Unified Threat Management (UTM) appliances contain the security functionality of next-generation firewalls and secure web gateways but are designed for more granular control of small and mid-size business networks. A common problem with secure traffic processing is the degradation of throughput performance. With more security features enabled, the throughput rate decreases. Performance testing of UTM products helps identify which security services cause the worst throughput during high volume traffic scenarios.
Miercom was engaged by WatchGuard Technologies to conduct an independent, comparative performance assessment of its Firebox M370 against similar leading UTM network security appliances: SonicWALL NSA 2600, Fortinet FortiGate 100E and Sophos XG 210. All products were exposed to increasing traffic loads, with different protocols, while evaluating the impact on network performance.
Product comparisons were made using the following scenarios: baseline firewall, additional security features and full UTM mode. Firewall performance measured transport and application network layer traffic. Then security features were individually enabled to evaluate the impact on performance for HTTP and HTTPS loads. Finally, the full set of security functions was enabled (firewall, intrusion prevention system, antivirus and application control) over HTTP and HTTPS.
- Highest stateless traffic performance. Firebox M370 achieved the maximum throughput for stateless traffic at 6 Gbps for UDP 1518-byte packets and 4.1 Gbps for realistic UDP IMIX, exceeding competitive rates by as much as 94 percent.
- Most stateful HTTP throughput. The highest throughput was maintained for baseline and full security enabled, beating its competitors by as much as 94 percent.
- Superior encrypted traffic rates. With 960 Mbps throughput for baseline and 820 Mbps with full security for HTTPS traffic, the Firebox M370 provided 3 times more throughput.
Based on results of our testing, the WatchGuard Firebox M370 displayed exceptional performance, outperforming its competitors for stateless and stateful traffic throughput scenarios. Its high-rate performance with security features enabled earns it the Miercom Performance Verified certification.