Datasheet
WatchGuard® XTM 5 Series
Recommended for small to mediumsized businesses
WatchGuard XTM 5 Series appliances
deliver a new class of performance-
With a WatchGuard® XTM 5 Series solution, your network is:
driven security for growing businesses.
The 5 Series offers up to 2.3 Gbps
firewall throughput and security
features including full HTTPS inspection
SECURE
■
Application-layer content inspection recognizes & blocks threats that stateful packet firewalls cannot detect.
■
Wide-ranging proxy protection comes from robust security on HTTP, HTTPS, FTP, SMTP, POP3, DNS, TCP/UDP.
■
A suite of security subscriptions boosts protection in critical attack areas for complete threat management.
security can move up to greater
■
Provides integrated SSL VPN for simple, anywhere-anytime network access.
performance, more users, and additional
■
Includes Skype blocking – first of the next generation of built-in application-blocking capabilities.
and VoIP support. Organizations that
want room to easily scale their network
security and networking features to
FAST and EFFICIENT
meet escalating demands, without
■
Up to 2.3 Gbps firewall throughput and up to 750 Mbps VPN throughput keep data moving.
■
Best UTM throughput in its class, even with strong security enabled.
■
Gigabit Ethernet ports support high-speed LAN backbone infrastructures and gigabit WAN connections.
solution integrates complete protection
■
Active/active high availability with load balancing ensures maximum network uptime.
while slashing the time and cost
■
Scriptable CLI supports interoperability and allows easy integration into existing infrastructure.
costly hardware replacements.
Why buy an all-in-one solution?
An all-in-one XTM network security
associated with managing multiple
■
single-point security products. All
Interactive, real-time monitoring and reporting – at no additional charge – give an unprecedented view into
network security activity so you can take immediate preventive or corrective actions.
security capabilities work together for
■
Intuitive management console centrally manages all security functions.
a holistic, comprehensive approach
■
Role-based access control (RBAC) allows lead administrators to create custom roles for granular control.
to network protection. Your IT staff
■
Drag-and-drop Branch Office VPN setup – three clicks and your remote office is connected.
has more time to focus on other areas
FLEXIBLE
of network administration, and your
business saves money on support and
■
hardware costs.
Call setup security for VoIP means you don’t need to “wire around the firewall” to take advantage of the big
cost savings that VoIP can generate.
■
WAN and VPN failover increase performance, redundancy, and reliability.
■
Multiple VPN choices deliver flexibility in remote access.
■
To maximize port utilization, any of the seven ports can be configured as Internal, External, or Optional.
■
Networking features, such as transparent bridge mode and multicast over VPN, allow you to add
security without needing to change existing network infrastructure.
SCALABLE
■
This WatchGuard
security appliance
“can handle the
growth. It’s an
excellent piece
of hardware.”
Frank Curello
Chief Executive Officer
GameWear
Earth-friendly technology
■
■
■
Upgrade to a higher model within the line for more performance and capacity with a simple license key.
Pair with WatchGuard XCS appliance for focused emphasis on messaging and content security.
Move up to the “Pro” version of the Fireware XTM operating system for advanced networking features,
including active/active high availability, VLAN support, multi-WAN and server load balancing, dynamic
routing, and QoS.
Add powerful security subscriptions to block spam, control dangerous and inappropriate web surfing, prevent
network intrusions, and stop viruses, spyware, trojans, and other malware at the gateway.
PREPARED FOR TOMORROW’S CHALLENGES
■
No need to compromise protection for strong performance or vice versa. Multi-layered, interlocking security
protects the network while throughput remains high.
■
Advanced networking features ensure reliability and the flexibility to meet changing business requirements.
■
Secure remote connectivity keeps mobile workforce online and productive.
■
Security and reporting tools, included at no extra cost, support industry and regulatory compliance.
WatchGuard® Technologies, Inc.
XTM 5 Series
XTM 505
XTM 510
XTM 520
XTM 530
Throughput & Connections
Firewall throughp ut*
850 Mbps
1.4 Gbps
1.9 Gbps
2.3 Gbps
VPN throughput*
210 Mbps
350 Mbps
550 Mbps
750 Mbps
Aggregate XTM throughput*
275 Mbps
400 Mbps
600 Mbps
800 Mbps
Interfaces 10/100
1 copper
1 copper
1 copper
1 copper
Interfaces 10/100/1000
6 copper
6 copper
6 copper
6 copper
I/O interfaces
1 Serial/2 USB
1 Serial/2 USB
1 Serial/2 USB
1 Serial/2 USB
Nodes supported (LAN IPs)
Unrestricted
Unrestricted
Unrestricted
Unrestricted
40,000
50,000
100,000
350,000
75
75
75
75
WSM licenses (incl)
4
4
4
4
Local user database
500
500
1,000
2,500
Powered by Fireware® XTM Pro
Concurrent connections
(bi-directional)
VLANs
bridging, tagging, routed mode
VPN Tunnels
Branch Office VPN
65
75
200
600
Mobile VPN IPSec (incl/max)
5/75
25/100
50/300
400/1,000
Mobile VPN SSL
1/65
1/75
1/300
1/600
Security Features
Firewall
Stateful packet inspection, deep packet inspection, proxy firewall
Application proxies
HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3
Threat protection
Blocks spyware, DoS attacks, fragmented packets, malformed
packets, blended threats, and more
H.323. SIP, call setup and session security
VoIP
Security subscriptions
WebBlocker, spamBlocker, Gateway AV, Intrusion Prevention
Service, Reputation Enabled Defense (available in Security Bundle)
VPN & Authentication
Encryption
DES, 3DES, AES 128-, 192-, 256-bit
IPSec
SHA-1, MD5, IKE pre-shared key, 3rd party cert
VPN failover
SSL
Every XTM 5 Series appliance ships with the Fireware® XTM
operating system. As network requirements become more
complex, it’s easy to upgrade to the Pro version of the OS
with a simple software license key.
