WatchGuard Firebox M200 review

A high-performance security appliance delivering enterprise-grade protection at an SMB-friendly price

IT Pro Recommended
Price
£2,548
  • Great price; Fast, easy deployment
  • Not quite as fast as claimed

Premium security appliances don't have to be expensive. WatchGuard's Firebox M200 has a raw firewall throughput of 3.2Gbits/sec, eight Gigabit Ethernet ports and the same features as WatchGuard's Enterprise unified threat management appliances for only 2,548, excluding VAT. Along with a standard SPI firewall and support for IPsec and SSL VPNs, you get IPS, web filtering, anti-spam, Gateway AntiVirus and WatchGuard's reputation-enabled defence.

The M200 is a doddle to deploy  we had secure internet access for our LAN users in less than ten minutes. It defaults to mixed routing mode, allowing us to configure its ports as separate interfaces, with their own IP address and DHCP services. This meant we could give each network segment its own firewall policy, designating them as "external", "trusted", "optional" or "custom". We gave each one a unique alias to use as network sources and destinations in the policies.

Proxies control HTTP, HTTPS, FTP, SIP, H.323, POP3 and SMTP traffic. These can be fiddly to set up, but the firmware helps, providing wizards for first-time configuration to clone predefined proxy actions and apply them to the security policy. You can choose on which proxies to enable Gateway AntiVirus, and set the M200

to decompress and scan archives. The optional advanced persistent threat (APT) blocker service costs an extra 845 for three years and applies to the HTTP, FTP and SMTP proxies. It scans incoming files for malware by checking their MD5 hashes against the Lastline cloud service. The data-leak prevention (DLP) module is also worth considering, at 411 for three years. Applied to the HTTP, FTP and SMTP proxies, it blocks data such as credit card numbers from being transmitted.

Advertisement
Advertisement - Article continues below

The anti-spam wizard helped set up a policy to tag spam, suspect and bulk messages, and the transparent POP3 proxy meant there was no need to define internal mail servers. The WebBlocker filtering service has 130 website categories, allowing you to block or permit each one. The v11.9.6 firmware adds additional social networking categories and tweaks performance. The latest v11.10 upgrade isn't available for the M200, so you don't get the new web interface sported by WatchGuard's bigger boxes.

The M200 is recommended for networks of up to 60 users and gave a decent performance in our tests. With the appliance hooked up to the lab's Ixia Xcellon-Ultra NP load modules, the IxLoad control software reported a steady throughput of 1.2Gbits/sec for a basic HTTP packet filter policy, dropping to 700Mbits/sec with IPS enabled. HTTP proxies have higher performance overheads, meaning the speed settled at 510Mbits/sec. Enabling IPS and GateWay AntiVirus saw this fall to 340Mbits/sec slower than WatchGuard claims, but still good.

WatchGuard also includes freeDimension software. Offered as a Hyper-V or VMware VM, it monitors multiple appliances' traffic and user activity. Testing the VMware version was easy: we simply pointed the M200's Log Server service at the VM. Dashboards provide drill-down graphs, the Policy Map shows real-time traffic flows and the Threat Map shows where a threat came from.

We were unable to reach WatchGuard's speed claims in our real-world tests, but the Firebox M200 has a persuasive range of security features. It's ideally suited to SMBs that want the same network security as enterprises at a sensible price.

This review first appeared in PC Pro magazine issue 253

Verdict

The Watchguard Firebox M200 is a fantastic choice for SMBs looking for professional security at a reasonable price.

1U rack chassis 

Quad-core 1.4GHz Freescale CPU 

2GB DDR3 RAM 

8 x Gigabit Ethernet

2 x USB 2 

RJ45 serial 

Web-browser management 

System Manager and Dimension software 

Hardware replacement warranty included

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019