WatchGuard XTM 21-W review
WatchGuard's new SMB appliance offers plenty of security measures and is good value
Review Date: 5 Jan 2011
Reviewed By: Dave Mitchell
Price when reviewed: £599 (£719 inc VAT)
Features & Design
Value for Money
WatchGuard's latest XTM 2 series solves a major issue we've always had with its SMB security appliances. The new XTM 21-W introduces a completely new web interface that makes it much easier to manage.
WatchGuard products were previously managed using a complex concoction of utilities. The XTM 505 required the WatchGuard System Manager, Firebox Manager and five separate servers for management access, web filtering, message quarantining, logging and reporting.
The XTM 2 series has a web interface that provides access to monitoring and configuration, so all those components are no longer needed. URL category database updates, which previously had to run using Windows Task Manager, have also now been fully automated.
Installation is more streamlined. A big feature in the new firmware is application awareness, included as part of its Security Bundle subscription. This provides control over social-networking activities, so you can manage the login process for specific AD users and groups, decide if they can chat and control the use of Facebook's webmail.
IM apps come under its remit, so for Windows Live Messenger you can control logons, chat, file transfers and games. A big list of P2P apps is included, and for BitTorrent you can stop or allow logons and file transfers while remote-control apps such as RDP, GoToMyPC and LogMeIn can be effectively managed.
Wireless features are improved, too. The appliance supports 802.11bgn operations and can present up to three SSIDs. The guest SSID permits access to only the WAN port, but the other two can be set to bridge with any one of the appliance's network ports.
Rogue wireless AP detection is also new. We found it worked well, detecting more than a dozen APs in our vicinity, but it disables all SSIDs while it's running. However, you can schedule it to run outside working hours.
The appliance supports multiple AD domains, and IPS can be applied to any security policy, including packet filter rules. Commtouch handles anti-spam services, which we've always found delivers high detection rates, but messages can only be tagged, not quarantined. The excellent WebBlocker service provides more than 50 URL categories.
The web interface offers easy access to all the security services, allowing you to configure packet filters and custom firewall rules. There's a good choice of proxies for controlling specific traffic types, including HTTP, HTTPS, FTP, SIP, H.323, POP3 and SMTP.
Plenty of graphical information is provided. For report production you'll need the log and reporting servers, but these are included and don't require a dedicated Windows host.
Simplifying management makes the WatchGuard XTM 2 series far better suited to SMBs looking for a single appliance. The XTM 21-W comes a close second to Cyberoam's A-Listed CR15wi for value, offers an equally good security package, and its proxies and application awareness make it very versatile.
Author: Dave Mitchell
- UK Cloud Awards 2014: nominations now open
- BlackBerry says "we're still alive" as sales hit new low
- Has HP turned a corner?
- Adobe admits it's struggling to notify hack victims
- Microsoft rolls out Office 365 admin app for mobile
- Office 2013 Service Pack 1 to arrive early next year
- Backup the best defence against CryptoLocker
- UK SMBs can now buy ads on Twitter
- How long do hard drives actually last?
- Microsoft already patching "diskless" malware attack
- How to remove SkyDrive from the Windows 8.1 Explorer
- Switching from iPhone to Android? Switch off iMessage
- Why is Google pumping more money into Firefox?
- Sky Broadband Shield review
- Samsung Galaxy S4: how to double your battery life
- Motorola Moto G review: first look
- IBM Watson meets Willy Wonka
- Google’s support policies shove users towards Chrome
- Lenovo Yoga Tablet review: first look
- Michael Dell's reasons to be cheerful
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- Can Microsoft survive? The future of Office
- A real-world guide to business VoIP
- Sack your PA: how to stay on top of your work life
- Power lies with the internet giants, not the governments
- Software subscriptions return us to a life of servitude
- How to get a job in cloud computing
- Are today's tech start-ups simply get-rich-quick schemes?
- Choosing the right tablet for business
- Windows Phone App Studio: an easy way to create your first Windows Phone 8 app
- The end of Windows XP support: what it really means for businesses
- Don't rely on Chrome's password vault
- Using Buffer to manage your social media
- Microsoft needs its own Steve Jobs
- Forget credit cards: hackers want your Facebook account
- Can't get fast enough broadband? Here's what to do
- Leap Motion and the battle against UI stagnation
- How to build a really bad network
- Facebook Graph Search: don't panic
There are dozens of exciting prizes up for grabs on PC Pro Competitions. All our competitions are free to enter. Try your luck.ENTER NOW