WatchGuard XTM 25 Wireless Series Firewall Appliance
Extensible Threat Management for Growing Businesses
Sorry, this unit has been discontinued and is no longer available for purchase, replace by Firebox T15, T15-W, T20, T20-W, T40, T40-W, T80. You can also purchase available renewals below. End of Sale (EOS): 01 Jul 2016. End of Life (EOL) for the XTM 25 Wireless is 01 Jul 2021 - you will not be able receive support after this date even with a 1 Year contract.
More pricing below, click here!
Please Note: All Prices are Inclusive of GST
WatchGuard XTM 25 Wireless Series Overview:
Small businesses need big security, too, and the newest WatchGuard® XTM 2 Series firewall/VPN appliances deliver that strong protection - but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service. The XTM 25 and XTM 26 also provide the fastest throughput of any 2 Series models to date. Wireless models feature dual-band 802.11n for Wi-Fi with enhanced speed and responsiveness. Flexible, centralized management tools allow administrators to work from an intuitive console, scriptable CLI, and web UI. Any XTM 2 Series appliance, from the XTM 21 to the XTM 26, makes an ideal stand-alone security solution or VPN endpoint on a WatchGuard XTM network.
Faster, safe web surfing Add a simple subscription to Reputation Enabled Defense to your XTM solution and your organization will have faster web performance and even stronger security - with no additional hardware to buy. |
Wireless security with guest access Everyone loves wireless. With dual-band 802.11n the 2 Series delivers reliable wireless connectivity while allowing you to provide controlled Internet access to guest users without compromising security. |
Affordable security for small business Comprehensive network protection at a digestible price point - your network and your bottom line should be pretty happy about that. |
Multiple VPN choices Have flexible remote access options, including IPSec, SSL, and support for iOS devices such as iPhone, iPad, and iPod touch. |
3 ways to manage your appliance Now you have the power to choose how you manage your WatchGuard appliance including, WatchGuard System Manager, the command line interface, and a web UI for access from anywhere, anytime. |
Green security Our firewalls are designed with efficiency in mind, consuming very little energy. Compare our power consumption to other security products and see how WatchGuard can make your data center more energy efficient. Green up your network with WatchGuard. |
Hardware-less upgrades We won't make you buy new hardware as your security demands grow. You can use simple software license keys to add functionality and increase protection as your network requires it. |
Reporting made easy Monitoring and reporting tools, included at no extra cost, support compliance, with drill-down functions that make it easy to pinpoint specific activities. |
Application Control |
XTM Security Subscriptions:
Data Loss Prevention (DLP)
The DLP subscription prevents data breaches by scanning text and common file types in email, web, and FTP traffic to detect sensitive information attempting to exit the network.
- A built-in library of over 200 rules allows IT to quickly create and update corporate DLP policies.
- Built-in sensors are included for PCI DSS and HIPAA compliance mandates.
Application Control
Application Control has become an essential component of next-generation security. It protects the network and keeps users on the tasks that matter by blocking unproductive and inappropriate apps.
- Gain control over 2,000 web and business applications, using more than 2,500 unique signatures.
- Have complete visibility into applications used, with intuitive monitoring and reporting capabilities.
- Control usage of applications by category, application, or application sub-functions.
Intrusion Prevention Service (IPS)
By adding an IPS subscription, your network gains in-line protection from attacks, including buffer overflows, SQL injections, and cross-site scripting attacks.
- All ports and protocols are scanned to block network, application, and protocol-based attacks.
- Blocked sites list saves valuable processing time by dynamically blocking IP addresses that have been positively identified as the source of an attack.
WebBlocker
URL and content filtering are indispensable for controlling access to sites that host objectionable material or pose network security risks. These include known spyware and phishing sites.
- Configure over 100 web categories to stop the sites and web tools you most want to block, and enable access by user, group, domain, and need for maximum flexibility
- URL database is hosted in the cloud to simplify setup and administration. A local install option is also available.
Gateway AntiVirus
Scans traffic on all major protocols to stop threats before they can gain access to your servers and execute their dangerous payloads.
- Heuristic analysis identifies viruses and dangerous code that signatures can’t catch.
- Decompresses and scans all common formats, including .rar, .zip, .gzip, .tar, .jar, .chm, .lha, .cab. , .arj,
Reputation Enabled Defense
WatchGuard XTM is the only unified threat management system on the market that includes a powerful, cloud-based reputation lookup service to ensure faster, safer web surfing.
- Continuous updates keep current with dynamic web content and changing web conditions.
- Up to 50% of URL scanning can be skipped without compromising security, resulting in faster browsing times and greater throughput at the gateway.
SpamBlocker
Rely on spamBlocker’s industry-leading Recurrent Pattern Detection (RPD™) technology to detect spam outbreaks as they emerge for immediate, continuous protection from unwanted and dangerous email.
