We examined log files and configuration reports to determine how each appliance stacked up in enterprise management and control, daily operation, authentication and policies, and feature integration.
All of the products sell for between $12,000 and $18,500. But getting specific price configurations isn't easy, as each product has a complex range of user and feature licenses. Further confounding the pricing issue is that you will need to match the capacity of the product with the expected network traffic it will protect. We tried to compare appliances that had a similar number of network ports and capacity for a 1 Gbps external network connection.
We asked vendors to send us the boxes with the highest throughput possible and geared toward the largest networks. When we did our tests, we turned on all of the security modules--in the real world, this will severely limit their overall performance and is something to consider when deploying these products. However, we did not test performance. This is because testing performance is fraught with all sorts of issues. Either you test with synthetic clients to generate phony traffic so you can compare how different products respond on the "same" artificial lab network, or you do your tests on a live network and hope that the insights gained with your actual conditions are worth the loss of having the comparable traffic data. As a potential purchaser, you should match throughput specs with what you ultimately need on your network.
We connected each UTM box on a test network with Windows XP, Vista and Apple Macintosh clients and a Windows 2003 Enterprise Server running Microsoft's IIS Web server.
