The newest member of Netgear’s ProSecure unified threat management (UTM) family, the UTM9S, delivers a lot more than just a firewall, providing additional protection against viruses, spam, phishing attacks and a variety of other malware, both in email and over the web. A VPN server is also built in for secure remote access and expansion slots for optional Wi-Fi and VDSL broadband modules. Plus, if there’s a Netgear ReadyNAS on the network, it can be used to both store activity logs and quarantine suspect messages.
Designed to address the security needs of the small business, the UTM9S sits towards the bottom of the ProSecure UTM line-up, just above the smallest UTM5 model. Installation is pretty straightforward with everything housed in a robust metal chassis, 1U high with fixings for rack mounting if required.
Power is delivered via a single integrated power supply, with the network interfaces conveniently arranged at the front, starting with four Gigabit ports for local network attachment. Two more are also to be found alongside for WAN connectivity, enabling the UTM9S to be used with an existing broadband modem/router. Added to which it’s possible to connect the appliance directly to broadband services using an optional DSL module designed to slide into one of two expansion slots, also on the front panel.
The DSL module is clearly offered to satisfy the needs of UK and other European markets where direct DSL connectivity is a common requirement. At £55 + VAT it does this very cheaply, plus it uniquely allows the appliance to be connected to the latest high speed VDSL services such as BT Infinity. However, you’re not just confined to VDSL; backwards compatibility to ADSL/ADSL2+ means it can be interfaced directly to the majority of DSL broadband services.
Our UTM9S was also fitted with a dual-band Wireless-N module (£34 + VAT) for integration with wireless networks. Again that makes it an affordable option and with backwards compatibility to other 2.4GHz and 5GHz standards, well worth having to better manage the security of Wi-Fi users.
Management is via the usual web-based interface, which we found very easy to navigate, although a lot of the security options were disabled to start with and a high level of technical expertise is required to configure them. Some wizards are provided to, for example, guide you through initial deployment and configure VPN clients, but we would have liked others to help with some of the other, more complicated, setup options.
On the plus side, blocking access to specific web sites was easy enough, as was stopping P2P file sharing and the use of services like iTunes, MSN Messenger and Facebook. But there’s a lot more on offer including comprehensive scanning of email and web traffic for malware, all of which needs to be properly configured and managed.
Netgear uses leading security tools including Sophos, Commtouch and Mailshell scanners to provide this protection, and these had no problem intercepting the test malware we threw at it. Netgear then adds its own stream scanning technology to minimise the impact on network performance and we certainly didn’t notice any effect when we deployed the UTM9S on our network, Netgear claiming a throughput of up to 130Mbit/s across its stateful inspection firewall and 21Mbit/s on average through the antivirus scanner. That’s more than enough for most small businesses, with more capable appliances available for those with greater needs.