WatchGuard XTM 520 Series Firewall Appliance
Next-Generation Firewall for Small to Midsized Businesses
Sorry, this unit has been discontinued and is no longer available for purchase, replace by Firebox M270, M370, M470, M570. If you currently own this Model, please click here to participate in the WatchGuard Trade-Up Program! You can also purchase available renewals below. End of Sale (EOS): 03 Dec 2012. End of Life (EOL) for the XTM 520 is 03 Dec 2017 - you will not be able receive support after this date even with a 1 Year contract.
WatchGuard XTM 520 Series Overview:
WatchGuard XTM 5 Series appliances deliver a new class of performance driven security for growing mid-size businesses. The 5 Series offers up to 2.3 Gbps firewall throughput and security features including full HTTPS inspection and VoIP support. Organizations that want room to easily scale their network security can move up to greater performance, more users, and additional security and networking features to meet escalating demands, without costly hardware replacements
Why buy an all-in-one solution?
An all-in-one XTM network security solution integrates complete protection while slashing the time and cost associated with managing multiple single-point security products. All security capabilities work together for a holistic, comprehensive approach to network protection. Your IT staff has more time to focus on other areas of network administration, and your business saves money on support and hardware costs.
With a WatchGuard® XTM 5 Series solution, your network is:
- Application-layer content inspection recognizes & blocks threats that stateful packet firewalls cannot detect.
- Wide-ranging proxy protection comes from robust security on HTTP, HTTPS, FTP, SMTP, POP3, DNS, TCP/UDP.
- A suite of security subscriptions boosts protection in critical attack areas for complete threat management.
- Security subscriptions boost protection in critical attack areas for complete unified threat management.
- Provides integrated SSL VPN for simple, anywhere-anytime network access.
- Includes Skype blocking – first of the next generation of built-in application-blocking capabilities.
- Up to 2.3 Gbps rewall throughput and up to 750 Mbps VPN throughput keep data moving.
- Best UTM throughput in its class, even with strong security enabled.
- Gigabit Ethernet ports support high-speed LAN backbone infrastructures and gigabit WAN connections.
- Active/active high availability with load balancing ensures maximum network uptime.
- Scriptable CLI supports interoperability and allows easy integration into existing infrastructure.
- Interactive, real-time monitoring and reporting – at no additional charge – give an unprecedented view into network security activity so you can take immediate preventive or corrective actions.
- Intuitive management console centrally manages all security functions.
- Role-based access control (RBAC) allows lead administrators to create custom roles for granular control.
- Drag-and-drop Branch Office VPN setup – three clicks and your remote office is connected.
- Call setup security for VoIP means you don’t need to “wire around the firewall” to take advantage of the big cost savings that VoIP can generate.
- WAN and VPN failover increase performance, redundancy, and reliability.
- Multiple VPN choices deliver flexibility in remote access.
- To maximize port utilization, any of the seven ports can be con gured as Internal, External, or Optional.
- Networking features, such as transparent bridge mode and multicast over VPN, allow you to add security without needing to change existing network infrastructure.
- Upgrade to a higher model within the line for more performance and capacity with a simple license key.
- Pair with WatchGuard XCS appliance for focused emphasis on messaging and content security.
- Move up to the “Pro” version of the Fireware XTM operating system for advanced networking features, including active/active high availability, VLAN support, multi-WAN and server load balancing, dynamic routing, and QoS.
- Add powerful security subscriptions to block spam, control dangerous and inappropriate web surfing, prevent network intrusions, and stop viruses, spyware, trojans, and other malware at the gateway.
Prepared for Tomorrow's Challenges:
- No need to compromise protection for strong performance or vice versa. Multi-layered, interlocking security protects the network while throughput remains high.
- Advanced networking features ensure reliability and the exibility to meet changing business requirements.
- Secure remote connectivity keeps mobile workforce online and productive.
- Security and reporting tools, included at no extra cost, support industry and regulatory compliance.
