WatchGuard XTM 535 review

Multi-Gigabit security appliances normally command premium prices but WatchGuard’s XTM 535 breaks with tradition by offering a high performance at SonicWALL beating value.

Price
£3,128

Anti-spam and web filtering

Setting up anti-spam measures is easy enough as you just enable and configure the POP3 and SMTP proxies within a policy. These use the Commtouch hosted service which we've always found delivers excellent spam detection rates.

Web filtering is applied using WebBlocker profiles within the HTTP and HTTPS proxies where you pick and choose from 56 URL categories and decide whether to block or allow them. You can tie alerts and logging actions to any transgressions and profiles can use the local override feature which allows users to enter a password to access a site that would normally be blocked.

There's nothing to configure for the gateway anti-virus as you merely enable it on selected policies. For IPS, you have five global threat levels where you choose drop, allow, log or alert actions for each one and apply them to policies.

WatchGuard's application controls are versatile as you can pick from a huge range of apps and at the most basic level, block or allow them. However, for many apps you can control specific activities. For example, for Facebook users you can decide whether they can login, edit their profile, chat, access web mail or transfer files.

WatchGuard XTM 535 - Websense

Websense looks after web content filtering and provides a database with 56 different categories

WatchGuard's Server Center

One feature that differentiates WatchGuard from the rest is its Server Center. This comprises separate WebBlocker, Report, Log and Quarantine services which we recommend loading before going any further.

Advertisement
Advertisement - Article continues below

Whereas much of the competition use hosted URL filtering services, WatchGuard's WebBlocker requires the Websense category database to be downloaded to the Server Center where the appliance accesses it locally. On-appliance logging and reporting is minimal so you'll need the Log and Report servers to gather more useful information.

The appliance also provides basic options for handling spam. If you don't use the separate quarantine server then spam and infected messages can only be deleted or tagged and passed on for processing by your mail server or client.

You can distribute the load by running each component on different systems but we found it easy enough to install them all on a single Windows 7 system.

WatchGuard XTM 535 - Server Center

You'll need to load up the Server Center components on a separate system to use WatchGuard's WebBlocker, quarantining and reporting features

Previously, you had to use the Windows Task Manager to automatically update the WebBlocker URL database but this is now run regularly every day at midnight. You can't change this schedule but you can manually run updates from the Server Center if required.

For reporting you need to set the appliance to send its logs to the log server. These are gathered by the report server which offers an extensive range of predefined reports which can be exported to HTML or PDF formats.

Conclusion

The combination of good value and high throughput makes the XTM 535 difficult to beat. It also offers an extensive range of security measures backed up by some big names. The additional Server Center components do mean it will require an additional host system to run them but their light footprint doesn't require it to be dedicated.

Verdict

The XTM 535 packs in an impressive range of security measures and offers a very high throughput for the price. It does take some practice to get the hang of configuring WatchGuard’s proxies and actions but we found they perform very well in the real world.

Chassis: 1U rack

Performance: 3Gbps firewall; 1.1Gbps UTM

CPU: 2.6GHz Intel Pentium E5300

Memory: 2GB RAM; 1GB Flash

Network: 6 x Gigabit, 1 x 10/100

Ports: USB, RJ-45 serial

Management: Web browser or WatchGuard software

Software: WatchGuard System and Firebox Manager plus WebBlocker, Report, Log and Quarantine servers

Options: Appliance and 3-yr Security Bundle, £5,017 ex VAT

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019