Skip to ContentSkip to Footer
IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
Reviews

WatchGuard Firebox T20-W review: Enterprise-grade protection for remote staff

This affordable desktop appliance is a great choice for protecting small offices and home workers

by: Dave Mitchell
21 Sep 2022
A photograph of the WatchGuard Firebox T20-W
Price
£1,508 exc VAT (Appliance with 3yr Total Security)
  • Strong performance
  • Robust local and cloud management options
  • Well-rounded security features
  • No Wi-Fi 6 support

The T20-W is the entry point of WatchGuard’s Firebox table-top security appliances, and is aimed primarily at small and home office deployments. It could also be a sound choice for larger businesses wanting to protect remote sites, as it offers cloud management and zero-touch deployment.

The latter is handled via WatchGuard’s RapidDeploy service: once you’ve register a new appliance with your support account, you can assign it a configuration file created from a local Firebox appliance. When the appliance is plugged in at the remote site, it grabs the file from your account and instantly starts providing protection.

For management, you can either use the local web console or enable full cloud management, which disables the local interface and provides remote access to all configuration settings. Whichever you choose, WatchGuard keeps the workload low with proactive protection: the ThreatSync service can collect and collate event data from multiple Firebox units, while DNSWatch blocks access to known malicious domains. The T20-W doesn’t support the IntelligentAV scanner found on other Firebox models like the M590, however – it’s too demanding for this appliance’s dual-core CPU.

Even so, the T20-W offers a good range of security measures. The price above includes a three-year Total Security subscription, which enables gateway antivirus, anti-spam, web content filtering, application controls, intrusion prevention services, an advanced persistent threat blocker and WatchGuard’s RED (reputation enabled defence) service – plus the aforementioned ThreatSync and DNSWatch features. All subscriptions include cloud management, and the Total Security licence includes log retention for up to 30 days.

Though compact, the T20-W offers a respectable range of connection options. Five Gigabit Ethernet ports handle WAN, LAN and DMZ duties, although there’s no PoE+ as found on the more powerful Firebox T40-W. Believe it or not, there’s built-in wireless too, although Wi-Fi 6 isn’t supported – you’re limited to Wave 1 802.11ac – and the 2.4GHz and 5GHz radios can’t be active simultaneously. Still, that will be fine for home workers, and if you need the extra performance of Wi-Fi 6 then the T20-W’s integrated wireless gateway can provision and manage WatchGuard access points such as the AP225W

Performance, too, should be ample for the target market: WatchGuard claims top firewall and UTM throughput rates of 1.7Gbits/sec and 154Mbits/sec respectively.

For testing, we registered the T20-W with our cloud account and initially chose local management. Even with this option active, the unit remains visible in the cloud portal, allowing you to monitor a wealth of detail about traffic, detected threats and responses.

The web console, meanwhile, provides wizards for configuring the various traffic proxies, which cover a whole range of protocols including HTTP, HTTPS, FTP, SIP, POP3 and SMTP. Enabling gateway AV and APT blocking are one-click manoeuvres, while the WebBlocker service presents 130 URL categories that can be blocked or allowed. Strict controls can also be applied to over 1,100 predefined apps, including all popular social networking services.

Moving to full cloud management is as easy as clicking a button in the device configuration page. We tried this and were happy to see the T20-W immediately reconfigured itself and provided full access to the full set of security services.

If wireless services are a priority then the Firebox T20-W might not be the ideal choice, but it’s bursting with security features, and WatchGuard’s swift deployment and cloud management make it ideal for extending enterprise protection to home workers.

WatchGuard Firebox T20-W specifications

Chassis

Fanless desktop chassis

CPU

Dual-core 1GHz NXP LS1023A CPU

Memory

2GB DDR4 ECC

Storage included

4GB eMMC

Network

5 x Gigabit Ethernet (WAN, 4 x LAN), 2.4/5GHz 802.11ac Wave 1 wireless

Other ports

2 x USB 2, RJ-45 serial port  

Management

Web browser and cloud management

Dimensions (WDH)

217 x 206 x 44mm

Weight

900g

Featured Resources

ZTNA vs on-premises VPN

How ZTNA wins the network security game

Free Download

The global use of collaboration solutions in hybrid working environments

How companies manage security risks

Free Download

How to build a cyber-resilient business ready to innovate and thrive

Outperform your peers in your successful business outcomes

Free Download

Accelerating your IT transformation

How Cloudflare is innovating for CIOs to start 2023

Watch now

Most Popular

Tech pioneers call for six-month pause of "out-of-control" AI development
artificial intelligence (AI)

Tech pioneers call for six-month pause of "out-of-control" AI development

29 Mar 2023
Getting the best value from your remote support software
Advertisement Feature

Getting the best value from your remote support software

13 Mar 2023
3CX CEO confirms supply chain malware attack
malware

3CX CEO confirms supply chain malware attack

30 Mar 2023