Netgear ProSecure UTM25S review
Top value, performance and security features make the ProSecure UTM25S an excellent choice for small businesses on a tight budget
Review Date: 12 Mar 2013
Reviewed By: Dave Mitchell
Price when reviewed: £799 (£959 inc VAT)
Features & Design
Value for Money
When Netgear launched the ProSecure UTM9S security appliance, its impressive performance earned it a Recommended award. It’s since become Netgear’s best-selling ProSecure product, and the firm has now decided to offer a more powerful version.
Along with the two expansion ports available in the previous model, the ProSecure UTM25S adds more security measures to the mix. We always felt the basic P2P and IM features in the UTM9S were a weakness, but Netgear has beefed them up with full-strength application controls.
Performance sees a modest improvement to 30Mbits/sec for HTTP traffic with antivirus scanning enabled, and 24Mbits/sec with all UTM features turned on. Where the UTM9S was good for up to 15 users, the UTM25S is aimed at SMBs with up to 30.
This compact and quiet appliance also has Gigabit Ethernet all round, with four ports for LAN duties and two more for WAN connections, which also support load-balanced or failover teams. The two expansion slots sit next to these, and Netgear offers optional 802.11n wireless and VDSL/ADSL2+ modules.
Prices start at £307 exc VAT, which is for the appliance, SPI firewall and VPN support. The complete bundle, with a one-year subscription to all security services, costs £454; a three-year bundle costs a reasonable £799. Netgear partners with big names to deliver its services, with Sophos handling virus scanning, Commtouch looking after web filtering and Mailshell delivering anti-spam.
The new application controls are managed with either global or profile modes. The global mode supports one policy applied to all users, and the profile mode allows different policies to be applied to specific users via firewall rules. The spread of applications that can be controlled is impressive, and ranges from business apps such as SharePoint to a healthy selection of IM, P2P, file-transfer and mail programs, network protocols and social networking services.
Policies can contain multiple entries, many of which have their own individual controls. For example, MSN can be controlled by allowing login and chat, but blocking file transfer and games. We tested this with Windows Live Messenger and found it worked perfectly. You can also create various profiles for controlling bandwidth use, traffic metering and QoS. Any of these can then be applied to individual apps within a policy, making Netgear’s application controls highly versatile.
Elsewhere, the UTM25S features updated monitoring tools. Along with the dashboard of Flash-based threat graphs, there are now pie charts and line graphs showing application-specific activity. There’s no internal storage, so if you turn the appliance off you’ll lose your logging data. However, as with the UTM9S, you can employ a ReadyNAS appliance as a remote log store.
To test performance we hooked the UTM25S up to the lab’s Ixia XM2 chassis equipped with Xcellon-Ultra NP load modules. For real-world speeds, you need to look at the HTTP figures quoted by Netgear; the faster quoted figures are achieved using lightweight UDP packets.
With an IxLoad test simulating multiple web clients accessing servers over HTTP, throughput with antivirus enabled was around 30Mbits/sec. With all UTM services for HTTP running, IxLoad reported averages of 23Mbits/sec, showing Netgear’s figures to be pretty accurate.
To test anti-spam, we left the appliance filtering live mail for two weeks, with suspect mail tagged but passed through to our Outlook clients. Using rules to move tagged messages to separate folders, we saw a spam detection rate of 98.3%, with only 0.4% false positives.
The optional wireless module is dual-band, but it’s either 2.4GHz or 5GHz; you can’t run it on both simultaneously. And, although you can create multiple SSIDs, only one can be active at a time. Performance is impressive, though: we saw speeds of 17.5MB/sec over a close-range 5GHz connection.
With the appliance and a three-year subscription to all security services costing £800, the ProSecure UTM25S is very good value. Combining this with an excellent range of security features and expansion options puts it firmly on the PC Pro A-List as our security appliance of choice.
Author: Dave Mitchell
Comparison with Zyxel USG 50?
I was just about to settle on a Zyxel USG 50. It produced similar (better?) speeds when tested 18 months ago (http://www.pcpro.co.uk/reviews/security-appliance
s/369628/zyxel-zywall-usg-50) and seems cheaper - http://www.ebuyer.com/368083 - £340 for one year all-in. Recurring licences also seem cheaper.
I wonder if Dave or anyone else can comment on the relative merits?
By JimmyN on 13 Mar 2013
The UTM25S has better upgrade options with the wireless N and ADSL modules.
Netgear's anti-spam is far superior as the USG 50 we reviewed used DNSBLs which performed very poorly in our live tests.
By DaveMitchell on 13 Mar 2013
why doesn't 30 MBit make a bottleneck?
30 MBit/s throughput for the entire device would be much slower than many broadband connections? Or am I missing something?
By Roughrider on 18 Mar 2013
- Will the next Windows 8.1 update arrive next month?
- BT One Phone lets SMBs ditch landlines for mobiles
- Microsoft shows Modern apps running in desktop windows
- Apple and IBM buddy up for enterprise push
- Windows Phone 8.1 starts rolling out to Nokia phones
- Government broadband plans "lack ambition"
- SMBs get Office 365 price cuts, new plans
- Windows 7: you can keep it until 2020
- BlackBerry Passport's square for spreadsheets
- Microsoft to release six updates this Patch Tuesday
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- Windows Easy Transfer – not so "easy" in Windows 8.1
- Formula 1: what a difference virtualisation makes
- Office of the future: comfy chairs and tablets everywhere
- I went to Glastonbury and the only thing that got high was my smartphone
- Meet the robots helping teach children
- PaperLater: would you pay to print the internet?
- Amazon vs Kobo: how much to make the ebook switch?
- Phishing emails: how I nearly got caught out
- Five worst SMB security threats... and how to solve them
- Doing business in a social era
- How to configure SysLookup for your network
- The 18 best Outlook tips for increasing productivity: become an Outlook expert with these lesser-known tips
- Office: should you buy it, rent it - or dump it?
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?