The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
I use WatchGuard Firebox for our private cloud protection, addressing our needs regarding DLP, firewall, and intrusion detection.
I host solutions for files and honey behind WatchGuard Firebox, but we no longer host websites or anything that would require bottlenecks.
I appreciate the interface and the client of WatchGuard Firebox the most. Many firewalls do not have a client to connect, and instead rely on CLI only. I also use the management server, which is a fully managed server, and I appreciate the feature to schedule operations.
It did reduce system bottlenecks and improve our operational throughput.
The CLI could be improved in WatchGuard Firebox, and I think integration with a cloud solution—such as Microsoft Enterprise and Google Cloud—has room for improvement. It has the feature recently, which is quite good, but it is not very perfect and has been available for only two or three years, while other solutions have had this feature longer.
Due to COVID and other factors, our license for mobile SSL VPN cannot simply be upgraded; we can only upgrade the number of simultaneous users. I think it could be improved because migrating from Firebox medium to Firebox large is the only solution if we have just a small use case.
I have used WatchGuard Firebox for 15 years, coming from my past enterprise, so the answer to how long I have been using it is quite long.
I do have bugs, but the only bug I have is on products that are late on firmware because they are not subscribed anymore. I know the bugs are fixed, but I cannot have it because it is obsolete. However, I have just one WatchGuard Firebox unit that is licensed, and I have no bugs on it, so I am happy with that. I rate it a nine.
In terms of scalability, I would rate it a seven. Other solutions share the same problem, but six years ago, we had only 300 persons in the company, and WatchGuard Firebox was very good. Due to COVID and other factors, our license for mobile SSL VPN cannot simply be upgraded; we can only upgrade the number of simultaneous users. I think it could be improved because migrating from Firebox medium to Firebox large is the only solution if we have just a small use case.
I recommend giving the technical support for WatchGuard Firebox a nine on a scale from one to ten.
Positive
I do not have the choice to compare WatchGuard Firebox with other solutions or other vendors because my internet provider works with Fortinet for all our agencies. The Fortinet solution is in the MPLS setup, but that choice was made by the provider, not us.
The deployment is easier, so I would say it is easier rather than complex.
I have used WatchGuard Firebox for 15 years, and because I know the product, deploying a Firebox just takes a few hours for me.
It is difficult to estimate the return on investment with WatchGuard Firebox, but I would say it is around twenty to thirty percent.
I do not pay the bill, so I feel comfortable about the pricing, and for me, it is not expensive. I think it is a little cheaper in comparison with other solutions; Cisco is more expensive and I think Fortinet is also more expensive.
We had mostly twenty Firebox units, but now we have just one which is licensed, while the others are not licensed anymore because we go to an MPLS solution with our provider, so I use WatchGuard Firebox less than in the past.
In IT, we have five people in production and around seven persons in development, which represents how many users work with WatchGuard Firebox in my organization. Overall, the company has about eight hundred or nine hundred persons.
I have been working in IT for twenty years.
I am not concerned about the spam blocking capabilities right now since we work with Google for email, and we are migrating to M365, so it is not behind WatchGuard Firebox. In the past, around seven years ago, I was concerned; however, I am not sure if it has improved since then, so I cannot give a rating for that.
I recommend WatchGuard Firebox and would give it a nine in terms of recommendation. Overall, I rate this product a nine.
I tried using Symantec Protection Engine on AWS cloud and have constructed some implementations. It was purchased through AWS marketplace.
What I appreciate in Symantec Protection Engine is the Virtual Policy Manager (VPM) and the Application Name feature, which are really effective. The simple match request URL features are basic but highly efficient. The header and request header controls represent a significant improvement compared to other vendors. The categorization and custom categorization features are also excellent. These four elements represent the strongest parts of Symantec Protection Engine.
The seamless integration of Symantec Protection Engine benefits my IT infrastructure, although the Symantec proxy only works with Symantec solutions such as DLP or Content Analyst. Sometimes it works with accounts like Okta or SAML, but third-party solutions usually do not integrate well with Symantec. Only Symantec products work effectively with Symantec.
The high-performance scanning impact on my organization includes improved policies that allow specific redirection to people. The policies are very detailed, enabling me to specify which person receives which policy and how to control company users through these policies. This represents a significant improvement compared to other proxies.
Symantec Protection Engine has fewer issues during installations. However, some customers find it confusing to distinguish between the normal proxy and the web proxy because Symantec Protection Engine only controls port 80 and 443, which are HTTP and HTTPS. Because of this limitation, applications or browsers that are not supported sometimes may not work, and certain government sites or other sites may not function. Other national proxies made in Korea and other vendors support all ports.
Complexities can arise when customers use the proxy. The Web UI is good and has many improvements, but there are still some things that need enhancement.
Price is a significant area for improvement. The pricing is quite expensive, and it is particularly high for regular customers. Many customers are considering other vendors because the price is too high.
The Symantec proxy limitation to work only with Symantec products represents another weakness. While it sometimes works with accounts like Okta or SAML, third-party solutions usually do not integrate properly with Symantec. Only Symantec products work with Symantec.
It is difficult to assess whether it remains beneficial to use Symantec Protection Engine in terms of costs because the price is very high. Although the product has benefits, the pricing is extremely high. Symantec Protection Engine works very well for huge companies, but when company size is large, network size is also large, requiring a bigger proxy and significantly higher pricing. The cost multiplies based on scale, making it highly effective for Symantec but at multiple times the standard price.
I have been working with Symantec Protection Engine for almost three to four years.
The technical support of Symantec deserves a 10 because they provide extensive support.
Positive
The deployment timeframe depends on the size of the implementation, but deployment may require around one hour. I can complete the deployment within one hour since I personally participate in the deployment process. The installation is straightforward, but when the company is large with substantial size and many policies, stabilization may take additional time. However, the deployment itself takes approximately one hour because it is very simple to deploy and install.
I use policy management capabilities with the Visual Policy Manager. The impact of policy management on my security and my customers' security allows me to install policies for specific options, a specific person, or a specific group. The policy layers are very detailed, which I appreciated greatly.
The effectiveness of Symantec Protection Engine's Threat Intelligence Network in protecting against evolving threats is beneficial for the proxy because it has a threat risk level. Symantec officially supports levels 1 through 10, and I would consider levels 8 through 10 acceptable, while levels 5 through 7 are warnings. This system is helpful for customers. In threat protection, the categorization is excellent because Symantec provides strong support for it. Symantec effectively supports categorization, specifying which sites are threat sites, and when I set a suspicious category to deny, it functions effectively.
I do not use the real-time content scanning feature with Symantec Protection Engine; I only use the web proxy structure.
My overall rating for this product is 7.
