Reviews

WatchGuard Firebox T30-W review

Affordable and packed to the gills with gateway security measures – a top choice for SMBs

Price
£942
  • Extremely simple deployment; Excellent security; Good value
  • spamBlocker doesn't offer quarantining

SMEs that want an on-premises network security solution will find WatchGuard's Firebox T30-W a great choice that won't be beaten for features and value. This tomato-red desktop box delivers every gateway security service they could possibly need and the icing on the cake is its integral wireless 11ac dual-band AP and wireless gateway controller for WatchGuard's own APs.

Prices start at only 942 which gets you the appliance and a one-year Security Suite subscription. This activates anti-virus, anti-spam, web content filtering, IPS, HTTPS inspection, application controls and WatchGuard's reputation enabled defence.

A one-year Total Security Suite subscription costs 1,323 and adds Watchguard's data leak prevention (DLP) and advanced persistent threat (APT) blocker services. Don't worry about deployment either as both suites includes a free remote setup and configuration session with a WatchGuard in-house engineer.

There's more, as WatchGuard's latest FireWare software adds geolocation, which allows traffic to or from specific countries to be blocked. The new threat detection and response (TDR) cloud subscription service uses locally installed host sensors to collect forensics data and provide policy-based endpoint protection for Windows servers and desktops.

The T30-W has five Gigabit ports for LAN, WAN and DMZ duties with the fourth LAN port PoE enabled. Performance looks good too, as the appliance claims top firewall and UTM throughputs of 620Mbits/sec and 135Mbits/sec.

Installation is swift, as the appliance's web browser wizard handed us secure internet access in five minutes. It also enabled the mixed routing mode where all ports appear as separate interfaces allowing different security policies to be applied to network segments.

WatchGuard uses proxies to control various traffic types and includes ones for HTTP, HTTPS, FTP, DNS, SIP, H.323, POP3 and SMTP. These are also much easier to set up now, as wizards guided us through configuring each proxy and applying actions.

For web content filtering, we chose from over 120 URL categories, added blocking actions for HTTP and HTTPS traffic and let the wizard create a firewall rule for our new policy. Gateway anti-virus is enforced simply by enabling it on selected proxies while the spamBlocker anti-spam measures use POP3 proxy actions to transparently scan traffic and tag qualifying emails as spam, suspect and bulk.

The spamBlocker service doesn't provide quarantining services so we needed to create email client rules to decide how to handle tagged messages. We could also scan traffic inbound to an internal mail server with an SMTP proxy action set to use the server's IP address.

The geolocation feature provides a global real-time map showing where traffic is emanating from or going to and blocking it is swift as you just click on the country area to turn it red. Controlling app usage doesn't get any easier either as the appliance has entries for over 1,800 including all popular social networks.

VPN services are excellent as the T30-W supports site-to-site IPsec tunnels plus mobile IPsec, PPTP and L2TP clients along with SSL VPNs. For mobile IPsec VPNs, the appliance creates a configuration file which provides quick setup of Watchguard's Windows, iOS and Android clients as well as the Shrew Soft VPN client.

Value gets even better as, unlike some appliance vendors, WatchGuard doesn't sting you for reporting software. On-appliance reporting includes the handy FireWatch feature and we use WatchGuard's free Dimension software on our VMware host to monitor and report on multiple Fireboxes.

Small and medium-sized businesses looking for seriously strong network protection at an affordable price will find WatchGuard's Firebox T30-W ticks all the boxes. It has all the best security features, can be customized to suit and is very easy to deploy.

Verdict

Small and medium-sized businesses looking for seriously strong network protection at an affordable price will find WatchGuard’s Firebox T30-W ticks all the boxes. It has all the best security features, can be customized to suit and is very easy to deploy.

Desktop chassis; 1GB RAM; 5 x Gigabit (PoE on LAN port 4); 2 x USB 2, RJ-45 serial port, external PSU; web browser and Dimension management

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

SonicWall warns of imminent ransomware campaign on VPN hardware
virtual private network (VPN)

SonicWall warns of imminent ransomware campaign on VPN hardware

16 Jul 2021
Zyxel USG Flex 100 review: Flexible gateway security
unified threat management (UTM)

Zyxel USG Flex 100 review: Flexible gateway security

15 Apr 2021
Veritas Access Appliance with IBM Spectrum® Protect
Server & storage

Veritas Access Appliance with IBM Spectrum® Protect

27 Nov 2020
Zoom starts rolling out end-to-end encryption for all users
encryption

Zoom starts rolling out end-to-end encryption for all users

27 Oct 2020

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
UK spy agencies supercharge espionage efforts with AWS data deal
cloud computing

UK spy agencies supercharge espionage efforts with AWS data deal

26 Oct 2021