WatchGuard XTM 1525-RP Series Next-Generation Firewall
Fully Extensible, Enterprise-Class Protection & Productivity Safeguards
Sorry, this product is no longer available. Please contact us for a replacement.
WatchGuard XTM 1525 Series Overview:
With up to 25 Gbps firewall throughput and a blazing 10 Gbps VPN throughput, XTM 1500 Series next-generation firewalls are the answer to the large business's need for speed. The exceptional performance also allows you to integrate functions that previously required separate stand-alone appliances, so your business can securely run at maximum speed and efficiency at a lower cost. VPN failover, WAN failover, and High Availability features ensure that mission-critical data keeps flowing. Real-time monitoring and rich reporting are included at no additional cost. Flexible mobile VPN options enable your road warriors, virtual employees, collaborators, and other authorized users to connect to corporate resources from anywhere, at any time – even from personal devices like the popular Android and Apple iOS devices. You no longer have to sacrifice work-from-anywhere productivity to keep the network safe from threats.
|Always know what's happening on your network
Pinpoint significant network activities to take immediate corrective or diagnostic actions directly from the interactive, real-time monitoring. All logging and reporting functions also included with purchase.
|Unified security in a BYOD environment
Open the door to limitless productivity with tools to connect your people securely, even when they use personal devices like iPads and Androids. Anywhere, anytime secure access is today's greatest competitive edge.
Easily manage many appliances
High port density
3 ways to manage your appliance
Quick and secure setup
- Application-layer content inspection recognizes and blocks threats that stateful packet firewalls cannot detect.
- Powerful subscription-based security services boost protection in critical attack areas for multiple layers of defense. By partnering with leading technology providers, WatchGuard is able to integrate best-of-breed security components into one UTM platform for stronger security at big cost savings.
- Application Control keeps unproductive, inappropriate, and dangerous applications off limits.
- Intrusion Prevention Service delivers in-line protection from malicious exploits, including buffer overflows, SQL injections, and cross-site scripting attacks.
- WebBlocker controls access to sites that host objectionable material or pose security risk.
- Gateway AntiVirus (GAV) scans traffic on all major protocols to stop threats.
- spamBlocker delivers continuous protection from unwanted and dangerous email.
- Reputation Enabled Defense ensures faster, safer web surfing with cloud-based reputation
- Data Loss Prevention (DLP) automatically inspects data in motion for corporate policy violations.
Easy to Manage
- WatchGuard Dimension™ is a public and private cloud-ready security visibility solution that instantly turns raw data into security intelligence.
- Interactive, real-time monitoring and reporting – at no additional charge – give an unprecedented view into network security activity so you can take immediate preventive or corrective actions.
- Intuitive management console centrally manages all security functions.
- Fast, secure remote configuration and rapid deployment tools make it easy for large distributed enterprises and managed service providers to grow their businesses.
- Extend best-in-class UTM security to the WLAN by adding WatchGuard’s Wireless Access Points.
- Drag-and-drop Branch Office VPN setup – three clicks and your remote office is connected.
Highest UTM Performance in the Industry
- Firewall throughput of up to 35 Gbps to keep traffic moving.
- Best UTM throughput in its class – up to 10 Gbps – even with strong security enabled.
- No need to compromise protection for fast performance or vice versa. Multi-layered, interlocking security protects the network while throughput remains high.
- WAN and VPN failover provide redundancy for increased reliability.
