Netgear ProSecure UTM9S review
A UTM appliance with good anti-spam, handy WAN and wireless options and neat ReadyNAS integration
Review Date: 26 Jan 2012
Reviewed By: Dave Mitchell
Price when reviewed: With 3yr sub, £519 (£623 inc VAT)
Features & Design
Value for Money
Netgear’s UTM9S is a more flexible alternative to its standard ProSecure UTM appliances. A compact desktop box positioned between the UTM5 and UTM10, it’s the first to offer a pair of modular expansion slots and integration with ReadyNAS storage appliances.
Those other two model names indicate the number of users, but Netgear doesn’t apply per-user licences, so the UTM9S is probably good for at least 15 users. You get the same features as all the other UTM products, including an SPI firewall, IPS, Sophos antivirus, Mailshell anti-spam, Commtouch web filtering, and basic IM and P2P app blocking. It has claimed throughputs of 130Mbits/sec for its SPI firewall and 21Mbits/sec with antivirus scanning enabled.
ReadyNAS integration only requires an add-on to be installed on the storage appliance, and then it can be used by the UTM9S as a quarantine area and remote log store. We loaded the add-on on a ReadyNAS NVX, entered its IP address in the new tab in the UTM9S’s web interface and chose a name for the quarantine folder. During testing, we allowed the logs to build up over a week, and then turned the UTM9S off.
Previously, if you powered off a Netgear UTM appliance, all its logs and Flash-based graphs and statistics tables were lost, but when switched back on, the UTM9S checked the NVX and restored all logs, graphs and tables to their previous state. As all ProSecure UTM appliances function as transparent gateways, they can’t quarantine mail and malware, but this new feature solves the problem by offloading the task onto the NAS appliance.
The wireless module looks great value at only £34, and supports 802.11n Wi-Fi operations in either the 2.4GHz or 5GHz frequency bands. You create a single profile with your chosen security and encryption settings, and you can also apply MAC address filters. It doesn’t support multiple SSIDs.
The VDSL/ADSL2+ module is configured from the same tab in the web interface as the two Gigabit WAN ports. Setup is simple: an auto-detect function sorts out most of the settings, and you can use it as your primary WAN interface or link it with the Gigabit ports for auto-rollover or load balancing.
The appliance is a cinch to install, and for testing we dropped it between the lab’s LAN and internet connection. It’s a lot quieter than the UTM150, making it suitable for small office installation.
All the extra IM and P2P app controls introduced in the UTM150 are here, and Netgear has added a new entry specifically for Facebook. The Commtouch web-filtering service provides over 60 URL categories to block or allow, and this performed very well during testing.
For anti-spam testing, we left the appliance filtering live mail for two weeks, with suspect mail tagged but passed though to our Outlook clients. Using rules to move tagged messages to separate folders, we saw a high spam detection rate of 97.2% with no false positives.
The Netgear ProSecure UTM9S offers exceptionally good value, with the appliance and a three-year subscription costing a shade over £500 exc VAT. It provides a heap of top performing security measures, and the extra expansion slots make it the most versatile of all the ProSecure appliances.
Author: Dave Mitchell
- Will HP finally split into two companies?
- Chromebooks get version of Photoshop
- Toshiba beats retreat from consumer PC market
- Ellison steps down: but who's really running Oracle now?
- Microsoft set to make more job cuts
- Is Peter Pan panto tickets email genuine? Oh no, it isn't
- Intel triples Xeon E5 chip performance, adds DDR4
- Patch Tuesday targets critical IE flaw
- Microsoft refuses to hand over customer emails
- Microsoft yanks Windows 8.1 update after crash reports
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- How to set up a wireless hotspot for your business: give customers free or paid for internet access
- Five worst SMB security threats... and how to solve them
- Doing business in a social era
- How to configure SysLookup for your network
- The 18 best Outlook tips for increasing productivity: become an Outlook expert with these lesser-known tips
- Office: should you buy it, rent it - or dump it?
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office