WatchGuard Firebox T30-W review

Affordable and packed to the gills with gateway security measures – a top choice for SMBs

Editor's Choice
  • Extremely simple deployment; Excellent security; Good value
  • spamBlocker doesn't offer quarantining

SMEs that want an on-premises network security solution will find WatchGuard's Firebox T30-W a great choice that won't be beaten for features and value. This tomato-red desktop box delivers every gateway security service they could possibly need and the icing on the cake is its integral wireless 11ac dual-band AP and wireless gateway controller for WatchGuard's own APs.

Prices start at only 942 which gets you the appliance and a one-year Security Suite subscription. This activates anti-virus, anti-spam, web content filtering, IPS, HTTPS inspection, application controls and WatchGuard's reputation enabled defence.

A one-year Total Security Suite subscription costs 1,323 and adds Watchguard's data leak prevention (DLP) and advanced persistent threat (APT) blocker services. Don't worry about deployment either as both suites includes a free remote setup and configuration session with a WatchGuard in-house engineer.

There's more, as WatchGuard's latest FireWare software adds geolocation, which allows traffic to or from specific countries to be blocked. The new threat detection and response (TDR) cloud subscription service uses locally installed host sensors to collect forensics data and provide policy-based endpoint protection for Windows servers and desktops.

Advertisement - Article continues below
Advertisement - Article continues below

The T30-W has five Gigabit ports for LAN, WAN and DMZ duties with the fourth LAN port PoE enabled. Performance looks good too, as the appliance claims top firewall and UTM throughputs of 620Mbits/sec and 135Mbits/sec.

Installation is swift, as the appliance's web browser wizard handed us secure internet access in five minutes. It also enabled the mixed routing mode where all ports appear as separate interfaces allowing different security policies to be applied to network segments.

WatchGuard uses proxies to control various traffic types and includes ones for HTTP, HTTPS, FTP, DNS, SIP, H.323, POP3 and SMTP. These are also much easier to set up now, as wizards guided us through configuring each proxy and applying actions.

For web content filtering, we chose from over 120 URL categories, added blocking actions for HTTP and HTTPS traffic and let the wizard create a firewall rule for our new policy. Gateway anti-virus is enforced simply by enabling it on selected proxies while the spamBlocker anti-spam measures use POP3 proxy actions to transparently scan traffic and tag qualifying emails as spam, suspect and bulk.

The spamBlocker service doesn't provide quarantining services so we needed to create email client rules to decide how to handle tagged messages. We could also scan traffic inbound to an internal mail server with an SMTP proxy action set to use the server's IP address.

The geolocation feature provides a global real-time map showing where traffic is emanating from or going to and blocking it is swift as you just click on the country area to turn it red. Controlling app usage doesn't get any easier either as the appliance has entries for over 1,800 including all popular social networks.

Advertisement - Article continues below

VPN services are excellent as the T30-W supports site-to-site IPsec tunnels plus mobile IPsec, PPTP and L2TP clients along with SSL VPNs. For mobile IPsec VPNs, the appliance creates a configuration file which provides quick setup of Watchguard's Windows, iOS and Android clients as well as the Shrew Soft VPN client.

Value gets even better as, unlike some appliance vendors, WatchGuard doesn't sting you for reporting software. On-appliance reporting includes the handy FireWatch feature and we use WatchGuard's free Dimension software on our VMware host to monitor and report on multiple Fireboxes.

Small and medium-sized businesses looking for seriously strong network protection at an affordable price will find WatchGuard's Firebox T30-W ticks all the boxes. It has all the best security features, can be customized to suit and is very easy to deploy.


Small and medium-sized businesses looking for seriously strong network protection at an affordable price will find WatchGuard’s Firebox T30-W ticks all the boxes. It has all the best security features, can be customized to suit and is very easy to deploy.

Desktop chassis; 1GB RAM; 5 x Gigabit (PoE on LAN port 4); 2 x USB 2, RJ-45 serial port, external PSU; web browser and Dimension management

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

cloud computing

Google Cloud snaps up multi-cloud analytics platform for $2.6bn

13 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Microsoft Azure

Microsoft Azure is a testament to Satya Nadella’s strategic nouse

14 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020