- Block spam regardless of the language, format, or content of the message - even image-based spam that other anti-spam products often miss.
- RPD identifies and blocks viral payloads for an additional layer of real-time anti-virus protection.
Flexible architecture blocks network threats while optimizing performance
WatchGuard’s UTM (unified threat management) platform is designed to allow network traffic to pass through a full suite of UTM services- from anti-spam protection to Data Loss Prevention-at top performance levels. Leveraging the power of multi-core processing, the platform runs all scanning engines simultaneously for maximum protection and blazing fast throughput. Resources are allocated based on the flow of data and the security services that data requires. For example, if web filtering needs more horsepower, additional processors are automatically applied so web traffic keeps moving and your business stays secure.
Managing subscriptions is easy
All security functionality on your WatchGuard XTM solution, including UTM subscriptions, can be managed from a single intuitive console.
Know what’s happening on your network at all times
- Any security activity identified by a service is logged and stored for easy reporting so you can take immediate preventive or corrective action.
- All management tools, including rich reporting and monitoring, are included with your WatchGuard XTM purchase. There is no additional hardware or software to buy.
Compare Models:
WatchGuard® Model | WatchGuard XTM 25/25-W | WatchGuard XTM 26/26-W |
---|---|---|
Ideal For | Remote offices, small businesses that need an affordable solution that easily upgrades to accommodate growth. Available in wired and wireless models. | Remote offices, small business, wireless hotspots that want an affordable, all-in-one security solution. Available in wired and wireless models. |
Hardware | ||
Model Upgradeable | to XTM 26/26-W | N/A |
Interfaces | 5 1GbE | 5 1GbE |
Security | ||
Application Proxies | HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323 | HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323 |
Intrusion Prevention (DOS, DDOS, PAD, port scanning, spoofing attacks, address space probes, and more) | ||
Wireless Models Only | 802.11b/g/n, WPA, WPA2, WEP, Wireless Guest Services | 802.11b/g/n, WPA, WPA2, WEP, Wireless Guest Services |
User Authentication with transparent Windows authentication | ||
Performance | ||
Firewall Throughput | 240 Mbps | 540 Mbps |
VPN Throughput | 40 Mbps | 60 Mbps |
AV Throughput | 95 Mbps | 142 Mbps |
IPS Throughput | 100 Mbps | 226 Mbps |
UTM Throughput | 80 Mbps | 108 Mbps |
Concurrent Sessions* (bi-directional) |
10,000 | 30,000 |
VPN Tunnels | ||
Branch Office VPN Tunnels (Max.) | 10 | 40 |
Mobile VPN with SSL/L2TP (Max.) | 11 | 25 |
Mobile VPN with IPSec Client Licenses (Bundled) | 5 | 5 |
Mobile VPN with IPSec Tunnels (Max.) | 10 | 40 |
VPN Authentication | ||
Management | ||
Optional Centralized (Multibox) Management. Optional licenses enable Drag and Drop VPN and one-touch appliance updates. | WatchGuard System Manager Device Upgrade license required. | WatchGuard System Manager Device Upgrade license required. |
Networking Features | ||
Dynamic NAT | ||
Static NAT | ||
One to One NAT | ||
VLAN | 50 | 50 |
Policy-Based Routing | ||
WAN Failover | ||
Multi-WAN Load Balancing | ||
Server Load Balancing | N/A | N/A |
Traffic Management/QoS | ||
High Availability Active/Active or Active/Passive | ||
Dynamic Routing | ||
VoIP (SIP and H.323) Support | ||
Additional Security Subscriptions | ||
Application Control | Optional | Optional |
Data Loss Prevention | Optional | Optional |
Reputation Enabled Defense | Optional | Optional |
spamBlocker with Virus Outbreak Detection | Optional | Optional |
Gateway AntiVirus/ Intrusion Prevention Service (IPS) |
Optional | Optional |
WebBlocker with HTTPS URL filtering | Optional | Optional |
LiveSecurity® Service | 1-year and 3-year subscriptions available | 1-year and 3-year subscriptions available |
*Concurrent sessions here represent the number of bi-directional connections.
Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration.
