WatchGuard XTM 830
March 01, 2013
$17,740, includes one year of support
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Outstanding feature set, powerful hardware, flexible device management options.
- Weaknesses: Expensive, requires client-server application to use some advanced features.
- Verdict: Well worth the expense for larger enterprises. Recommended.
While best known for its firewalls, WatchGuard is no slouch in the UTM space. As we detail below, its XTM 830, somewhat pricey, provides an excellent enterprise-grade perimeter defense against viruses, spam and other unwelcome traffic - and includes a number of other features all in one easy-to-administer device.
We began the setup process, as is usual for these types of devices, by connecting a specified interface to our LAN. After setting our workstation IP to fall within the default device network, we were able to access the product's web interface. Upon logging in with the default username and password, we were presented with a first-run setup wizard, which stepped us through a basic device configuration. After configuring the WAN and LAN interfaces - setting admin and read-only passwords, location information and time settings - we were given the option to activate the device online. Completing the activation process (a simple, one-click affair) unlocked all of our licensed features and this ended the configuration wizard. The elapsed time from unboxing the product to having a functioning perimeter gateway was approximately 10 minutes.
The XTM 830 is a centrally managed UTM with a rich feature set. While most device features are easily managed through its excellent web interface, the device's true power is only unlocked by setting up the WatchGuard System Manager, a client-server application which enables management of all WatchGuard devices in one's environment. The firewall works, as expected, with support for comprehensive rule sets, static network address translation (NAT) mapping and other standard features. Its signature-based IPS breaks threats out into critical, high, medium, low, and informational categories, and the signature database can be regularly updated on a predetermined schedule. Additionally, support is built in for signature exceptions, and notifications can be configured to be delivered via email or a simple network management protocol (SNMP) trap.
The WebBlocker feature is a content-filtering system that can be configured to use one of two website categorization database services: either the default, cloud-based Websense service or up to five locally hosted WebBlocker servers. User/group-oriented filtering rules are made possible through the device's AD/LDAP integration support, and RADIUS and SecureID are offered also.
WatchGuard has a reputation with us for providing excellent documentation and this product's documentation falls right in line with that expectation. Installation, quick start, and two versions of the administration guides, tailored to either the device's web interface or administered through WatchGuard System Manager, are available as downloadable PDFs from WatchGuard's support site. These are superbly organized with bookmarks, hotlinks, screen shots and diagrams where appropriate. The administration guides are also available as a web document hosted on the product's support site.
The XTM 830 is a pricey $17,740, which includes one year of plus-level support. This may be upgraded to gold for $2,430. Standard (12/5) support afterward costs $2,725 per year and gold is priced at $5,145 for one year.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Syrian Electronic Army redirects Gigya, briefly compromises media sites on Thanksgiving Day
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say