WatchGuard Firebox M200 review

A high-performance security appliance delivering enterprise-grade protection at an SMB-friendly price

IT Pro Recommended
Price
£2,548
  • Great price; Fast, easy deployment
  • Not quite as fast as claimed

Premium security appliances don't have to be expensive. WatchGuard's Firebox M200 has a raw firewall throughput of 3.2Gbits/sec, eight Gigabit Ethernet ports and the same features as WatchGuard's Enterprise unified threat management appliances for only 2,548, excluding VAT. Along with a standard SPI firewall and support for IPsec and SSL VPNs, you get IPS, web filtering, anti-spam, Gateway AntiVirus and WatchGuard's reputation-enabled defence.

The M200 is a doddle to deploy  we had secure internet access for our LAN users in less than ten minutes. It defaults to mixed routing mode, allowing us to configure its ports as separate interfaces, with their own IP address and DHCP services. This meant we could give each network segment its own firewall policy, designating them as "external", "trusted", "optional" or "custom". We gave each one a unique alias to use as network sources and destinations in the policies.

Proxies control HTTP, HTTPS, FTP, SIP, H.323, POP3 and SMTP traffic. These can be fiddly to set up, but the firmware helps, providing wizards for first-time configuration to clone predefined proxy actions and apply them to the security policy. You can choose on which proxies to enable Gateway AntiVirus, and set the M200

to decompress and scan archives. The optional advanced persistent threat (APT) blocker service costs an extra 845 for three years and applies to the HTTP, FTP and SMTP proxies. It scans incoming files for malware by checking their MD5 hashes against the Lastline cloud service. The data-leak prevention (DLP) module is also worth considering, at 411 for three years. Applied to the HTTP, FTP and SMTP proxies, it blocks data such as credit card numbers from being transmitted.

The anti-spam wizard helped set up a policy to tag spam, suspect and bulk messages, and the transparent POP3 proxy meant there was no need to define internal mail servers. The WebBlocker filtering service has 130 website categories, allowing you to block or permit each one. The v11.9.6 firmware adds additional social networking categories and tweaks performance. The latest v11.10 upgrade isn't available for the M200, so you don't get the new web interface sported by WatchGuard's bigger boxes.

The M200 is recommended for networks of up to 60 users and gave a decent performance in our tests. With the appliance hooked up to the lab's Ixia Xcellon-Ultra NP load modules, the IxLoad control software reported a steady throughput of 1.2Gbits/sec for a basic HTTP packet filter policy, dropping to 700Mbits/sec with IPS enabled. HTTP proxies have higher performance overheads, meaning the speed settled at 510Mbits/sec. Enabling IPS and GateWay AntiVirus saw this fall to 340Mbits/sec slower than WatchGuard claims, but still good.

WatchGuard also includes freeDimension software. Offered as a Hyper-V or VMware VM, it monitors multiple appliances' traffic and user activity. Testing the VMware version was easy: we simply pointed the M200's Log Server service at the VM. Dashboards provide drill-down graphs, the Policy Map shows real-time traffic flows and the Threat Map shows where a threat came from.

We were unable to reach WatchGuard's speed claims in our real-world tests, but the Firebox M200 has a persuasive range of security features. It's ideally suited to SMBs that want the same network security as enterprises at a sensible price.

This review first appeared in PC Pro magazine issue 253

Verdict

The Watchguard Firebox M200 is a fantastic choice for SMBs looking for professional security at a reasonable price.

1U rack chassis 

Quad-core 1.4GHz Freescale CPU 

2GB DDR3 RAM 

8 x Gigabit Ethernet

2 x USB 2 

RJ45 serial 

Web-browser management 

System Manager and Dimension software 

Hardware replacement warranty included

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021