WatchGuard XTM 830
Strengths: Outstanding feature set, powerful hardware, flexible device management options
Weaknesses: Expensive, requires client-server application to use some advanced features
Verdict: Well worth the expense for larger enterprises. Recommended
While best known for its firewalls, WatchGuard is no slouch in the UTM space. As we detail below, its XTM 830, while somewhat pricey, provides an excellent enterprise-grade perimeter defence against viruses, spam and other unwelcome traffic - and includes a number of other features all in one easy-to-administer device.
We began the setup process, as is usual for these types of devices, by connecting a specified interface to our LAN. After setting our workstation IP to fall within the default device network, we were able to access the product's web interface. Upon logging in with the default username and password, we were presented with a first-run setup wizard, which stepped us through a basic device configuration. After configuring the WAN and LAN interfaces - setting admin and read-only passwords, location information and time settings - we were given the option to activate the device online. Completing the activation process (a simple, one-click affair) unlocked all of our licenced features and this ended the configuration wizard. The elapsed time from unboxing the product to having a functioning perimeter gateway was approximately 10 minutes.
The XTM 830 is a centrally managed UTM with a rich feature set. While most features are easily managed through its excellent web interface, the device's true power is only unlocked by setting up the WatchGuard System Manager, a client-server application that enables management of all WatchGuard devices in one's environment.
The firewall works, as expected, with support for comprehensive rule sets, static network address translation (NAT) mapping and other standard features. Its signature-based IPS breaks threats out into critical, high, medium, low and informational categories, and the signature database can be regularly updated on a predetermined schedule. Additionally, support is built in for signature exceptions, and notifications can be configured to be delivered via email or a simple network management protocol (SNMP) trap.
The WebBlocker feature is a content filtering system that can be configured to use one of two website categorisation database services: either the default, cloud-based Websense service or up to five locally hosted WebBlocker servers. User/group-oriented filtering rules are made possible through the device's AD/LDAP integration support, and Radius and SecureID are offered as alternate authentication methods. VPN services are configurable with options for site-to-site or mobile IPsec, as well as site-to-site and mobile SSL, with mobile PPTP and L2TP options also available. Combined with the spam blocker and perimeter AV features, its WAN failover configurability and numerous other features, the XTM 830 has all bases covered.
WatchGuard has a reputation with us for providing excellent documentation, and this product's falls right in line with that expectation. Installation, quick start and two versions of the administration guides, tailored to either the device's web interface or through WatchGuard System Manager, are available as downloadable PDFs from the support site, and are superbly organised with bookmarks, hotlinks, screenshots and diagrams where appropriate.
WatchGuard includes the first year of support in the tool's initial product price, which includes 24/7 phone and email support and five support incidents. This is upgradable to the gold level support, which allows for unlimited incidents. WatchGuard also maintains an excellent support website, with links to its knowledgebase, online ticketing system, product documentation and user support forums.
WatchGuard XTM 830 is a pricey £14,150 for one year but we find its outstanding feature set make it well worth the price.