-Spam, Anti-Phishing, Antispyware, Antivirus and Intrusion Detection/Prevention. Why is that better than running one of the many software security suites like Norton, McAfee, Bitdefender, and so on? There are two reasons. The first is physical separation. Physical separation is the same concept employed on any LAN/WAN/corporate network. A network’s gateway will act as a first line of defence and is physically separate from the machines that it protects. The second reason for placing security tasks on a separate CPU is to take load away from the computer itself. Yoggie claims that one of the biggest contributors to the slowing down of a computer is the security software that’s trying to protect it. By offloading these tasks to a dedicated CPU, the Pico helps to take up the strain. The official line is: “All the security applications that you will need to completely protect your laptop work harmoniously inside Yoggie Pico.” I’m not sure I agree with that.
While it’s stated that the Pico will support both Linux and Mac OS X in the future, for the time being, I will have to test it under Windows. The Yoggie Pico supports both Windows XP and Vista so I decided to give it a go on my iMac, which can boot into Windows Vista (Ultimate) natively; thank you BootCamp! This is a ‘clean’ install and has not had any non-standard software loaded. I haven’t installed anything as I generally stick to OS X and run a virtualised instance of Windows XP as I really need to use Windows applications. The fact that there is nothing installed (not even anti-virus) means this machine is a perfect test bed for the Pico.
A one-year subscription to Kaspersky Desktop is included on the driver disc to provide extended protection. I’m actually a little baffled by this move as it seems to contradict the Yoggie sales pitch (you know–the Pico offloads security tasks to free up your CPU); more on that later.
Playing around with Yoggie Pico
Installation was surprisingly uneventful. I’m not going to run through every detail. I’m sure that anyone with the ability to double-click on an icon can manage to work it out! If you can’t then I would suggest checking out Adrian’s step-by-step installation gallery over at ZDNet. For those who want a more general idea of what’s involved:
- Stick the Yoggie Pico in a free USB port.
- When Windows detects the new hardware and offers to look for drivers, decline its offer.
- Insert the CD and select Install Yoggie Software & Driver.
- Follow the onscreen instructions.
- Log into the management console (right-click the taskbar icon).
- Select Corporate or Standalone mode, and enter registration details and licence-key.
The Yoggie drivers work by redirecting traffic from your network adaptors (wired or wireless) to the Pico and then back to the operating system, once it’s been filtered. If the Pico is removed, then all network traffic is stopped. The Yoggie drivers can be overridden and the Pico bypassed (whether it’s plugged in or not) from the taskbar application. A password is required to do this, so even if administrators don’t’ have access to a Yoggie Management Server, they can make sure that mobile users don’t ride the Internet bareback!
I decided that while the Pico seemed to be working as intended, I should still take precautions and install Kaspersky Desktop (and after all it was included for free). This is where my problems began! Some kind of conflict caused my lovely, clean Vista installation to blue screen within a few minutes of booting without fail. I couldn’t get any immediate help from Yoggie’s support so decided to troubleshoot for myself.
If I removed the Pico, the blue screens would stop. If I kept the Pico plugged in but disabled it (from the taskbar), then the blue screens stopped.
I suspected that Kaspersky was the cause but it didn’t make any sense seeing as Yoggie are actually distributing this with the Pico — somebody would have checked that they’re compatible, right? I even reinstalled Vista just to make sure it was as clean as I’d thought!
To cut a long story short — after some basic troubleshooting, I concluded that the issue was indeed due to a conflict between the Yoggie drivers and Kaspersky. Independently, both the Pico and Kaspersky worked wonderfully but as soon as both were installed and enabled at once — blue screen. Yoggie support are now looking in to my Vista minidump as this is an issue that hasn’t been encountered before.
Well, this isn’t an auspicious start, but I haven’t tested the device yet. Next week, I’ll follow up with the details of my testing scenarios and let you know how I score this new product.