WatchGuard Firebox M270 review: Top-notch security, rock-bottom price

A powerful security appliance that’s chock-full of tough protection measures and priced right for SMBs

Editor's Choice
Price
£2,743
  • Phenomenal value; Great management options; Strong range of security features
  • None to speak of

Small and medium sized businesses (SMBs) are now the go-to place for cyber-criminals as they're seen as soft targets. They need to stiffen their network defenses and WatchGuard has the perfect solution: its Firebox M270 offers enterprise-class security and performance at a sensible price.

Recommended for businesses with around 60 users, this 1U rack appliance boasts a high raw firewall throughput of 4.9Gbits/sec. Enabling gateway AV drops this to 2.1Gbits/sec and activating all UTM services cuts this to a still very respectable 1.6Gbits/sec.

Advertisement - Article continues below

The price we've shown includes the appliance and a one--year subscription to every security feature you can imagine. It enables web content filtering, application controls, anti-spam, gateway AV, network discovery, IPS, data loss prevention (DLP), Dimension Command and an advanced persistent threat (APT) blocker.

There's more: you also get WatchGuard's RED (reputation enabled defence) service for even tougher web protection. A Gold Support subscription tops it all off nicely and this includes a free remote setup and configuration session with a WatchGuard in-house engineer.

Not that the M270 is difficult to deploy. Far from it, as its web console runs a wizard-based setup routine that creates a base set of firewall policies for securing internet access.

The M270 employs proxies to control different traffic types and each one loads a wizard the first time you access them. Web content filtering takes two minutes to configure, where we chose from 130 URL categories, added blocking actions for the HTTP and HTTPS proxies and watched the wizard add new firewall policy rules.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Gateway AV comes courtesy of the Bitdefender scanning engine and can be enabled on selected proxies. You now get double protection from malware as the new IntelligentAV feature in Fireware 12.2 uses the Cylance AI-based engine.

IntelligentAV doesn't rely on signatures, and scans files such as Office documents, Windows portable executables and PDFs after they've passed through the Bitdefender engine. It's activated with one click and automatically applied to all proxies that have gateway AV enabled.

The new DNSWatch service adds even more web protection by monitoring client DNS requests and blocking access to known malicious domains. It's another service that's easy to enable and can be applied to all or specific network ports on the appliance.

If you're worried about Facebook sneaking in to the workplace, the M270 has you covered. The Application Control service manages access to hundreds of predefined apps and its 11 entries for Facebook mean you can block all usage or fine-tune access and decide, for example, whether staff can chat, like, comment, edit profiles or transfer files.

Advertisement - Article continues below

Spam filtering is easy to apply; the spamBlocker wizard asked us to select incoming SMTP traffic and provide an internal mail server address or just activate IMAP or POP3. We chose the latter for transparent scanning where the POP3 proxy client was set to append the subject line of dubious messages with "Spam", "Bulk" or "Suspect" tags so we could filter them out using Outlook message rules.

The DLP service scans files and emails looking for keywords and can be applied to the HTTP, HTTPS, FTP and SMTP proxies. We created a DLP sensor looking for a group of phrases and when we tried to send Word documents containing these to our external FTP site, the service blocked the transfer.

The M270 is a great choice for securing large remote or branch offices as multiple appliances can be remotely managed in the cloud or via the free Dimension software. We run Dimension in the lab as a VMware VM and after adding the M270, we could view global threat maps, an executive dashboard and see activities for all its security services.

Advertisement - Article continues below

The Firebox M270 dispels the notion that high UTM performance has to come at a high price. It offers a persuasive range of security measures and is ideal for SMBs that want the same protection as enterprises but at price they can afford.

Verdict

The Firebox M270 dispels the notion that high UTM performance has to come at a high price. It offers a persuasive range of security measures and is ideal for SMBs that want the same protection as enterprises but at price they can afford.

1U rack appliance 4GB RAM 8 x Gigabit (WAN, 7 x LAN) 2 x USB 3 RJ-45 serial port Web browser and Dimension management

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020