WatchGuard XTM 21-W review
WatchGuard's new SMB appliance offers plenty of security measures and is good value
Review Date: 5 Jan 2011
Reviewed By: Dave Mitchell
Price when reviewed: £599 (£719 inc VAT)
Features & Design
Value for Money
WatchGuard's latest XTM 2 series solves a major issue we've always had with its SMB security appliances. The new XTM 21-W introduces a completely new web interface that makes it much easier to manage.
WatchGuard products were previously managed using a complex concoction of utilities. The XTM 505 required the WatchGuard System Manager, Firebox Manager and five separate servers for management access, web filtering, message quarantining, logging and reporting.
The XTM 2 series has a web interface that provides access to monitoring and configuration, so all those components are no longer needed. URL category database updates, which previously had to run using Windows Task Manager, have also now been fully automated.
Installation is more streamlined. A big feature in the new firmware is application awareness, included as part of its Security Bundle subscription. This provides control over social-networking activities, so you can manage the login process for specific AD users and groups, decide if they can chat and control the use of Facebook's webmail.
IM apps come under its remit, so for Windows Live Messenger you can control logons, chat, file transfers and games. A big list of P2P apps is included, and for BitTorrent you can stop or allow logons and file transfers while remote-control apps such as RDP, GoToMyPC and LogMeIn can be effectively managed.
Wireless features are improved, too. The appliance supports 802.11bgn operations and can present up to three SSIDs. The guest SSID permits access to only the WAN port, but the other two can be set to bridge with any one of the appliance's network ports.
Rogue wireless AP detection is also new. We found it worked well, detecting more than a dozen APs in our vicinity, but it disables all SSIDs while it's running. However, you can schedule it to run outside working hours.
The appliance supports multiple AD domains, and IPS can be applied to any security policy, including packet filter rules. Commtouch handles anti-spam services, which we've always found delivers high detection rates, but messages can only be tagged, not quarantined. The excellent WebBlocker service provides more than 50 URL categories.
The web interface offers easy access to all the security services, allowing you to configure packet filters and custom firewall rules. There's a good choice of proxies for controlling specific traffic types, including HTTP, HTTPS, FTP, SIP, H.323, POP3 and SMTP.
Plenty of graphical information is provided. For report production you'll need the log and reporting servers, but these are included and don't require a dedicated Windows host.
Simplifying management makes the WatchGuard XTM 2 series far better suited to SMBs looking for a single appliance. The XTM 21-W comes a close second to Cyberoam's A-Listed CR15wi for value, offers an equally good security package, and its proxies and application awareness make it very versatile.
Author: Dave Mitchell
- AMD’s "Seattle" ARM chips set for 2014 release
- Adobe’s subscription-only Creative Cloud goes live
- BBC "misled" MPs over failed £100 million IT project
- Join the PC Pro Business Lunch for the finance sector
- MPs "shocked" Huawei-BT deal wasn't vetted
- Government wastes "three days a year" booting PCs
- Windows 8.1 brings back the Start button
- Microsoft connects Skype to Lync
- Cisco moves to block Microsoft-Skype deal
- Half of the UK’s biggest sites break cookie rules
- Adobe Dreamweaver CC review: first look
- Huawei Ascend P6 review: first look
- Adobe Illustrator CC review: first look
- Let MPs tell us what they really want ISPs to block
- Adobe Photoshop CC review: first look
- WWDC 2013 and iOS 7 launch: live blog
- Sony VAIO Pro review: first look
- Want child porn blocked? Meet the IWF
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Software subscriptions return us to a life of servitude
- How to get a job in cloud computing
- Are today's tech start-ups simply get-rich-quick schemes?
- Choosing the right tablet for business
- Best free antivirus for 2013
- The best business broadband: how to choose the right package
- Choosing your web hosting package: space, bandwidth, service-level agreements and email handling
- Windows Server 2012 features in-depth
- How to protect your business against spear phishing
- How to install virtual servers with Hyper-V
- Facebook "click on the photo" scams: how they work
- Three alternatives to Word's spelling and grammar checker
- Google two-step verification: a must for business email
- Microsoft Office and the death of upgrades
- The ICO's shame-faced u-turn on cookies
- Start8 and ModernMix: making Windows 8 work on a desktop
- How to boost your mobile reception
- How to fix Facebook: Social Fixer
- Taking the stress out of WordPress updates
- Where to download free web fonts
There are dozens of exciting prizes up for grabs on PC Pro Competitions. All our competitions are free to enter. Try your luck.ENTER NOW