Review: WatchGuard XTM2050

What is big, flexible, red and costs more than your average mid-range family sedan? Not a HSV—not quite that much—but this top of the range unified threat management (UTM) device (or in this case, XTM– the X presumably being a variable) is definitely in a high performance category. The XTM2050 from WatchGuard is one of a new breed of security devices that packs punch.

The XTM2050 device that was presented to Enex TestLab for testing came packed with 16 copper Ethernet interfaces 10/100/1000 (two modules of eight) and two fibre 10Gbps interfaces for a combined 20Gbps throughput. WatchGuard claims 10Gbps aggregated throughput with all security services enabled. As a one-stop core network security shop, an enterprise would be hard pressed to pass this by.

Once you reach this level of capability, technology isn’t cheap. But what is intimidating is the thought that you’re probably up for three or four of them. Your disaster recovery (DR) team would almost certainly demand a redundant hot spare to be available should anything go wrong with the primary unit. They’d probably be also pushing for a separate hot, or at least warm, DR site in a separate geographic location. So without too much architecture and planning, this mid-range family sedan could reasonably be more of a mini-fleet. Purchasing a fleet of big, red, flexible XTM2050s will be a sizeable investment.

Countering this is the XTM2050’s claimed mean time between failure (MTBF) of 90,408 hours, which is equivalent to 10.3 years running 24x7x365 (give or take the odd leap year). This includes fans and power supply. Theoretically, the life of this device will surpass the lease on the device, and you’d expect that advancements in network technology would ultimately make the device redundant before it fails.

So while an enterprise of the scale we’re talking here requires at least three, or more, XTM2050s to provide security for the core network infrastructure, cost should not be the primary focus.

Functionality and performance, leading to productivity is what is most important. At the end of the day, if an organisation is running 10Gbps, or multiples of this, they should be installing the best core technology, and they should be able to afford it.

This raises an often touted point these days in network, and (dare we mention it) the Cloud—where exactly is that neat perimeter segmenting a network from the evil other side? At this juncture we will also mention that the device carries the IPv6 ready logo.

The XTM2050 is obviously not designed as a gatekeeper between two sides, it has evolved to be a platform which can be configured in any number of ways, seamlessly working within and beyond an organisation’s secure network infrastructure.

With this device comes an acronym, “NGFW”—next-generation firewall. We think it’s a little strange for such a functional device to be called a firewall, next-generation or not, but we’ll leave that to the marketing boffins.

This is one of the first devices we’ve seen that claims suitability for managed security providers. It means security vendors such as WatchGuard can offer products to solution providers who sell security as a service—enabling businesses to outsource some of their security to external parties.

Physically, the device is beautifully laid out. It’s extremely well designed with plenty of ventilation. It has six rear-mounted fans, of which four are actually doubles. The two hard drives installed in our test unit were 500GB 7200RPM SATA 3Gb/s units. The front panel houses all of the interfaces as well as the status LEDs and a small LCD display.

Configuration, administration and management is via WatchGuard’s standard, easy-to-use, application interface.

Although we see this product best suiting large organisations, a mid-sized enterprise could benefit from a single XTM2050 configured correctly, supported by appropriate SLAs for repair/replacement. There is actually an impressive degree of integrated redundancy built into the unit. Realistically, if it’s setup correctly, you can manage for prospective points of failure, except the actual back-plane.

The XTM2050 has dual removable hard drives (readily accessed from the front), and there are dual removable power supplies (accessed from the rear), with three modular bays at the front to allow for combinations of network ports (and so redundancy should you require it).

The bottom line—a XTM2050 with NGFW bundle carries a MSRP of $54,995. The NGFW bundle includes application control, intrusion prevention, support and warranty for the first year.

The XTM2050 is undoubtedly worthy of evaluation, especially if you’re seeking long-term future proofing of your network security.

If your requirements are for high performance and exacting security services, a number of impressive options will provide really detailed insight into your network and activity.

Positive Points:

  • Great flexibility and functionality.
  • Performance, performance, performance—amazing.
  • Great levels of internal redundancy.
  • Consistency across the fleet, if you’re familiar with WatchGuard’s interfaces, the XTM2050 will be easy.
  • It’s red! Easily located.

Negative Points:

  • No locks on the removable hard drive bays — not a big concern, but this could be a last line of physical security.
  • It’s pricy once you start calculating the costs of provisioning spare devices, but then again, it’s the price of solid security and great performance.
  • It’s red, such a showy colour.

For vendor product information visit:

Join the CSO newsletter!

Error: Please check your email address.

More about Enex TestLabetworkWatchguard

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matt Tett

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts