Exclusive: WatchGuard Firebox Core X750e

Watchguard offers up an all-in-one security appliance for the more ambitious SMBs. We examine its features ease of use to see if it measures up.

Price
£2,286

From here, you then select your appliance and load the FireBox System Manager (FSM), which opens with an informative display using a star-shaped graphic to show traffic passing between the external interface and all the others plus colour coded bars for general traffic and the load on the appliance. It also provides some useful graphs and charts of traffic activity and bandwidth usage and you can see which clients have been blocked by the appliance. There's also a section for all the extra UTM features where you can run manual updates for the anti-virus, anti-spam and IPS features.

Next, you go to the separate Policy Manager, which can be fired up directly from either the WSM or FSM. This provides the tools to configure security and your choices range from application proxies, packet filtering and custom rules. The application proxies are WatchGuard's ace feature as these provide Layer 7 content inspection, anti-virus and IPS facilities and make the Fireboxes very versatile.

For messaging security you configure the POP3 and SMTP proxies where you can put thresholds on the maximum message sizes, apply anti-virus scanning and control what file attachments types are allowed in or out. For the latter you have the option to allow an attachment than matches your pattern, block it, or ask for it to be scanned for viruses. The Lock option could prove useful as this wraps an attachment so only the administrator can open it.

The SpamBlocker service can be activated for both messaging proxies although only the SMTP proxy supports the quarantine server. WatchGuard has teamed up with CommTouch which works alongside a number of ISPs allowing it to passively monitor mail messages and compute hashes for each one. This enables it to identify spam very quickly as it simply compares hashes with its own servers. Messages that trigger a response will receive either a confirmed spam, bulk and suspect message categorisation and you can use these to apply actions such as allowing, tagging, denying, dropping or quarantining.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

SurfControl looks after web content filtering duties and the number of categories available has gone from 40 up to 54 and the appliance can now handle HTTP and HTTPS URLs. The web proxies are easy enough to configure for blocking specific categories and we were able to send our clients customised web warning pages when they accessed blocked sites. We found SurfControl's performance to be impressive in the lab with very little slipping though its net.

Gateway anti-virus measures are handled by the open source ClamAV and can be configured for SMTP, POP3, HTTP, FTP, DNS and TCP-UDP proxies. The latter proxy can also be used for application blocking where it enables you to control the use of IM and P2P apps, although only five choices are provided for each category.

During testing we found the various features on the FireBox reasonably easy to configure and liked the fact that the application proxies make it particularly versatile. Distributing some services such as web content filtering and message quarantining does fly in the face of the concept of an appliance based solution but SMBs looking for a complete security solution will find the FireBox Core X750e particularly good value.

Verdict

The X750e Firewall appliance offers an impressive range of features for the price. Strong policy based security is enhanced with web content filtering and the improved reporting tools are particularly good, although the number of services that have to be run on other systems does complicate management.

Chassis: 1U rack

Processor: 1.3GHz Celeron M 320

Memory: 512MB 533MHz DDR2, 128MB CompactFlash

Accelerator: Cavium Nitrox Lite chip

Network: 8 x Gigabit Ethernet

OS: WatchGuard FireWare 10

Other: WatchGuard and Firebox System Manager utilities and WebBlocker, Report, Logging and Quarantine servers included

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Most Popular

Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/hardware/354193/buy-it-to-grow-not-slow-your-business
Sponsored

Buy IT to grow, not slow, your business

25 Nov 2019