Networking
Features
Routing
Fireware XTM
Fireware XTM PRO
Static, dynamic routing
(RIP)
Dynamic (BGP4, OSPF,
RIP v1/2), Policy-based
High Availability
–
Active/passive, active/
active with load balancing
NAT
Static, dynamic, 1:1,
IPSec traversal,
policy-based
Virtual IP for server
load balancing
SSL
1 SSL tunnel available
Maximum number of
SSL tunnels available
Other Features
Port Independence,
transparent/drop-in
mode, multi-WAN
failover
Server load balancing,
multi-WAN load balancing
Buy the Bundle and Get the Works!
Get everything you need for complete threat management
at a great price with the Security Bundle. Includes choice of 5
Series appliance, plus WebBlocker, spamBlocker, Gateway AV,
Reputation Enabled Defense, Intrusion Prevention Service,
and LiveSecurity® Service with 24/7 tech support.
How to Order the Security Bundle
Yes
WatchGuard XTM
5 Series Security
Bundle SKUs
Appliance
with 1-year
subscriptions
Appliance
with 2-year
subscriptions
Appliance
with 3-year
subscriptions
Thin client, Web exchange
XTM 505 Security Bundle
WG505031
WG505032
WG505033
PPTP
Server and Passthrough
XTM 510 Security Bundle
WG510031
WG510032
WG510033
Single sign-on
Transparent Active Directory Authentication
XTM 520 Security Bundle
WG520031
WG520032
WG520033
XAUTH
Radius, LDAP, Windows Active Directory
XTM 530 Security Bundle
WG530031
WG530032
WG530033
Other user authentication
VASCO, RSA SecurID, web-based, local
Management
Management platform
WatchGuard System Manager (WSM)
Product Dimensions
11.25” x 17” x 1.75” (28.6 x 43.2 x 4.4 cm)
Alarms and notifications
SNMP v2/v3, Email, Management System Alert
Shipping Dimensions
21” x 18” x 5.25” (53.3 x 45.7 x 13.3 cm)
Server support
Shipping Weight
16.1 lbs (7.3 Kg)
Web UI
Logging and Reporting with Server Health status, Quarantine,
WebBlocker, Management
Supports Windows, Mac, Linux, and Solaris OS
AC Power
100-240 VAC Autosensing
Command line interface
Includes direct connect and scripting
Power Consumption
U.S. 50 Watts (max), 171 BTU (max)
Rack Mountable
1U rack mount kit included
Standard Networking
QoS
8 priority queues, DiffServ, modified strict queuing
IP address assignment
Static, DynDNS, PPPoE, DHCP (server, client, relay)
Support and Maintenance
LiveSecurity® Service
Dimensions and Power
Power Lights
Hardware warranty, 12/5 or 24/7 technical support with 4-hour
response time, software updates, threat alerts
Certifications
Security
ICSA, FIPS 140-2 and EAL4+ in progress
Safety
NRTL/C, CB
Control of hazardous substances
WEEE, RoHS, REACH
*Throughput rates will vary based on environment and configuration. Contact your WatchGuard reseller or call
WatchGuard directly (1.800.734.9905) for help determining the right model for your network.
Network Interfaces
Power Supply
LCD Display
LCD Navigation Buttons
Cooling Fans
On/Off Switch
Address: 505 Fifth Avenue South, Suite 500, Seattle, WA 98104 • Web: www.watchguard.com • U.S. Sales: 1.800.734.9905 • International Sales: +1.206.613.0895
No express or implied warranties are provided for herein. All specifications are subject to change and expected future products, features or functionality will be provided on an if and when available basis. ®2010 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard
logo, Fireware, and LiveSecurity are either trademarks or registered trademarks of WatchGuard Technologies, Inc. in the United States and/or other countries. All other tradenames are the property of their respective owners. Part No. WGCE66678_052410
WatchGuard® Technologies, Inc.