See full size image WatchGuard XCS  email security appliance 

Key Advantages...

Hardware Specifications...

WatchGuard XCS is an email Firewall appliance that is designed to be deployed between internal mail servers and the Internet. Delivered as a dedicated appliance, XCS supports standard mail protocols for processing email messages.

Email is the most important single service running on the Internet, It is also the number one source of security risk.


WatchGuard XCS Firewall provides the latest protection against viruses, SPAM, and employee misuse, but also adds new defences against:

These new threats need new defences, and the WatchGuard XCS delivers them in a new high security appliance.


WatchGuard XCS protects mail systems with a layered, defence-in-depth solution:


WatchGuard XCS delivers the most comprehensive SPAM mail management available. With a combination of the WatchGuard ReputationAuthority and Advanced Spam and Malware Prevention Engines, along with local learning, WatchGuard XCS provides complete control over the classification of email and its disposition.

WatchGuard XCS SPAM control package is highly accurate and reduces the problems of false positives to a minimum



Six models are available to suit the needs of the enterprise:

See Appliances for more information.


WatchGuard XCS is designed to support the highest throughputs. With its integrated hardened OS and optimised mail servers, WatchGuard XCS minimizes the latency usually associated with intense security processing.


WatchGuard XCS  is generally configured to accept all mail for a domain or sub-domain, to store and process mail according to the specified policies, and then deliver the mail to one or more internal mail servers for collection by users.


WatchGuard XCS  is ideally suited to deployment on a DMZ or internally behind an existing firewall.


WatchGuard XCS runs on a hardened secure operating system and is proven in the most sensitive environments.

WatchGuard XCS thus specifically resists operating system attacks, protecting your mail servers from direct SMTP and HTTP connections and effectively firewalling not just these traffic types, but all other attacks which may exploit them.

WatchGuard XCS avoids the problems and challenges of installing, configuring, hardening and maintaining a general purpose operating system.


WatchGuard XCS's Secure Web Mail provides a unique mechanism for supporting access to internal mail servers for remote users. Encryption and strong authentication provide secure session controls and users can readily access their mailboxes using OWA, iNotes or BorderPost, WatchGuard XCS's own web mail client.

Strong authentication can be implemented using RSA SecurID and CryptoCard, with Radius, LDAP and other tokens being incrementally supported.

Radius support allows for WatchGuard XCS to access Active Directory to authenticate users.

WatchGuard XCS addresses the security issues currently preventing the easy deployment of web mail, by providing:


Like malformed data packets used to subvert networks, malformed messages allow viruses to avoid detection, crash systems and lock up mail servers. Researchers have identified over 350 ways to create malformed messages, and many more are being created every day.

WatchGuard XCS ensures that only correctly formatted messages are allowed in to your systems.

Message integrity checking protects your mail servers, mail clients and improves the effectiveness of existing virus scanning implementations.


Using SSL/TLS, all mail delivered to and from WatchGuard XCS can be encrypted. This includes connections to remote systems, local internal MS Exchange systems, or even internal mail clients. This allows messages to be delivered with complete confidentiality both locally and remotely. You can Establish email VPN's with remote offices and business partners with the minimum of impact.


Virus scanning is enabled using Kaspersky Lab's virus scanning engine. Automatic updates ensure the latest viruses are caught. WatchGuard XCS's high performance virus scanning can provide a vital layer of protection for you whole organization.


WatchGuard XCS implements attachment controls, and content filtering based on pattern and text matching. Content controls prevent:


WatchGuard XCS supports sophisticated mail delivery, and can accept, process and deliver mail for multiple domains and internal mail servers. Mail mappings and address masquerading helps hide internal mail server addresses.


WatchGuard XCS can host user mailboxes and thus act as full-function mail server for small offices. With full support for POP3 and SMTP, WatchGuard XCS provides a cost-effective alternative to other mail servers, at the same time as delivering a secure package that can be remotely managed.


WatchGuard XCS is managed through a simple web based interface and may be accessed remotely and locally. Sessions may be encrypted for extra security. WatchGuard XCS is simple to administer and maintain and needs no specialist knowledge or training.

A full range of tools is available to monitor the system and troubleshoot mail delivery issues. Comprehensive logs record all mail activity.


The SecurityConnection provides an automated update service. Simply enable the SecurityConnection, and you are automatically notified of any new patches and updates.

This is a significant benefit where security is concerned. WatchGuard constantly monitors for new vulnerabilities and issues new modules to defend against them.

The SecurityConnection ensures that you have them as soon as they are available.

Return to the top of the page