WatchGuard's Firebox X range of appliances is designed to cope with the needs of enterprises of all sizes.
Here, we're reviewing the X1000, which is physically identical to the X700 and X2500 (all have 1.26GHz Pentium III processors and 256MB RAM), but has a different license key, resulting in different performance – you can upgrade each model to the next level with a new key.
You will also need identical appliances to get the high-availability mode running.
Of all the products on test, it is probably the most attractive and the front panel contains an LCD, which shows warning messages and the firewall's current status.
It also comes with six Fast Ethernet interfaces; three are enabled out of the box – LAN, WAN and DMZ – but you can get the other three enabled via a license upgrade.
This is useful if you want a firewall to segregate and protect your internal network.
Unusually for an appliance, management is not through a web browser, but through WatchGuard's own Firebox System Manager instead.
This can be done using an IP connection or the serial port on the rear. This is not necessarily a bad thing, though, as the application is simple to use and gives you a local backup of configuration files. The System Manager also deals with installation well, even warning of weak passwords.
Control of the firewall is through proxies for well-known services including HTTP and SMTP. The stateful inspection engine, meanwhile, uses standard packet filtering rules for other services. You can also turn on intrusion prevention to help prevent attacks.
This model features support for 1,500 VPN tunnels and has software add-ons that include Gateway AntiVirus, WebBlocker Web Content Filtering and SpamScreen.
The Firebox X1000's base range of features are excellent for the price, while the firmware upgrades and additional software mean that it is able to grow with your needs.