Firebox X8000 Firewall 

This enterprise-class firewall bundles strong security features for your LAN and gateway needs. Pluses include a real-time monitoring, sound logging and easy configurability with lot of ports

Watchguard Firebox X8000 is designed for some serious
security. This firewall is meant for enterprise networks and data centers. The
Firebox has a nice LCD display and four buttons that can be used to initially
configure the device without connecting it to a system. For instance, you can
use it to set up the IP address of its interface.

It has three 10/100/1000 Mbps and seven 10/100 Mbps
interfaces. You can configure a maximum of four of these interfaces as external
or WAN interfaces. The X8000 provides port independence. That is, you can
configure any of its ports as internal, external or DMZ.
It also has a DB9 serial port to connect it to a console. Watchguard has
also added a USB port to the Firebox that doesn't have a use now but will have
some functionality in the future.

Available options

Watchguard Firebox has a lot of configuration options. All configuration is
performed through the Watchguard System Manager. With this, you can monitor all
the components of Firebox in real time. You can configure its firewall to block
spam and act as a gateway anti virus. The X8000 bundles a Web-content filter,
which can be configured with access schedules where users can be allowed or
denied access to different types of Web content.

Among the firewalls we have seen, the X8000 has an
impressive and effective signature-based intrusion detection and prevention
system. This system lets you block any IP addresses through which an attack is
in progress. It can also be configured to automatically block the IP address
that tries to access blocked ports.

The device has VPN support for mobile users and you can
create and manage VPN logins very easily from the same management interface. The
WatchGuard Firebox supports three forms of NAT namely: Dynamic NAT, Static NAT,
and 1-to-1 NAT. You can configure up to 64 different 1-to-1 NAT addresses.

A firewall is nothing without a good security policy. The
Watchguard Policy Manager includes a full set of pre-configured packet filters
and proxies, including those for VPN and mobile VPN. These policies would
suffice most common needs.

To test the device, we first had to reset it to factory
defaults and then re-configure it. Plus, the X8000 system needs a license key
before it starts working for you. This is to be done online. Once that was done,
however, the Firebox has a quick setup wizard that guides you through
configuring the rest of the options.

Test results

For testing this firewall, we connected one of its interfaces to the
external network and two of them to our internal network. To test it, we ran a
DoS (Denial of Service) attack from the external interface. This was detected
very easily and the packets were dropped. We were able to see the attack in the
real time on the log monitor of the Firebox.

Next, we decided to see how the Firebox would respond to an
attack fromthe inside. So, we ran the same DoS on its internal interface. The
result was exactly the same. Additionally, we ran some sniffers. These too were
detected by the X8000 and the attack was stopped. Our only disappointment was
that while it detected that the IP had been spoofed, it did not tell us the
actual IP address but reported the fake address in its logs.

Finally, we ran a brute force attack, also on its internal
interface. This was also detected and stopped in its tracks by the firewall.

Bottom Line: While the price is a little too high
for those who will buy it, the Firebox is definitely worth a buy for anyone who
is interested in getting some strong security features than just a simple
firewall.

Swapnil Arora