Netgear ProSecure UTM 150 review
No worthwhile new features over the older ProSecure appliances, but it’s easy to deploy and good value for larger businesses
Review Date: 27 Jun 2011
Reviewed By: Dave Mitchell
Price when reviewed: £1,037 (£1,244 inc VAT)
Features & Design
Value for Money
When we reviewed Netgear’s little ProSecure UTM 5 appliance, its exceptional value and features made it a top choice for small businesses. The new UTM 150 aims to offer the same affordable security measures to larger businesses.
The hardware has a firewall throughput of 900Mbits/sec and is designed to handle 150 users. This is only a recommended limit, however, as Netgear doesn’t apply a costly per-user license – it can handle larger user bases if demand isn’t excessive.
The UTM 150 offers the same security features as the other family members. These include an SPI firewall, IPS, Sophos antivirus, Mailshell anti-spam, Commtouch web filtering, IM and P2P app blocking, plus IPsec and SSL VPNs.
It has four Gigabit WAN ports; choose one as your primary port and if it fails, the appliance will roll over to a secondary port. Alternatively, you can load-balance across all four WAN ports using either round robin or a weighting scheme based on the link speed and usage.
The appliance functions as a transparent gateway, so installation only takes a few minutes. It can be slipped in between your LAN and Internet connection. Bear in mind, Netgear has increased the cooling fan speeds so it’s noisy enough that you won’t want it sitting in the office.
The web interface is common to all ProSecure members, although Netgear has made some minor improvements. Compared to a UTM 50 we had in the lab, the UTM 150 has extra options in the application security menu for blocking the iTunes Music Store, Rhapsody, Quicktime, RealPlayer and Winamp. It can also block GoToMyPC remote control sessions, the Alexa Toolbar, Weatherbug and the Yahoo Toolbar. The dashboard screen has been updated to include counters for these services, and the traffic and real-time threat graphs are now Flash based.
The rest is unchanged. The firewall has two default rules for protecting inbound and outbound traffic and these can be customised to suit. As the appliance is a transparent gateway it can’t quarantine email, but it can apply black and white lists and RBLs, plus Mailshell’s distributed spam analysis. Inbound spam can be blocked, tagged or logged and infected attachments stripped out with a custom message placed in the subject line.
For anti-spam testing we left the appliance filtering live mail for two weeks, with suspect mail tagged but passed though to our Outlook clients. Using rules to move tagged messages to separate folders, we saw a respectable success rate of 95.4% with only five false positives.
Commtouch provides over sixty URL categories to block or allow, and this allowed very little through. IM and P2P controls aren’t as extensive as those offered by Cyberoam’s nifty little CR15wi, as you can only block or allow them.
All in all, although it’s noisy and the new service blocking options are of little extra value, the UTM 150 is a success. It offers the same ease of use and security features as Netgear’s lower-end ProSecure appliances, and the supported user base makes it an affordable option for larger businesses.
Author: Dave Mitchell
Problems with licensing in the UK
We've got a UTM5 which we bought last year. The license has just expired, and there appears to be no way to renew it in the UK...the Prosecure website only works for US and Canada customers.
This wouldn't be so much of a problem if the unit didn't STOP FUNCTIONING once the license expired.
Whilst you might expect not to be able to download updates to the UTM once the license has expired, it seems unreasonable that the whole thing just starts letter spam and viruses through.
Netgear should make this clearer in their sales literature.
By RedCitrus on 28 Sep 2011
I have highlighted your concerns with Netgear and hope to have a response back soon which will be posted in our UTM5 review.
Where did you purchase your UTM5?
By DaveMitchell on 28 Sep 2011
Netgear has said that you will be able to purchase a new license via your reseller.
By DaveMitchell on 30 Sep 2011
- Microsoft slashes custom XP support price
- Ubuntu LTS Server 14.04 extends cloud support
- Intel: PC sales are "encouraging"
- Google to rank encrypted pages higher
- Heartbleed: the race to reissue security certificates
- Dropbox boosts app line-up with Carousel and Mailbox for Android
- BlackBerry CEO says not selling off phones "any time soon"
- Microsoft halts business downloads of Windows 8.1 Update
- Raspberry Pi targets business with Compute Module
- Microsoft releases final patches for Windows XP
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Cut out the broadband jargon? What jargon?
- Office: should you buy it, rent it - or dump it?
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- Can Microsoft survive? The future of Office
- A real-world guide to business VoIP
- Sack your PA: how to stay on top of your work life
- Power lies with the internet giants, not the governments
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?
- The best Android antivirus apps for 2014
- Headings vs headers: how to use both in Word
- Windows Server 2012 R2: how the Datacenter edition could change SMBs