Netgear ProSecure UTM9S review
A UTM appliance with good anti-spam, handy WAN and wireless options and neat ReadyNAS integration
Review Date: 26 Jan 2012
Reviewed By: Dave Mitchell
Price when reviewed: With 3yr sub, £519 (£623 inc VAT)
Features & Design
Value for Money
Netgear’s UTM9S is a more flexible alternative to its standard ProSecure UTM appliances. A compact desktop box positioned between the UTM5 and UTM10, it’s the first to offer a pair of modular expansion slots and integration with ReadyNAS storage appliances.
Those other two model names indicate the number of users, but Netgear doesn’t apply per-user licences, so the UTM9S is probably good for at least 15 users. You get the same features as all the other UTM products, including an SPI firewall, IPS, Sophos antivirus, Mailshell anti-spam, Commtouch web filtering, and basic IM and P2P app blocking. It has claimed throughputs of 130Mbits/sec for its SPI firewall and 21Mbits/sec with antivirus scanning enabled.
ReadyNAS integration only requires an add-on to be installed on the storage appliance, and then it can be used by the UTM9S as a quarantine area and remote log store. We loaded the add-on on a ReadyNAS NVX, entered its IP address in the new tab in the UTM9S’s web interface and chose a name for the quarantine folder. During testing, we allowed the logs to build up over a week, and then turned the UTM9S off.
Previously, if you powered off a Netgear UTM appliance, all its logs and Flash-based graphs and statistics tables were lost, but when switched back on, the UTM9S checked the NVX and restored all logs, graphs and tables to their previous state. As all ProSecure UTM appliances function as transparent gateways, they can’t quarantine mail and malware, but this new feature solves the problem by offloading the task onto the NAS appliance.
The wireless module looks great value at only £34, and supports 802.11n Wi-Fi operations in either the 2.4GHz or 5GHz frequency bands. You create a single profile with your chosen security and encryption settings, and you can also apply MAC address filters. It doesn’t support multiple SSIDs.
The VDSL/ADSL2+ module is configured from the same tab in the web interface as the two Gigabit WAN ports. Setup is simple: an auto-detect function sorts out most of the settings, and you can use it as your primary WAN interface or link it with the Gigabit ports for auto-rollover or load balancing.
The appliance is a cinch to install, and for testing we dropped it between the lab’s LAN and internet connection. It’s a lot quieter than the UTM150, making it suitable for small office installation.
All the extra IM and P2P app controls introduced in the UTM150 are here, and Netgear has added a new entry specifically for Facebook. The Commtouch web-filtering service provides over 60 URL categories to block or allow, and this performed very well during testing.
For anti-spam testing, we left the appliance filtering live mail for two weeks, with suspect mail tagged but passed though to our Outlook clients. Using rules to move tagged messages to separate folders, we saw a high spam detection rate of 97.2% with no false positives.
The Netgear ProSecure UTM9S offers exceptionally good value, with the appliance and a three-year subscription costing a shade over £500 exc VAT. It provides a heap of top performing security measures, and the extra expansion slots make it the most versatile of all the ProSecure appliances.
Author: Dave Mitchell
- Microsoft supercharges PowerPoint with Office Mix
- Microsoft and Nokia deal tweaked ahead of completion
- Microsoft slashes custom XP support price
- Ubuntu LTS Server 14.04 extends cloud support
- Intel: PC sales are "encouraging"
- Google to rank encrypted pages higher
- Heartbleed: the race to reissue security certificates
- Dropbox boosts app line-up with Carousel and Mailbox for Android
- BlackBerry CEO says not selling off phones "any time soon"
- Microsoft halts business downloads of Windows 8.1 Update
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Cut out the broadband jargon? What jargon?
- Office: should you buy it, rent it - or dump it?
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- Can Microsoft survive? The future of Office
- A real-world guide to business VoIP
- Sack your PA: how to stay on top of your work life
- Power lies with the internet giants, not the governments
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?
- The best Android antivirus apps for 2014
- Headings vs headers: how to use both in Word
- Windows Server 2012 R2: how the Datacenter edition could change SMBs