FIREWALL TECHNOLOGIES KEEP GETTING BETTER, withfewer security holes, easier configuration, and many other features for just a few more coins. Two companies with a long history in this space, WatchGuard Technologies Inc. and Untangle Inc., have proof in the form of new security appliances (the T35-W and u50x NG, respectively) that impress us on multiple fronts.
One of many security appliance offerings from Seattle-based WatchGuard, the Firebox T35-W we tested sits toward the middle of the company’s product line, between the T15 on the lower end and the more powerful T55 and T70 on the other. Aimed at enterprises or smaller companies with an enterprise mindset, the T35-W offers high-end features, including botnet detection and data loss prevention, for a pretty low price.
Though the T35-W is all business, that doesn’t mean it’s not friendly. Just add the unit to the network, turn it on, and the browser admin console is ready to go. The clean and businesslike interface made selections easy and guided us through the installation. You do have to type in the serial number correctly (third time’s the charm) and give the geographic location for the threat detection and response function. Don’t mess this up—you won’t be able to change it later!
All the applications (subscriptions in WatchGuard-ese and available in one- and three-year terms) are preloaded and ready to go, except for UTM services, which come with a 30-day trial. This step follows the creation of an online WatchGuard account, so be sure a web connection is available first.
Setup of the Firebox T35-W is slightly more complicated than with the Untangle u50x, but the instructions are more detailed and easy to understand. Context-sensitive help pages download automatically from the internet, so they’re always up to date (or will be for as long as WatchGuard supports these units).
Once the installation is complete, the dashboard front panel places needed information at your fingertips. Configuring firewall policies can be difficult for those attempting to catch everything, but the accommodating interface alleviates some of the pain involved in that process. The default settings provide a good starting point, and you can gradually tighten up controls from there. If you’ve managed to perfect the configurations on another system, you can just copy that config file to each new Firebox and save a bunch of time.
Though small in size, the T35-W has a bigger feature list than you might expect. It includes a PoE Ethernet port for powering a Wi-Fi access point, and its speed was far faster than our SMB lab could properly test. The bright red box doesn’t exactly fade from view but is easy to overlook when everything is running smoothly and administration details are close at hand.