WatchGuard FireBox II - An economical network security solution

WatchGuard FireBox II for unlimited users is an economical solution to network security. Read the article to know its features.

Most firewalls require users to first install an operating system and then install the firewall software. WatchGuard FireBox II package makes it simpler. You get a completely pre-configured device with the operating system (Linux) and the preinstalled firewall ready to customize and use. To configure the firewall, just connect it over the LAN using remote management tools.

Device configuration requirements

  • Three 10/100 Mbps Ethernet ports

  • Two serial ports

  • Two cardbus slots

  • Flash type disk storage

  • Interface

    The firewall has a graphical interface with numerous Windows based management tools to customize devices for network. The tools are available as a separate package. They give you a visual indication of the network's bandwidth in use, traffic flow, sources & destinations of the IP traffic, data link and other conditions. They also launch your web browser and display a useful help page for support. The interface allows you to remotely administer any number of firewalls from a single computer. Using the centrally stored policy files, you can maintain consistent pass/drop rules for all firewalls on LAN. Customizing these rules is also easy as the interface is user-friendly. Just press the Help button for any assistance.

    Security features

    Dynamic packet filter

    The firewall has a dynamic packet filtering mechanism which is not exactly connection oriented but it prevents exploitation against the firewall itself. All data packets are filtered to ensure that no constructed packets pass through the network.

    Application proxies

    The firewall is a security proxy and includes many strong proxy applications. It performs NAT, packet filtering and protocol proxying. The custom security proxies are available for HTTP, SMTP, FTP, DCE RPC, VDO Live, Real Audio/Video and H.323 protocols. Different protocols can be used to block different contents on internet.

    Network Address Translation (NAT)

    As FireBox II supports NAT, port forwarding and client hiding facilities are available for internal servers. NAT is built on the inspector filter to allow content from only legal IP addresses.

    Authentication & VPN products

    The authentication package is available for this firewall separately. It includes support for Firebox, Cryptocard, NT server and Radius server. A VPN package is also not included in the firewall and it includes VPN using IPsec or the WatchGuard proprietary tunnel software.

    Real time monitoring tools for event detection

    Arbitrary applications are themselves executed upon any event detection. Databases are being logged and email notifications are sent to administrator in case of any suspicious activity. There are superior real-time monitoring tools for event detection. Scan detection and spoofing detection are automatically performed. Automatic blocking of illegal IDs takes place. Complete details of all logins, time and status of connection are shown in the lower half of the interface so that the users remain updated and aware.


    To purchase the package, visit WatchGuard's official website. The firewall will cost you $3200 if you opt for a 12 month support service. For a 12 month Firebox Security subscription to Livesecurity, you will have to pay extra $650 per subscription. Note that there aren't different versions for different number of users. There is only one pack and that is for unlimited users. The documentation you get at the time of purchase is in HTML format but it is a bit context sensitive. Other than this, the file is very task driven and precise. Network administrators should not face any trouble in understanding it.


    WatchGuard FireBox II is a compact firewall with an integrated & preconfigured unit. The advantage of the preconfigured unit is that you get a standard configuration which is tested by security experts for all possible vulnerabilities. It provides VPN support, centralized authentication and very high speed application proxying contributing to high performance but users must understand that the hardware is not field upgradeable. This means, you may not be able to avail the benefits of high performance if the hardware falters at some point. The cost for unlimited users is a fair bargain if we look at the costs of other firewalls.

    Read eBay hacking and lessons learnt to stay secured online

    Related Articles

    Networking Protocols, OSI Model and Network Standards - A Guide

    In this article, we take a look at some of the network protocols and standards, that are ruling communication in the world today. We also take a look at the all popular OSI models, in order to understand its role in the field of Networking. We also try to understand the difference between routable and non-routable protocols.

    Introduction to Network Security

    In this article, we will introduce ourselves to what kind of threats are prevalent on networks around the world. Understanding the kind of threats that affect networks is the first step towards securing a network from malicious attacks.

    TCP/IP Fundamentals and Addressing Schemes

    In this article, we take the second step towards our understanding of TCP/IP protocol by looking at how TCP/IP settings are configured on systems, fundamental terms related to the same and what kind of addressing scheme is used by the protocol to assign unique network addresses to systems.

    More articles: Network Protocols Network Security


    No responses found. Be the first to comment...

  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name: