WatchGuard Firebox M270 review: Top-notch security, rock-bottom price

A powerful security appliance that’s chock-full of tough protection measures and priced right for SMBs

Editor's Choice
  • Phenomenal value; Great management options; Strong range of security features
  • None to speak of

Small and medium sized businesses (SMBs) are now the go-to place for cyber-criminals as they're seen as soft targets. They need to stiffen their network defenses and WatchGuard has the perfect solution: its Firebox M270 offers enterprise-class security and performance at a sensible price.

Recommended for businesses with around 60 users, this 1U rack appliance boasts a high raw firewall throughput of 4.9Gbits/sec. Enabling gateway AV drops this to 2.1Gbits/sec and activating all UTM services cuts this to a still very respectable 1.6Gbits/sec.

The price we've shown includes the appliance and a one--year subscription to every security feature you can imagine. It enables web content filtering, application controls, anti-spam, gateway AV, network discovery, IPS, data loss prevention (DLP), Dimension Command and an advanced persistent threat (APT) blocker.

There's more: you also get WatchGuard's RED (reputation enabled defence) service for even tougher web protection. A Gold Support subscription tops it all off nicely and this includes a free remote setup and configuration session with a WatchGuard in-house engineer.

Advertisement - Article continues below
Advertisement - Article continues below

Not that the M270 is difficult to deploy. Far from it, as its web console runs a wizard-based setup routine that creates a base set of firewall policies for securing internet access.

The M270 employs proxies to control different traffic types and each one loads a wizard the first time you access them. Web content filtering takes two minutes to configure, where we chose from 130 URL categories, added blocking actions for the HTTP and HTTPS proxies and watched the wizard add new firewall policy rules.

Gateway AV comes courtesy of the Bitdefender scanning engine and can be enabled on selected proxies. You now get double protection from malware as the new IntelligentAV feature in Fireware 12.2 uses the Cylance AI-based engine.

IntelligentAV doesn't rely on signatures, and scans files such as Office documents, Windows portable executables and PDFs after they've passed through the Bitdefender engine. It's activated with one click and automatically applied to all proxies that have gateway AV enabled.

The new DNSWatch service adds even more web protection by monitoring client DNS requests and blocking access to known malicious domains. It's another service that's easy to enable and can be applied to all or specific network ports on the appliance.

If you're worried about Facebook sneaking in to the workplace, the M270 has you covered. The Application Control service manages access to hundreds of predefined apps and its 11 entries for Facebook mean you can block all usage or fine-tune access and decide, for example, whether staff can chat, like, comment, edit profiles or transfer files.

Advertisement - Article continues below

Spam filtering is easy to apply; the spamBlocker wizard asked us to select incoming SMTP traffic and provide an internal mail server address or just activate IMAP or POP3. We chose the latter for transparent scanning where the POP3 proxy client was set to append the subject line of dubious messages with "Spam", "Bulk" or "Suspect" tags so we could filter them out using Outlook message rules.

The DLP service scans files and emails looking for keywords and can be applied to the HTTP, HTTPS, FTP and SMTP proxies. We created a DLP sensor looking for a group of phrases and when we tried to send Word documents containing these to our external FTP site, the service blocked the transfer.

The M270 is a great choice for securing large remote or branch offices as multiple appliances can be remotely managed in the cloud or via the free Dimension software. We run Dimension in the lab as a VMware VM and after adding the M270, we could view global threat maps, an executive dashboard and see activities for all its security services.

The Firebox M270 dispels the notion that high UTM performance has to come at a high price. It offers a persuasive range of security measures and is ideal for SMBs that want the same protection as enterprises but at price they can afford.


The Firebox M270 dispels the notion that high UTM performance has to come at a high price. It offers a persuasive range of security measures and is ideal for SMBs that want the same protection as enterprises but at price they can afford.

1U rack appliance 4GB RAM 8 x Gigabit (WAN, 7 x LAN) 2 x USB 3 RJ-45 serial port Web browser and Dimension management

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020