Fast 2.3 Gbps throughput
Faster, safe web surfing
3 ways to manage your appliance
Fireware XTM included
Reporting in the Browser
Maximum network uptime
Self Health Monitoring
Remote/External Log Server/Report Server DB
An investment in your security
|WatchGuard Model||XTM 505||XTM 510||XTM 520||XTM 530|
|Throughput & Connections|
|Firewall Throughput*||1.5 Gbps||1.8 Gbps||2.2 Gbps||2.6 Gbps|
|VPN Throughput*||210 Mbps||350 Mbps||550 Mbps||750 Mbps|
|AV Throughput*||520 Mbps||625 Mbps||760 Mbps||900 Mbps|
|IPS Throughput*||500 Mbps||600 Mbps||735 Mbps||870 Mbps|
|XTM Throughput*||330 Mbps||395 Mbps||480 Mbps||570 Mbps|
|Interfaces 10/100||1 copper||1 copper||1 copper||1 copper|
|Interfaces 10/100/1000||6 copper||6 copper||6 copper||6 copper|
|I/O Interfaces||1 Serial / 2 USB||1 Serial / 2 USB||1 Serial / 2 USB||1 Serial / 2 USB|
|Nodes Supported (LAN IPs)||Unrestricted||Unrestricted||Unrestricted||Unrestricted|
|New connections per second||12,000||12,000||12,000||12,000|
|VLANs bridging, tagging, routed mode||75||75||75||75|
|WSM licenses (incl)||4||4||4||4|
|Local user database||500||500||1,000||2,500|
|VPN Tunnels (included / Maximum)|
|Branch Office VPN||65||75||200||600|
|Mobile VPN IPSec||5 / 75||25 / 100||50 / 300||400 / 1,000|
|Mobile VPN SSL||1 / 65**||1 / 75**||1 / 300**||1 / 600**|
|Firewall||Stateful packet inspection, deep packet inspection, proxy firewall|
|Application Proxies||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3|
|Threat Protection||Blocks spyware, DoS attacks, fragmented packets, malformed packets, blended threats, and more|
|VoIP||H.323. SIP, call setup and session security|
|Security Subscriptions||Application Control, WebBlocker, spamBlocker, Gateway AntiVirus, Intrusion Prevention Service, Reputation Enabled Defense|
|VPN & Authentication|
|Encryption||DES, 3DES, AES 128-, 192-, 256-bit|
|IPSec||SHA-1, IKE pre-shared key, 3rd party cert|
|SSL||Thin client, Web exchange|
|PPTP||Server and Passthrough|
|Single Sign-on||Transparent Active Directory Authentication|
|XAUTH||Radius, LDAP, Windows Active Directory|
|Other user authentication||VASCO, RSA SecurID, web-based, local|
|Management Platform||WatchGuard System Manager (WSM)|
|Alarms and Notifications||SNMP v2/v3, Email, Management System Alert|
|Server Support||Logging and Reporting with Server Health status, Quarantine, WebBlocker, Management|
|Web UI||Supports Windows, Mac, Linux, and Solaris OS|
|Command Line Interface||Includes direct connect and scripting|
|QoS||8 priority queues, DiffServ, modified strict queuing|
|IP Address Assignment||Static, DynDNS, PPPoE, DHCP (server, client, relay)|
|Security||ICSA, FIPS 140-2 and EAL4+ in progress|
|Network||IPv6 Ready Gold (routing)|
|Hazardous Substance Control||WEEE, RoHS, REACH|
|Dimensions and Power|
|Product Dimensions||11.25" x 17" x 1.75" (28.6 x 43.2 x 4.5 cm)|
|Shipping Dimensions||18" x 21" x 5.25" (45.7 x 53.3 x 13.3 cm)|
|Shipping Weight||16.1 lbs (7.3 Kg)|
|AC Power||100-240 VAC Autosensing|
|Power Consumption||U.S. 50 Watts (max), 171 BTU (max)|
|Rack Mountable||1U rack mount kit included|
|Temperature||32° F to 104° F (0° C to 40° C)||-40° F to 158° F (-40° C to 70° C)|
|Relative Humidty||10% to 85% non-condensing||10% to 95% non-condensing|
|Altitude||0 to 9,843 ft at 95° F (3,000 m at 35° C)||0 to 15,000 ft at 95° F (4,570 m at 35° C)|
|MTBF||51,644 hours @ 77° F (25° C)||51,644 hours @ 77° F (25° C)|
Powered by Fireware® XTM and XTM Pro***
As network requirements become more complex, it's easy to upgrade to the Pro version of the OS with a simple software license key.
