WatchGuard Firebox M200 review

A high-performance security appliance delivering enterprise-grade protection at an SMB-friendly price

IT Pro Recommended
Price
£2,548
  • Great price; Fast, easy deployment
  • Not quite as fast as claimed

Premium security appliances don't have to be expensive. WatchGuard's Firebox M200 has a raw firewall throughput of 3.2Gbits/sec, eight Gigabit Ethernet ports and the same features as WatchGuard's Enterprise unified threat management appliances for only 2,548, excluding VAT. Along with a standard SPI firewall and support for IPsec and SSL VPNs, you get IPS, web filtering, anti-spam, Gateway AntiVirus and WatchGuard's reputation-enabled defence.

The M200 is a doddle to deploy  we had secure internet access for our LAN users in less than ten minutes. It defaults to mixed routing mode, allowing us to configure its ports as separate interfaces, with their own IP address and DHCP services. This meant we could give each network segment its own firewall policy, designating them as "external", "trusted", "optional" or "custom". We gave each one a unique alias to use as network sources and destinations in the policies.

Proxies control HTTP, HTTPS, FTP, SIP, H.323, POP3 and SMTP traffic. These can be fiddly to set up, but the firmware helps, providing wizards for first-time configuration to clone predefined proxy actions and apply them to the security policy. You can choose on which proxies to enable Gateway AntiVirus, and set the M200

to decompress and scan archives. The optional advanced persistent threat (APT) blocker service costs an extra 845 for three years and applies to the HTTP, FTP and SMTP proxies. It scans incoming files for malware by checking their MD5 hashes against the Lastline cloud service. The data-leak prevention (DLP) module is also worth considering, at 411 for three years. Applied to the HTTP, FTP and SMTP proxies, it blocks data such as credit card numbers from being transmitted.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The anti-spam wizard helped set up a policy to tag spam, suspect and bulk messages, and the transparent POP3 proxy meant there was no need to define internal mail servers. The WebBlocker filtering service has 130 website categories, allowing you to block or permit each one. The v11.9.6 firmware adds additional social networking categories and tweaks performance. The latest v11.10 upgrade isn't available for the M200, so you don't get the new web interface sported by WatchGuard's bigger boxes.

The M200 is recommended for networks of up to 60 users and gave a decent performance in our tests. With the appliance hooked up to the lab's Ixia Xcellon-Ultra NP load modules, the IxLoad control software reported a steady throughput of 1.2Gbits/sec for a basic HTTP packet filter policy, dropping to 700Mbits/sec with IPS enabled. HTTP proxies have higher performance overheads, meaning the speed settled at 510Mbits/sec. Enabling IPS and GateWay AntiVirus saw this fall to 340Mbits/sec slower than WatchGuard claims, but still good.

WatchGuard also includes freeDimension software. Offered as a Hyper-V or VMware VM, it monitors multiple appliances' traffic and user activity. Testing the VMware version was easy: we simply pointed the M200's Log Server service at the VM. Dashboards provide drill-down graphs, the Policy Map shows real-time traffic flows and the Threat Map shows where a threat came from.

We were unable to reach WatchGuard's speed claims in our real-world tests, but the Firebox M200 has a persuasive range of security features. It's ideally suited to SMBs that want the same network security as enterprises at a sensible price.

This review first appeared in PC Pro magazine issue 253

Verdict

The Watchguard Firebox M200 is a fantastic choice for SMBs looking for professional security at a reasonable price.

Advertisement - Article continues below

1U rack chassis 

Quad-core 1.4GHz Freescale CPU 

2GB DDR3 RAM 

8 x Gigabit Ethernet

2 x USB 2 

RJ45 serial 

Web-browser management 

System Manager and Dimension software 

Hardware replacement warranty included

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020