IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
Reviews

WatchGuard XTM 535 review

Multi-Gigabit security appliances normally command premium prices but WatchGuard’s XTM 535 breaks with tradition by offering a high performance at SonicWALL beating value.

Price
£3,128
ITPRO Value award

WatchGuard's XTM 5 series of security appliances aim to offer enterprise level performance at a price SMBs can afford. It looks to have achieved this as the XTM 535 claims high 3Gbps firewall and 1.1Gbps UTM throughputs.

The appliance can be customised with additional security features and the price we've shown includes a full one year Security Bundle. This includes the LiveSecurity support and augments it with IPS, web content filtering, anti-spam, anti-virus, application controls, HTTPS inspection and WatchGuard's own reputation enabled defence.

Dell SonicWALL's NSA 4500 is a close competitor as this 1U appliance offers a 2.75Gbps firewall. However, upgrade it to the same level as a fully spammed XTM 535 and you can expect to pay nearly double.

A useful future proofing feature on the XTM 535 is the option to upgrade performance in situ. Applying a new feature key turns it into an XTM 545 which ups firewall and UTM throughputs to 3.5Gbps and 1.2Gbps respectively.

WatchGuard XTM 535 - Web browser

The web browser home page provides plenty of detail on the appliance's status and performance

Deployment and proxies

WatchGuard uses a range of third party providers for many of its security features and the guest list makes good reading. Commtouch steps up for anti-spam duties, AVG looks after gateway virus scanning, Websense handles web content filtering while intrusion prevention gets the BroadWeb treatment.

Installation has been streamlined with a wizard stepping through the initial setup process, registering the appliance and activating your subscriptions. The web interface is well designed and the home page provides plenty of detail on appliance performance, subscription status and security service activity.

You have a choice of three deployment methods and we found mixed-mode routing is the most flexible as it allows the Fast Ethernet and six Gigabit ports to be defined as separate interfaces. For minimal network interruption you can use the drop-in mode which places all the interfaces on the same subnet.

WatchGuard uses application proxies for each security service and choices include HTTP, FTP, SIP, H.323, POP3, SMTP and even HTTPS as standard. After configuring each proxy you apply them to selected network interface using policies and firewall rules.

WatchGuard XTM 535 - Management

From a single page you can keep a close eye on each proxy, run manual updates and see how they're performing

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud
Business strategy

BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud

31 Jan 2023