Detailed Specs:
XTM 25/25-W | XTM 26/26-W | |
---|---|---|
Throughput and Connections | ||
Firewall throughput | 240 Mbps | 540 Mbps |
VPN throughput | 40 Mbps | 60 Mbps |
AV throughput | 95 Mbps | 142 Mbps |
IPS throughput | 100 Mbps | 226 Mbps |
UTM throughput | 80 Mbps | 108 Mbps |
Interfaces 10/100/1000 | 5 copper | 5 copper |
I/O interfaces | 1 Serial / 1USB | 1 Serial / 1USB |
Nodes supported (LAN IPs) | Unrestricted | Unrestricted |
Concurrent sessions (bi-directional) |
10,000 | 30,000 |
New Connections per Second | 3,000 | 3,000 |
VLANs (bridging, tagging, routed mode) |
50 | 50 |
Authenticated users limit | 500 | 500 |
VPN tunnels | ||
Branch Office VPN | 10 | 40 |
Mobile VPN IPSec (incl/max) | 5/10 | 5/40 |
Mobile VPN SSL/L2TP (max) | 11 | 25 |
PPTP | 50 | 50 |
Model Upgradeable | ||
to XTM 26/26-W | N/A | |
Security | ||
Firewall | Stateful packet inspection, deep packet inspection, proxy firewall | |
Application Proxies | HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3 | |
Threat Protection | Blocks spyware, DoS attacks, fragmented packets, malformed packets, blended threats and more | |
VoIP | H.323, SIP, call setup & session security | |
Security subscriptions | Application Control, Reputation Enabled Defense, WebBlocker, spamBlocker, Gateway AntiVirus, Intrusion Prevention Service (available in the Security Bundle) | |
VPN & Authentication | ||
Encryption | DES, 3DES, AES 128-, 192-, 256-bit | |
IPSec | SHA-1, MD5, IKE pre-shared Key, 3rd party cert import | |
SSL | Thin client | |
L2TP | Works with native OS clients | |
PPTP | Server & Passthrough | |
VPN Failover | Yes | |
Single Sign-On | Transparent Active Directory Auth. | |
XAUTH | RADIUS, LDAP, Windows Active Directory | |
Other User Authentication | VASCO, RSA SecurID, web-based, local | |
Networking | ||
Operating System | Fireware XTM, upgradeable to Pro version | |
IP Address Assignment | Static, DynDNS, PPPoE, DHCP (server, client, relay) | |
Routing | Static, policy-based | |
Link Aggregation | 802.3ad dynamic, static, active/backup | |
QoS | 8 priority queues, diffserv, modified strict queuing | |
NAT | Static, dynamic, 1:1, IPSec NAT traversal, policy-based | |
Other Networking | Port independence, High Availability, multi-WAN failover, multi-WAN load balancing, transparent/drop-in mode | |
Management | ||
Management Platform | WatchGuard System Manager (WSM) v.11 or higher | |
Alarms and Notifications | SNMP v2/v3, Email, Management System Alert | |
Server Support | Logging, Reporting, Quarantine, WebBlocker, Management | |
Web UI | Supports Windows, Mac, Linux OS | |
CLI | Includes direct connect and scripting | |
Hardware | ||
Product Dimensions (wired models) | 6.1" x 7.5" x 1.25" (15.5 x 19.0 x 3.2 cm) | |
Product Dimensions (wireless models antennae extended) | 7.75" x 10.75" x 5" (19.7 x 27.3 x 12.7 cm) | |
Shipping Dimensions | 8" x 10.5" x 4" (20 x 27 x 10 cm) | |
Shipping Weight (wired) | 3.2 lbs (1.45 Kg) | |
Shipping Weight (wireless) | 3.6 lbs (1.6 Kg) | |
AC Power | 100-240 VAC autosensing | |
Power Consumption (wired) | Max 23.3 Watt (80 BTU/hr) | |
Power Consumption (wireless) | Max 24.0 Watt (82 BTU/hr) | |
Rack Mountable | No (wall mount bracket included) | |
Certifications | ||
Security | ICSA Firewall, ICSA VPN, CC EAL4+, FIPS 140-2 | |
Network | IPv6 Ready Gold (routing) | |
Safety | NRTL/C, CB | |
Hazardous Substance Compliance | WEEE, RoHS, REACH |
Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration.
Options & Upgrades:
Security Subscriptions
Data Loss Prevention (DLP) |
Application Control |
Reputation Enabled Defense Reputation Enabled Defense delivers a powerful, cloud-based URL reputation service that protects web users from malicious web pages, while dramatically improving web processing overhead. |
WebBlocker WebBlocker content and URL filtering subscription helps eliminate legal liabilities resulting from inappropriate web surfing, while increasing employee productivity and protection from web-based attacks. |
spamBlocker spamBlocker is the best in the industry at distinguishing legitimate communication from spam outbreaks in real time, blocking nearly 100% of unwanted emails and the viral payloads they carry. |
Gateway AntiVirus Gateway AntiVirusis a fully integrated, signature-based security subscription that identifies and blocks known spyware, viruses, trojans, and blended threats in real time. |
Intrusion Prevention Service |
LiveSecurity Service LiveSecurity Service, a high-value support and maintenance program that you activate online when you register your product. LiveSecurity delivers technical support, hardware warranty with advance hardware replacement, the latest software updates, and threat alerts. |
Documentation:
Download the WatchGuard XTM 2 Series Datasheet (PDF).
Download the WatchGuard XTM Subscriptions Datasheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
Our Price: Request a Quote
Our Price: Request a Quote