Netgear ProSecure UTM25S review

12 Mar 2013

Top value, performance and security features make the ProSecure UTM25S an excellent choice for small businesses on a tight budget

Price when reviewed: 
959(£958 inc VAT)
5

When Netgear launched the ProSecure UTM9S security appliance, its impressive performance earned it a Recommended award. It’s since become Netgear’s best-selling ProSecure product, and the firm has now decided to offer a more powerful version.

Along with the two expansion ports available in the previous model, the ProSecure UTM25S adds more security measures to the mix. We always felt the basic P2P and IM features in the UTM9S were a weakness, but Netgear has beefed them up with full-strength application controls.

Performance sees a modest improvement to 30Mbits/sec for HTTP traffic with antivirus scanning enabled, and 24Mbits/sec with all UTM features turned on. Where the UTM9S was good for up to 15 users, the UTM25S is aimed at SMBs with up to 30.

Netgear ProSecure UTM25S

This compact and quiet appliance also has Gigabit Ethernet all round, with four ports for LAN duties and two more for WAN connections, which also support load-balanced or failover teams. The two expansion slots sit next to these, and Netgear offers optional 802.11n wireless and VDSL/ADSL2+ modules.

Prices start at £307 exc VAT, which is for the appliance, SPI firewall and VPN support. The complete bundle, with a one-year subscription to all security services, costs £454; a three-year bundle costs a reasonable £799. Netgear partners with big names to deliver its services, with Sophos handling virus scanning, Commtouch looking after web filtering and Mailshell delivering anti-spam.

The new application controls are managed with either global or profile modes. The global mode supports one policy applied to all users, and the profile mode allows different policies to be applied to specific users via firewall rules. The spread of applications that can be controlled is impressive, and ranges from business apps such as SharePoint to a healthy selection of IM, P2P, file-transfer and mail programs, network protocols and social networking services.

Policies can contain multiple entries, many of which have their own individual controls. For example, MSN can be controlled by allowing login and chat, but blocking file transfer and games. We tested this with Windows Live Messenger and found it worked perfectly. You can also create various profiles for controlling bandwidth use, traffic metering and QoS. Any of these can then be applied to individual apps within a policy, making Netgear’s application controls highly versatile.

Netgear ProSecure UTM25S

Elsewhere, the UTM25S features updated monitoring tools. Along with the dashboard of Flash-based threat graphs, there are now pie charts and line graphs showing application-specific activity. There’s no internal storage, so if you turn the appliance off you’ll lose your logging data. However, as with the UTM9S, you can employ a ReadyNAS appliance as a remote log store.

To test performance we hooked the UTM25S up to the lab’s Ixia XM2 chassis equipped with Xcellon-Ultra NP load modules. For real-world speeds, you need to look at the HTTP figures quoted by Netgear; the faster quoted figures are achieved using lightweight UDP packets.

With an IxLoad test simulating multiple web clients accessing servers over HTTP, throughput with antivirus enabled was around 30Mbits/sec. With all UTM services for HTTP running, IxLoad reported averages of 23Mbits/sec, showing Netgear’s figures to be pretty accurate.

To test anti-spam, we left the appliance filtering live mail for two weeks, with suspect mail tagged but passed through to our Outlook clients. Using rules to move tagged messages to separate folders, we saw a spam detection rate of 98.3%, with only 0.4% false positives.

The optional wireless module is dual-band, but it’s either 2.4GHz or 5GHz; you can’t run it on both simultaneously. And, although you can create multiple SSIDs, only one can be active at a time. Performance is impressive, though: we saw speeds of 17.5MB/sec over a close-range 5GHz connection.

With the appliance and a three-year subscription to all security services costing £800, the ProSecure UTM25S is very good value. Combining this with an excellent range of security features and expansion options puts it firmly on the PC Pro A-List as our security appliance of choice.

Details

Price ex VAT £799

Ratings

Overall rating 5
Performance 5
Features & Design 5
Value for Money 6

Warranty

Warranty extra information Limited lifetime

Physical

Server configuration Desktop chassis

Networking

Gigabit LAN ports 4

Other

Software subscription options and pricing 3yr subscription