WatchGuard XTM 535 review
Multi-Gigabit security appliances normally command premium prices but WatchGuard’s XTM 535 breaks with tradition by offering a high performance at SonicWALL beating value.
WatchGuard's XTM 5 series of security appliances aim to offer enterprise level performance at a price SMBs can afford. It looks to have achieved this as the XTM 535 claims high 3Gbps firewall and 1.1Gbps UTM throughputs.
The appliance can be customised with additional security features and the price we've shown includes a full one year Security Bundle. This includes the LiveSecurity support and augments it with IPS, web content filtering, anti-spam, anti-virus, application controls, HTTPS inspection and WatchGuard's own reputation enabled defence.
Dell SonicWALL's NSA 4500 is a close competitor as this 1U appliance offers a 2.75Gbps firewall. However, upgrade it to the same level as a fully spammed XTM 535 and you can expect to pay nearly double.
A useful future proofing feature on the XTM 535 is the option to upgrade performance in situ. Applying a new feature key turns it into an XTM 545 which ups firewall and UTM throughputs to 3.5Gbps and 1.2Gbps respectively.
The web browser home page provides plenty of detail on the appliance's status and performance
Deployment and proxies
WatchGuard uses a range of third party providers for many of its security features and the guest list makes good reading. Commtouch steps up for anti-spam duties, AVG looks after gateway virus scanning, Websense handles web content filtering while intrusion prevention gets the BroadWeb treatment.
Installation has been streamlined with a wizard stepping through the initial setup process, registering the appliance and activating your subscriptions. The web interface is well designed and the home page provides plenty of detail on appliance performance, subscription status and security service activity.
You have a choice of three deployment methods and we found mixed-mode routing is the most flexible as it allows the Fast Ethernet and six Gigabit ports to be defined as separate interfaces. For minimal network interruption you can use the drop-in mode which places all the interfaces on the same subnet.
WatchGuard uses application proxies for each security service and choices include HTTP, FTP, SIP, H.323, POP3, SMTP and even HTTPS as standard. After configuring each proxy you apply them to selected network interface using policies and firewall rules.
From a single page you can keep a close eye on each proxy, run manual updates and see how they're performing
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now