Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The Firebox range is always easy to pick out of a group, with its trademark red casing. The unit ships with a full complement of hardware, some enabled through software licenses.
The XCore 2500 we received is a medium-sized version, with six 10/100 ports and a throughput rated to 300Mbps, which is a bit low for the price, although the unit does have a good collection of security features.
Connecting to the unit can be done over a network connection, via a serial port or a combination of the two. A QuickSetup Wizard runs, prompting for a choice of transparent or routed mode, and interface set-up and configuring internal web and mail servers.
Management is conducted via the WatchGuard System Manager software, a Windows-only utility which is good enough, but we would like to see it complemented by an OS-agnostic web or java GUI. There are actually two separate tools, the System Manager and a Policy Manager, which is used to create rules.
The basic firewall policies start off in a familiar NAT configuration – allow everything out and block any non-established connection in.
New rules are easy to set up, but because the system only allows one read/write admin connection at a time, linking from the System Manager to the Policy Manager resulted in failed connections until we got used to disconnecting and reconnecting in read-only mode before updating policies.
Actually working with policies was a bit laborious, requiring password confirmation for every change. And some required a reboot without an obvious reason why: we dislike restarting edge devices for anything less than very substantial updates.
Hostwatch, a third utility (why aren’t these all grouped with access limited by roles?) shows what sessions are currently active in a real-time graphical display. This can also play back historic data, to replay attacks or monitor activity: a nice touch.
Multiple Fireboxes can be clustered for high availability, although an extra license is required for this. VPN features include IPsec and WatchGuard’s proprietary Dynamic VPN which can tie branch office networks together with requirements to use internal proxies, for example.
Some features are interesting extensions to what other vendors provide, and for everyday use Firebox products perform solidly. But the management software is looking outdated and some functions feel awkward to manage. Updated, this would be a much stronger offering.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.