- XTM 1525-RP and XTM 2520 models include four 10 Gb fiber ports, with 850 nm multimode SFP+ transceiver modules included for each interface.
|XTM 1520-RP||XTM 1525-RP|
|Throughput and Connections|
|Firewall throughput*||14 Gbps||25 Gbps|
|VPN throughput*||10 Gbps||10 Gbps|
|AV throughput*||8 Gbps||9 Gbps|
|IPS throughput*||11 Gbps||13 Gbps|
|UTM throughput*||6.7 Gbps||6.7 Gbps|
|Interfaces 10/100/1000||14 copper||6 copper
4 10G SFP+
|I/O interfaces||1 Serial / 2 USB||1 Serial / 2 USB|
|Nodes supported (LAN IPs)||Unrestricted||Unrestricted|
|New Connections per Second||70,000||135,000|
|VLANs (bridging, tagging, routed mode)||2,000||3,000|
|Authenticated users limit||Unrestricted||Unrestricted|
|Branch Office VPN||10,000||10,000|
|Mobile VPN IPSec||15,000||20,000|
|Mobile VPN SSL/L2TP||15,000||20,000|
|Firewall||Stateful packet inspection, deep packet inspection, proxy firewall|
|Application Proxies||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3|
|Threat Protection||Blocks spyware, DoS attacks, fragmented packets, malformed packets, blended threats and more|
|VoIP||H.323, SIP, call setup & session security|
|Security subscriptions||Application Control, Data Loss Prevention, Reputation Enabled Defense, WebBlocker, spamBlocker, Gateway AntiVirus, Intrusion Prevention Service|
|VPN & Authentication|
|Encryption||DES, 3DES, AES 128-, 192-, 256-bit|
|IPSec||SHA-1, MD5, IKE pre-shared Key, 3rd party cert import|
|L2TP||Works with native OS clients|
|PPTP||Server & Passthrough|
|Single Sign-On||Transparent Active Directory Auth.|
|XAUTH||RADIUS, LDAP, Windows Active Directory|
|Other User Authentication||VASCO, RSA SecurID, web-based, local|
|Operating System||Fireware XTM Pro|
|IP Address Assignment||Static, DynDNS, PPPoE, DHCP (server, client, relay)|
|Link Aggregation||802.3ad dynamic, static, active/backup|
|QoS||8 priority queues, diffserv, modified strict queuing|
|NAT||Static, dynamic, 1:1, IPSec NAT traversal, policy-based|
|Other Networking||Port independence, High Availability, multi-WAN failover, multi-WAN load balancing, transparent/drop-in mode|
|Management Platform||WatchGuard System Manager (WSM) v.11.7 or higher|
|Alarms and Notifications||SNMP v2/v3, Email, Management System Alert|
|Server Support||Logging, Reporting, Quarantine, WebBlocker, Management|
|Web UI||Supports Windows, Mac, Linux OS|
|CLI||Includes direct connect and scripting|
|Product Dimensions||16.5" x 17" x 1.75" (42 x 43 x 4.4 cm)|
|Shipping Dimensions||22" x 22.5" x 5.25" (56 x 56.5 x 13.3 cm)|
|Shipping Weight||20 lbs. (9 kg)|
|AC Power||100-250 VAC autosensing|
|Hot-Swap Power Supplies||2 redundant field-replaceable power supplies with integrated fan|
|Power Consumption||U.S. 130 Watts (max), 444 BTU/hr (max)|
|Rack Mountable||Yes (1U rack mount)|
|Security||Pending: ICSA Firewall, ICSA VPN, CC EAL4+
|Network||IPv6 Ready Gold (routing)|
|Hazardous Substance Compliance||WEEE, RoHS, REACH|
*Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration.
