Netgear ProSecure UTM25S
Strengths: Low cost, included support, good feature set
Weaknesses: Ugly, clunky interface
Verdict: A great option for small businesses
Unified threat management solutions shouldn't be limited to large corporations with unlimited budgets. Netgear agrees, and offers its ProSecure UTM25S at a price point that should be attractive to small businesses.
We began the setup process by unpackaging the device and connecting one of its four local area network (LAN) interfaces to our network. After configuring a network interface on our administration workstation with an IP address of 192.168.1.2, we were able to reach the device's web configuration screen.
After logging in with the default username and password, we were presented with a basic system status screen displaying CPU/RAM utilisation and other statistics. Clicking on the 'wizards' link took us to a page that allowed us to begin a basic setup wizard, which guided us through configuring the LAN IPs, the WAN interface, connection to an network time protocol (NTP) server, basic service scanning and update scheduling. Once the wizard was complete, the system rebooted and came back up ready to begin protecting our network.
The ProSecure UTM25S offers a number of protections, including a firewall, email, web content and application filters, VPN services and anti-virus scanning. The content filter works as we'd expect, allowing for blocking based on category, keyword, file extension and URL black/whitelisting. Schedules can be set to expand or relax filtering rules and the website categorisation database is regularly updated. LDAP integration is supported, and installing the domain controller agent allows for single sign-on authorization, allowing administrators to be granular in the application of content filtering rules. A basic IPS is also included. It is signature-based and offers basic protections against port scans and DDoS attacks.
VPN setup is made easy with a set of wizards to assist with setting up IPsec and SSL VPN tunnels. Point-to-point tunnelling protocol (PPTP) and Layer 2 tunnelling protocol (L2TP) are also supported. Its two WAN interfaces allow for load balancing or WAN failover, and owners of two UTM25S can configure them into a high-availability cluster.
The device also supports a couple of add-on modules: a wireless LAN module can provide wireless services for five to 20 users in either the 2.4GHz or 5GHz band (but not both simultaneously), and the optional digital subscriber line (DSL) network module can be configured as the primary WAN link, or as a failover or load balancing link. Unfortunately, the interface administrators are required to use to control all of these great features is the device's main weak point, as it is clunky and simplistic. Even a simple hierarchal menu of features along the side would go a long way towards improving the device's usability. As it is, the interface feels cheap and belies the power that the device holds.
Netgear's product documentation is well done. Quick-start, installation and administrator's guides are available as PDFs on the included support CD and on Netgear's website. They are very detailed and well-organised with bookmarks, screenshots and diagrams where appropriate. We were pleased with the thoroughness of the system log and error message appendix in the administrator guide, which provided detailed explanations of log entries and remediation suggestions for error messages.
Netgear provides 24/7 phone and email support for the UTM25S, as well as next-day hardware replacement. In addition, the company maintains an online knowledgebase and user support forums.The ProSecure UTM25S is priced at c£458, which includes hardware, plus one year subscription).