July 12, 2011
£1,031 for appliance plus all services and maintenance for one year (exc VAT)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very easy deployment, four gigabit WAN ports, unlimited users, anti-spam and web filtering services perform well
- Weaknesses: UTM series manual needs updating, noisy cooling fans
- Verdict: No major improvements over the current ProSecure range, but the UTM150 offers plenty of security features for the price, making it good value for larger businesses
Netgear's ProSecure UTM appliances have traditionally targeted small businesses, but the UTM150 moves the focus up to larger companies. Along with a plug-and-go installation, it more than doubles performance over the older UTM50 model with firewall and anti-virus throughputs boosted to 900Mbps and 130Mbps respectively.
It looks good value; Netgear doesn't use a per-user licensing scheme and the model name only refers to the suggested number of supported users the hardware can handle. The subscription provides access to a choice selection of security services, which include an SPI firewall, IPS, anti-virus, anti-spam, URL category filtering, basic IM and P2P controls plus support for IPsec and SSL VPNs. The UTM150 also targets businesses that want multiple high-speed WAN connections with failover and load balancing. The older UTM50 has two Gigabit WAN ports; the UTM150 increases these to four.
Netgear has some well-known names on its guest list with Sophos looking after virus scanning, Mailshell handling anti-spam, and the well-respected Commtouch providing web-filtering services. The appliance also employs Netgear's own stream scanning technology, which uses multi-threading to provide near real-time scanning of network traffic.
The ProSecure UTM appliances all function as transparent gateways so we just slipped the UTM150 in between our test LAN and internet connection and we were ready to go.
Pointing a web browser at the appliance's default LAN IP address brings up a tidy web interface that on first glance looks common across all the UTM boxes. However, there are a few subtle differences between the UTM150 and its smaller ProSecure stablemates. The application security section has some additional features. None of these are documented but Netgear has added five extra services for blocking iTunes, Rhapsody, QuickTime, RealPlayer and Winamp. Although nothing to get excited about, you also get options for blocking GoToMyPC remote control sessions, the Alexa Toolbar, WeatherBug and the Yahoo! Toolbar. The monitoring section has also been changed, as the dashboard includes counters for the new services; the real-time threat and network traffic graphs are now Flash-based.
We also noticed the UTM150 is significantly noisier than the UTM50. The fans have clearly been ramped up to cope with the higher specification, but this is not an appliance you'll want near you in the office. Meanwhile, the manual hasn't been updated to cover the four WAN port modes, but you can choose a primary interface and, if it fails, have the appliance rollover to one of the other three interfaces. Load balancing distributes traffic across all active WAN ports and uses either round robin or weightings based on link speed and usage.
Traffic metering can also be enabled on any of the WAN ports. This enforces monthly upstream and downstream limits in MB and either blocks all web traffic or allows only email when these thresholds have been breached.
The appliance supports a wide range of authentication methods and so you can force users to login to the appliance before being allowed internet access. A global web access policy is applied to all users but this can be customised using exception rules assigned to specific domains on the appliance. Rules allow you to either block or allow specific web categories, applications or file extensions for a domain. Anti-spam options are extensive as, along with black and white lists and RBLs, you have Mailshell's distributed spam analysis, which offers five sensitivity levels. For SMTP you can tag, block or log spam messages, while for POP3 you can only tag them. Infected mail attachments can also be stripped out and a custom message inserted in the subject line, but no mail quarantine facilities are possible.
Sophos's virus scanning can be applied to SMTP, POP3 and IMAP protocols and all signature and database updates are automated with checks as often as every 15 minutes. HTTP, FTP and HTTPS traffic is also scanned, and adding the latter as a standard feature makes the UTM150 even better value.
The Commtouch web-filtering service provides more than 60 categories that you can block or allow. A default set of categories is blocked straight from the box, but these can be modified to suit and the web interface provides a handy look-up tool to check what websites are being classed under.
The UTM150 supports up to 150 site-to-site IPsec and 75 SSL VPN tunnels and, in both cases, wizards help set them up. For the latter, you use network objects to define the systems and services you want available for remote access; you can apply Radius, LDAP, AD or local authentication.
Apart from supporting a greater number of users, the UTM150 doesn't introduce any significant new features to the current ProSecure range. However, it is just as easy to deploy and offers an impressive range of security measures for the price.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime