WatchGuard: Always On The Job

Emerging as the sentinels of this modern scourge are companies like WatchGuard, the Seattle-based manufacturer of appliances dedicated to inoculating computer networks from the spread of viruses. The company in November unveiled three new models in its XCS series of 1U appliances to provide small and midsize businesses with always-on protection from spam, viruses, spyware, phishing and other threats borne by e-mail.

The CRN Test Center received for review a pair of XCS 370s, the middle product in WatchGuard’s three-piece XCS lineup for the SMB.The XCS 370 lists for $5,500 and is designed to handle up to 500 users; the XCS 170 ($2,475) and XCS 570 ($8,500) have a respective rated capacity of 250 users and 1,000 users. Ongoing support costs $1,200 per year. There are no per-user fees, and all include access to the company’s ReputationAuthority, a cloud-based filtering system that eliminates as much as 98 percent of unwanted e-mail, according to claims. ReputationAuthority uses a combination of DNS blacklisting, analysis of IP traffic volume and behavior, and content inspection to do its job. And it does so before the content ever hits user networks. It also serves to alert deployed boxes of new threats in realtime.

Out of the box, XCS units are configured to stand alone, but with a few mouse clicks can be set to act as the primary, secondary or client node in a cluster. An unlimited number of XCS boxes can be deployed as cluster nodes for load balancing and failover redundancy, each backing up the others in an N+1 configuration, and all managed from a single (primary) node.

“You might have two boxes in New York, another in Canada and one in Japan,” said WatchGuard sales engineer Michael Guild during his visit to the Test Center. “They all have their own unique IP address, and any box can manage the cluster. So there’s no single point of failure and changes made to the first box are replicated to others in the cluster automatically.” Also, message queues are mirrored on every box, he explained, so if any box goes down, unprocessed messages on that box don’t remain that way. “That’s a unique feature,” Guild said.

The management interface, which Guild said is modeled after Microsoft’s Ribbon, organizes device functions into tabs for Status, Security, Configuration, Administration and Support, each with its own set of further categorized subfunction screens. For example, the Activity tab presents sections for Status, History, Queue/Quarantine, Reports and Logs. The interface might seem daunting at first, but testers quickly got used to its layout and snappy performance. Selecting an option presents a form below the ribbon in which settings can be input or selected from check boxes. Each option has a corresponding help button, which when hovered over provides information that’s actually helpful, rather than simply repeating the field’s label.

To simplify initial configuration, the WatchGuard appliance includes a wizard, but according to Guild, two key settings still need to be made manually to get the unit running. Doesn’t that defeat the purpose of a wizard? We just had to ask. “Yes, but those settings are in the setup guide,” Guild said. “It’s fixed in the next release,” he added, referring to version 9.1 of the XCS’ embedded software, expected this month. Still, there was a lot to like about the appliance and its software, including a snappy, responsive interface, built-in diagnostics, useful feature guidance and extensive online help (though not context-sensitive).

The XCS 370 runs cool and quiet. At its exhaust port -- its hottest point -- the unit measured 92 degrees; everywhere else it barely broke room temperature. The XCS 370 draws about 55 watts, its always-on fans make barely a whisper, and the unit’s bright red cabinet will stand out in data centers that are otherwise cloaked in black. For flat pricing that’s not user-based, a solid management interface and active and accurate filtering service, the XCS 370 from WatchGuard is a recommended product.

COMMUNITY: Connect with the CRN Test Center at community.crn.com.