WatchGuard Firebox T15 review

Perfect for small businesses, the Firebox T15 offers the toughest gateway security measures at a pocket-friendly price

Editor's Choice
Price
£429
  • Excellent value; Superb range of protection features; Great monitoring facilities
  • UTM features slightly drop firewall throughput

Stepping up as the new entry-point to WatchGuard's tabletop security appliance family, the Firebox T15 offers a set of features that belie its small stature. It's excellent value too, as it offers super-strength network security at a price small businesses will love.

WatchGuard's Total Security Suite subscription enables web content filtering, application controls, anti-spam, gateway antivirus (AV), network discovery, IPS and reputation enabled defence. It also activates data loss prevention (DLP), Dimension Command plus the advanced persistent threat (APT) blocker and includes a Gold Support subscription.

Advertisement - Article continues below

The T15 is no slouch in the performance stakes either as it boasts a high raw firewall throughput of 400Mbits/sec. Enabling gateway AV drops this by 120Mbits/sec and even with all UTM features running, it still musters a very respectable 90Mbits/sec.

Worry not about deployment as the subscription includes a free remote setup and configuration session with a WatchGuard in-house engineer. And if you choose to go it alone, the appliance's web console offers a wizard-based setup routine that creates a base set of firewall policies for securing internet access.

The T15 employs proxies to control different traffic types and on first contact, each one loads a wizard to help with initial setup. For web content filtering, we chose from 110 URL categories, added blocking actions for the HTTP and HTTPS proxies and left the wizard to add new firewall rules for our policies.

Advertisement
Advertisement - Article continues below

Spam control is a cinch; the spamBlocker wizard asked us to select incoming SMTP traffic and provide an internal mail server address or just activate IMAP or POP3. We chose the latter for transparent scanning where the POP3 proxy client was set to append the subject line of dodgy messages with 'Spam', 'Bulk' or 'Suspect' tags so we could filter them out using Outlook message rules.

Advertisement - Article continues below

Gateway AV scanning is enabled on selected proxies and you'll need this running if you want to apply APT protection. This scans incoming files, creates MD5 hashes and checks them with the LastLine cloud service to see if they're known malware.

Within selected policies, we could enable IPS and apply allow, drop or block actions based on five threat levels. DLP uses predefined and custom rules on the HTTP, FTP and SMTP proxies to check for keywords such as credit card or social security numbers.

WatchGuard's Application Control service has options for managing hundreds of apps and is perfect for businesses worried about Facebook's chicanery. You can block Facebook completely or use any of the 11 behavioural entries to decide, for example, who can post 'likes', comment, chat, edit their profile or upload media.

VPN support is tops as the T15 supports 5 site-to-site tunnels plus 5 mobile VPN clients. During setup, it also creates configuration files for Watchguard's Windows, iOS and Android clients plus the Shrew Soft VPN client.

Advertisement - Article continues below

A wireless version of the T15 is available while the base model we have can centrally manage WatchGuard's own APs. After pairing them with the appliance, you can assign SSIDs, enforce client isolation for guest networks and choose which security services to apply to wireless traffic.

Plenty of standard reporting tools are provided including the web console's traffic monitor and clever FireWatch display. We run WatchGuard's free Dimension software as a VMware VM and after adding the T15, we could keep an eye on all our Firebox appliances and view global threat maps, an executive dashboard and see what each security service was doing.

There's more; Total Security subscriptions include WatchGuard's RED (reputation enabled defence) service for even tougher web protection. Applied to the HTTP proxy, it sends user web requests to the RED cloud servers where they score them and instruct the appliance to either allow or block them.

Advertisement - Article continues below

The Firebox T15 is a remarkable little appliance that looks to have every security angle covered. Combine this prowess with its low price and it earns a well-deserved IT Pro Editor's Choice award.

Verdict

The Firebox T15 is a remarkable little appliance that looks to have every security angle covered. Combine this prowess with its low price and it earns a well-deserved IT Pro Editor's Choice award.

Desktop chassis 1GB RAM 3 x Gigabit (WAN, 2 x LAN) USB 2 RJ-45 serial port Fan-less cooling External PSU Web browser and Dimension management

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020