WatchGuard XTM 535 review
Multi-Gigabit security appliances normally command premium prices but WatchGuard’s XTM 535 breaks with tradition by offering a high performance at SonicWALL beating value.
WatchGuard's XTM 5 series of security appliances aim to offer enterprise level performance at a price SMBs can afford. It looks to have achieved this as the XTM 535 claims high 3Gbps firewall and 1.1Gbps UTM throughputs.
The appliance can be customised with additional security features and the price we've shown includes a full one year Security Bundle. This includes the LiveSecurity support and augments it with IPS, web content filtering, anti-spam, anti-virus, application controls, HTTPS inspection and WatchGuard's own reputation enabled defence.
Dell SonicWALL's NSA 4500 is a close competitor as this 1U appliance offers a 2.75Gbps firewall. However, upgrade it to the same level as a fully spammed XTM 535 and you can expect to pay nearly double.
A useful future proofing feature on the XTM 535 is the option to upgrade performance in situ. Applying a new feature key turns it into an XTM 545 which ups firewall and UTM throughputs to 3.5Gbps and 1.2Gbps respectively.
The web browser home page provides plenty of detail on the appliance's status and performance
Deployment and proxies
WatchGuard uses a range of third party providers for many of its security features and the guest list makes good reading. Commtouch steps up for anti-spam duties, AVG looks after gateway virus scanning, Websense handles web content filtering while intrusion prevention gets the BroadWeb treatment.
Installation has been streamlined with a wizard stepping through the initial setup process, registering the appliance and activating your subscriptions. The web interface is well designed and the home page provides plenty of detail on appliance performance, subscription status and security service activity.
You have a choice of three deployment methods and we found mixed-mode routing is the most flexible as it allows the Fast Ethernet and six Gigabit ports to be defined as separate interfaces. For minimal network interruption you can use the drop-in mode which places all the interfaces on the same subnet.
WatchGuard uses application proxies for each security service and choices include HTTP, FTP, SIP, H.323, POP3, SMTP and even HTTPS as standard. After configuring each proxy you apply them to selected network interface using policies and firewall rules.
From a single page you can keep a close eye on each proxy, run manual updates and see how they're performing
Four strategies for building a hybrid workplace that works
All indications are that the future of work is hybrid, if it's not here alreadyFree webinar
The digital marketer’s guide to contextual insights and trends
How to use contextual intelligence to uncover new insights and inform strategiesFree Download
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware riskFree Download
Building a modern strategy for analytics and machine learning success
Turning into business valueFree Download