The Firebox product line from WatchGuard are security appliances targeted to SME gateway deployments. Multiple models of the appliance are available across three general product lines (X Edge e-Series, X Core e-Series, and X Peak e-Series), ranging in throughput (firewall) from 100 Mb/sec to 2.3 Gb/sec.

Each of the X Edge, X Core, and X Peak e-Series appliances feature an SPI firewall with application inspection of HTTP, FTP, and POP3 traffic outbound/SMTP traffic inbound; support for protocol anomaly detection and malformed packet inspection; and support for pattern matching, fragmented packet reassembly protection and static blocked sources lists. Each additionally supports some combination of added (and optional) subscription-based services; including gateway anti-virus and intrusion protection; anti-spam; and URL filtering.

At the base of the platform are the X Edge e-Series appliances, which are available in regular wired configurations as well as versions including a built-in wireless access point for connectivity from wireless devices (802.11b/g). Each has 6 10/100 ports, with throughput rates listed at 35/100 Mb/sec (VPN/Firewall). Depending on the model purchased, concurrent session support ranges from 6,000 to 10,000; 1 or 5 mobile user VPN (IPSec) tunnel licenses are bundled with the purchase; and from 5 to 25 branch office VPN tunnels are supported.

The center offering of the product suite is the X Core e-Series appliance, which is also offered in several models ranging in performance and capacity. The X Core products add packet inspection for DNS traffic, and boast 4 10/100, 8 10/100, or 8 10/100/1000 ports. Throughput is 300+ Mb/sec to 1.5 Gb/sec (firewall) and 35 to 100 Mb/sec (VPN); while concurrent session support ranges from 25,000 to 200,000.

Finally, the top performing entries in the Firebox line are the Firebox X Peak e-Series appliances, which add basic TCP inspection to the firewall capabilities and each include 8 10/100/1000 ports (an additional model has 4 copper and 4 fiber ports). Performance is 2+ or 2.3 Gb/sec (firewall) and 400 to 600 Mb/sec VPN; while concurrent session support ranges from 500,000 to 1M.

Management of single and multi-box deployments of the Firebox is via the WatchGuard System Manager, downloadable from the vendor's Web site (Windows XP Pro/2000/2003).

New to the WatchGuard product line is the WatchGuard 3G Extend, which can be used in conjunction with the vendor's Firebox appliances and provides WAN connectivity via cellular networks. To use the Extend 3G, you install the PCMCIA/ExpressCard cellular modem provided by your cellular ISP into the device and then follow a setup process. The vendor states that over 50 modems from 2,000 ISPs are supported, and the device can provide both primary and failover WAN connectivity.

The Firebox appliance line is available now. Visit the WatchGuard Technologies Web site for further information. (Note that not all features described above may be available in all models; visit the vendor's Web site for details).

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about Firebox / 3G Extend

Suggest a link
for the Firebox / 3G Extend fact sheet