|Networking Features||Fireware XTM||Fireware XTM Pro|
|Routing||Static, dynamic routing (RIP)||Dynamic (BGP4, OSPF, RIP v1/2), Policy-base|
|High Availability||-||Active/passive, active/active with load balancin|
|NAT||Static, dynamic, 1:1, IPSec traversal, policy-based||Virtual IP for server load balancing|
|SSL||1 SSL tunnel available||Maximum number of SSL tunnels available|
|Other Features||Port Independence, transparent/drop-in mode, multi-WAN failover||Server load balancing, multi-WAN load balancing|
* Throughput rates will vary based on environment & configuration
** Maximum number available with upgrade to Fireware XTM Pro
*** The XTM 515, XTM 525, XTM 535 and XTM 545 Series ship with Fireware XTM Pro installed.
|WatchGuard Model||XTM 505||XTM 510||XTM 520||XTM 530|
|Ideal For||Main offices that need performance-driven security that's priced right||Main offices / headquarters that want security with fast throughput and room to grow||Main offices / headquarters looking for enterprise-grade performance and security in an all-in-one solution||Main offices / headquarters that require enterprise-grade performance and powerful security with flexible, centralized management|
|Interfaces||6: 10/100/1000 and 1:10/100||6: 10/100/1000 and 1:10/100||6: 10/100/1000 and 1:10/100||6: 10/100/1000 and 1:10/100|
|Application Proxies||HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323, TFTP|
|Intrusion Prevention (DOS, DDOS, PAD, port scanning, spoofing attacks, address space probes, and more)|
|Wireless Models Only||N/A||N/A||N/A||N/A|
|User Authentication with transparent Windows authentication|
|Firewall Throughput**||1.5 Gbps||1.8 Gbps||2.2 Gbps||2.6 Gbps|
|VPN Throughput**||210 Mbps||350 Mbps||550 Mbps||750 Mbps|
|AV Throughput**||520 Mbps||625 Mbps||760 Mbps||900 Mbps|
|IPS Throughput**||500 Mbps||600 Mbps||735 Mbps||870 Mbps|
|XTM Throughput**||330 Mbps||395 Mbps||480 Mbps||570 Mbps|
|Branch Office VPN Tunnels (Max.)||65||75||200||600|
|Mobile VPN with SSL (Incl/Max)||1 / 65||1 / 75||1 / 300||1 / 600|
|Mobile VPN with IPSec Client Licenses (Bundled)||5||25||50||400|
|Mobile VPN with IPSec Tunnels (Max.)||75||100||300||1,000|
|Optional Centralized (Multibox) Management. Optional licenses enable Drag and Drop VPN and one-touch appliance updates.||4-device WatchGuard System Manager license included with purchase.|
|One to One NAT|
|Policy-Based Routing||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro|
|Multi-WAN Load Balancing||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro|
|Server Load Balancing||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro|
|High Availability Active/Active or Active/Passive||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro|
|Dynamic Routing||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro||Optional with Fireware XTM Pro|
|VoIP (SIP and H.323)Support|
|Application Control||Included with Security Bundle||Optional||Optional||Optional|
|Reputation Enabled Defense||Included with Security Bundle||Optional||Optional||Optional|
|spamBlocker with Virus Outbreak Detection||Included with Security Bundle||Optional||Optional||Optional|
|Gateway AntiVirus/ Intrusion Prevention Service (IPS)||Included with Security Bundle||Optional||Optional||Optional|
|WebBlocker with HTTPS URL filtering||Included with Security Bundle||Optional||Optional||Optional|
|LiveSecurity® Service||1-year and 3-year subscriptions available|
*Concurrent sessions here represent the number of bi-directional connections.
**Throughput rates will vary based on environment & configuration.
Options & Upgrades:
Turn your WatchGuard XTM security appliance into a complete threat management solution with a WatchGuard Security Suite.
Reputation Enabled Defense
Intrusion Prevention Service
Download the WatchGuard XTM 5 Series Datasheet (PDF).
- Pricing and product availability subject to change without notice.
Our Price: $3,896.10
Our Price: $595.00
*Please Note - new appliance purchases include this kit.
Our Price: $15.00
*Please Note - new appliance purchases include this kit.
Our Price: $20.00