WatchGuard Firebox T15 review

Perfect for small businesses, the Firebox T15 offers the toughest gateway security measures at a pocket-friendly price

Editor's Choice
Price
£429
  • Excellent value; Superb range of protection features; Great monitoring facilities
  • UTM features slightly drop firewall throughput

Stepping up as the new entry-point to WatchGuard's tabletop security appliance family, the Firebox T15 offers a set of features that belie its small stature. It's excellent value too, as it offers super-strength network security at a price small businesses will love.

WatchGuard's Total Security Suite subscription enables web content filtering, application controls, anti-spam, gateway antivirus (AV), network discovery, IPS and reputation enabled defence. It also activates data loss prevention (DLP), Dimension Command plus the advanced persistent threat (APT) blocker and includes a Gold Support subscription.

Advertisement - Article continues below

The T15 is no slouch in the performance stakes either as it boasts a high raw firewall throughput of 400Mbits/sec. Enabling gateway AV drops this by 120Mbits/sec and even with all UTM features running, it still musters a very respectable 90Mbits/sec.

Worry not about deployment as the subscription includes a free remote setup and configuration session with a WatchGuard in-house engineer. And if you choose to go it alone, the appliance's web console offers a wizard-based setup routine that creates a base set of firewall policies for securing internet access.

The T15 employs proxies to control different traffic types and on first contact, each one loads a wizard to help with initial setup. For web content filtering, we chose from 110 URL categories, added blocking actions for the HTTP and HTTPS proxies and left the wizard to add new firewall rules for our policies.

Advertisement
Advertisement - Article continues below

Spam control is a cinch; the spamBlocker wizard asked us to select incoming SMTP traffic and provide an internal mail server address or just activate IMAP or POP3. We chose the latter for transparent scanning where the POP3 proxy client was set to append the subject line of dodgy messages with 'Spam', 'Bulk' or 'Suspect' tags so we could filter them out using Outlook message rules.

Advertisement - Article continues below

Gateway AV scanning is enabled on selected proxies and you'll need this running if you want to apply APT protection. This scans incoming files, creates MD5 hashes and checks them with the LastLine cloud service to see if they're known malware.

Within selected policies, we could enable IPS and apply allow, drop or block actions based on five threat levels. DLP uses predefined and custom rules on the HTTP, FTP and SMTP proxies to check for keywords such as credit card or social security numbers.

WatchGuard's Application Control service has options for managing hundreds of apps and is perfect for businesses worried about Facebook's chicanery. You can block Facebook completely or use any of the 11 behavioural entries to decide, for example, who can post 'likes', comment, chat, edit their profile or upload media.

VPN support is tops as the T15 supports 5 site-to-site tunnels plus 5 mobile VPN clients. During setup, it also creates configuration files for Watchguard's Windows, iOS and Android clients plus the Shrew Soft VPN client.

Advertisement - Article continues below

A wireless version of the T15 is available while the base model we have can centrally manage WatchGuard's own APs. After pairing them with the appliance, you can assign SSIDs, enforce client isolation for guest networks and choose which security services to apply to wireless traffic.

Plenty of standard reporting tools are provided including the web console's traffic monitor and clever FireWatch display. We run WatchGuard's free Dimension software as a VMware VM and after adding the T15, we could keep an eye on all our Firebox appliances and view global threat maps, an executive dashboard and see what each security service was doing.

There's more; Total Security subscriptions include WatchGuard's RED (reputation enabled defence) service for even tougher web protection. Applied to the HTTP proxy, it sends user web requests to the RED cloud servers where they score them and instruct the appliance to either allow or block them.

Advertisement - Article continues below

The Firebox T15 is a remarkable little appliance that looks to have every security angle covered. Combine this prowess with its low price and it earns a well-deserved IT Pro Editor's Choice award.

Verdict

The Firebox T15 is a remarkable little appliance that looks to have every security angle covered. Combine this prowess with its low price and it earns a well-deserved IT Pro Editor's Choice award.

Desktop chassis 1GB RAM 3 x Gigabit (WAN, 2 x LAN) USB 2 RJ-45 serial port Fan-less cooling External PSU Web browser and Dimension management

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020