|WatchGuard® Model||XTM 1520-RP||XTM 1525-RP||XTM 2520|
|Ideal For||Main offices/headquarters that need strong security and a solution that offers room for growth.||Main offices/headquarters looking for fast throughput and strong security that grows with changing needs.||Main offices/headquarters that need enterprise-grade performance & security|
|Interfaces||14: 10/100/1000||6: 10/100/1000
4: 10G SFP+
4: 10G SFP+
|Application Proxies||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323|
|Intrusion Prevention (DOS, DDOS, PAD, port scanning, spoofing attacks, address space probes, and more)|
|Wireless Models Only||N/A||N/A||N/A|
|User Authentication with transparent Windows authentication|
|Firewall Throughput||14 Gbps||25 Gbps||35 Gbps|
|VPN Throughput||10 Gbps||10 Gbps||10 Gbps|
|AV Throughput||8 Gbps||9 Gbps||9.7 Gbps|
|IPS Throughput||11 Gbps||13 Gbps||15 Gbps|
|UTM Throughput||6.7 Gbps||6.7 Gbps||Up to 10 Gbps|
|Branch Office VPN Tunnels (Max.)||10,000||10,000||Unrestricted|
|Mobile VPN with SSL/L2TP (Incl/Max)||15,000||20,000||Unrestricted|
|Mobile VPN with IPSec Client Licenses (Bundled)||15,000||20,000||Unrestricted|
|Mobile VPN with IPSec Tunnels (Max.)||15,000||20,000||Unrestricted|
|Optional Centralized (Multibox) Management. Optional licenses enable Drag and Drop VPN and one-touch appliance updates.||4-device WatchGuard System Manager license included with purchase. 5-device bonus pack comes with activation.||4-device WatchGuard System Manager license included with purchase. 5-device bonus pack comes with activation.||4-device WatchGuard System Manager license included with purchase. 5-device bonus pack comes with activation.|
|One to One NAT|
|Multi-WAN Load Balancing|
|Server Load Balancing|
|High Availability Active/Active or Active/Passive|
|VoIP (SIP and H.323) Support|
|Additional Security Subscriptions|
|Data Loss Prevention||Optional||Optional||Optional|
|Reputation Enabled Defense||Optional||Optional||Optional|
|spamBlocker with Virus Outbreak Detection||Optional||Optional||Optional|
Intrusion Prevention Service (IPS)
|WebBlocker with HTTPS URL filtering||Optional||Optional||Optional|
|LiveSecurity® Service||LiveSecurity Plus with 24/7 support included with Security Bundle||LiveSecurity Plus with 24/7 support included with Security Bundle||LiveSecurity Plus with 24/7 support included with Security Bundle|
*Concurrent sessions here represent the number of bi-directional connections.
Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration.
Options & Upgrades:
Data Loss Prevention (DLP)
|Reputation Enabled Defense
Reputation Enabled Defense delivers a powerful, cloud-based URL reputation service that protects web users from malicious web pages, while dramatically improving web processing overhead.
WebBlocker content and URL filtering subscription helps eliminate legal liabilities resulting from inappropriate web surfing, while increasing employee productivity and protection from web-based attacks.
spamBlocker is the best in the industry at distinguishing legitimate communication from spam outbreaks in real time, blocking nearly 100% of unwanted emails and the viral payloads they carry.
Gateway AntiVirusis a fully integrated, signature-based security subscription that identifies and blocks known spyware, viruses, trojans, and blended threats in real time.
Intrusion Prevention Service
LiveSecurity Service, a high-value support and maintenance program that you activate online when you register your product. LiveSecurity delivers technical support, hardware warranty with advance hardware replacement, the latest software updates, and threat alerts.
Download the XTM 1520, 1525, and 2520 Series Datasheet (PDF).
- Pricing and product availability subject to change without notice.
Our Price: $25,310.00
Our Price: $60,755.00
Our Price: $17,455.00
Our Price: $41,895.00
Our Price: $8,290.00
Our Price: $19,900.00
Our Price: $11,125.00
Our Price: $26,710.00
Our Price: $2,500.00
Our Price: $5,005.00
Our Price: $12,005.00
Our Price: $10,350.00
Our Price: $10,350.00
Our Price: $11,385.00
Our Price: $10,350.00
Our Price: $10,350.00
Our Price: $10,350.00
Our Price: $11,900.00
Our Price: $28,565.00
Our Price: $85.00
Our Price: $85.00
Our Price: $212.00
Our Price: $404.00
Our Price: $612.00
Our Price: $766.00
Our Price: $3,846.00
Our Price: $7,696.00
Our Price: $125.00