


WatchGuard Firebox and Elastic Security compete in the network security category. Elastic Security appears to have the upper hand due to its scalability and extensive customization capabilities.
Features: WatchGuard Firebox's robust security features include VPN, WebBlocker, and seamless integration with WiFi access points. It offers real-time monitoring capabilities and layered defenses. Elastic Security offers advanced search capabilities, machine learning features, and the ability to handle large data sets efficiently, making it highly scalable and customizable for diverse infrastructures.
Room for Improvement: WatchGuard Firebox could benefit from improved third-party integrations, more intuitive management interfaces, and enhanced real-time threat detection performance. Elastic Security users suggest a need for more pre-built use cases, improved ease of setup, and better documentation to aid deployment and usability.
Ease of Deployment and Customer Service: WatchGuard Firebox is favored for its straightforward on-premises deployment and reliable technical support. Elastic Security's flexibility across on-premises, hybrid, and cloud environments is valued, though users mention a need for quicker technical support responses.
Pricing and ROI: WatchGuard Firebox offers competitive pricing in bundled packages, noted for reducing maintenance costs and delivering strong ROI. Elastic Security often provides a cost advantage in its open-source form, appealing to small and medium enterprises with no initial cost and optional paid features for extended capabilities.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
In Cortex XDR by Palo Alto Networks, most of the remediation is automated and the accuracy is quite good.
It does not require hefty security budgets and can be deployed for enterprise security effectively.
From a security standpoint, preventing even a single major security incident or prolonged outage can represent significant cost savings.
I do not see any return on investment after WatchGuard Firebox implementation in terms of cost reductions.
Reduced incidents and easier management helped lower operational cost.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
Support is prompt and helpful.
Most of the time when my team encounters issues, they receive responses within 24 hours.
I have not faced any difficulties with Elastic Security, as we have a pretty good support service from them.
On a scale of one to 10, I would rate the technical support of the WatchGuard Firebox a 10.
When comparing WatchGuard Firebox with other vendors such as Fortinet, SonicWall, Palo Alto, and Sophos, WatchGuard Firebox performs competitively.
Most of the time, support engineers are knowledgeable and able to assist effectively with firewall configuration issues, VPN troubleshooting, firmware updates, and security-related concerns.
You can onboard 10,000 endpoints in just hours, which demonstrates the excellent scalability of this product.
Activating the newly purchased licenses is instantaneous, allowing installations without adjustments since it's cloud-based.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
It allows us to think about specific use cases, such as gathering malicious IPs in a single view and analyzing threats based on geolocation.
Elastic Security is quite scalable.
Overall, WatchGuard Firebox offers strong scalability for SMBs, MSPs, branch offices, and hybrid environments while keeping deployment and management relatively straightforward.
The user interface and features compared to newer firewalls are not up to the mark, which includes functionalities such as filtering, web filtering, threat protection, user identity, and UTM features that need improvement.
You can choose different models based on throughput and features, which makes it easy to support growing environments.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR by Palo Alto Networks can be trusted completely.
In terms of stability, I would rate Elastic a solid eight out of ten.
I have just one WatchGuard Firebox unit that is licensed, and I have no bugs on it, so I am happy with that.
Once properly configured, the platform handles VPN connectivity, traffic inspection, and security services constantly, even in multi-site environments with remote users.
There are issues with traffic hitting the firewall, which could indicate performance problems related to throughput.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
CrowdStrike and Defender have more established threat intelligence integration due to having a larger client base.
My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently.
Machine learning algorithms become better with time; as they ingest a huge volume of data, they become better.
It gives good visibility and control over the traffic, and the UI makes it easy to manage policies and respond quickly when something comes up.
The cost for renewal after three years is 75% of the hardware cost, which is a significant problem.
When implementing a rule using a group of IPs, it is not possible to do that directly.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Compared to CrowdStrike, which is very costly, and SentinelOne, which is also very costly, Cortex XDR by Palo Alto Networks is a medium cost-efficient solution.
The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building their security infrastructure.
This is beneficial for SMEs as they do not need extensive budgets for security solutions.
Elastic Security is considered cost-effective, especially at lower EPS levels.
When we tried to renew the Palo Alto license, the cost was beyond any reasonable range.
Fortinet is more expensive than WatchGuard.
I find WatchGuard Firebox to be cost-effective.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
Elastic Security offers good insight regarding alerts, reports, and cases.
Elastic Security offers advanced features such as machine learning and integration with ChatGPT.
We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data.
The Firebox offers valuable features such as network security, URL filtering, UTM features, intrusion prevention and detection, and authentication.
The features of WatchGuard Firebox are most valuable for maintaining network security.
Some of the best features of WatchGuard Firebox in my experience are its ease of management, strong VPN capabilities, and integrated security services.
| Product | Mindshare (%) |
|---|---|
| Cortex XDR by Palo Alto Networks | 3.6% |
| WatchGuard Firebox | 1.3% |
| Elastic Security | 2.3% |
| Other | 92.8% |



| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 21 |
| Large Enterprise | 53 |
| Company Size | Count |
|---|---|
| Small Business | 40 |
| Midsize Enterprise | 12 |
| Large Enterprise | 15 |
| Company Size | Count |
|---|---|
| Small Business | 101 |
| Midsize Enterprise | 30 |
| Large Enterprise | 17 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
Elastic Security stands out for its speed, scalability, and intuitive interface. It integrates seamlessly with Elasticsearch and Kibana, providing efficient data indexing, centralized log management, and intelligent threat identification, all while being open-source.
Elastic Security offers robust capabilities in security monitoring, threat identification, and SIEM functionalities. Its open-source nature enhances scalability, facilitating log aggregation and infrastructure monitoring. Users appreciate the intuitive dashboards and machine learning integration, which aid in proactive security measures and anomaly detection. Despite its strengths, improvements are needed in documentation, scalability, and configuration complexity. High data volume pricing and limited machine learning support are concerns, while dashboard enhancement and seamless integration with existing systems are desirable. The platform is widely used for alerting suspicious activities, analyzing logs from firewalls and Active Directory, and providing endpoint protection. It serves as a key tool for security awareness and auditing, integrating effectively with technologies like Kibana and OpenShift.
What are the most notable features of Elastic Security?Organizations deploy Elastic Security across industries for log aggregation and security monitoring, detecting unauthorized access, and analyzing system logs. It is essential for infrastructure monitoring and integrates effectively with systems such as Fluentd and OpenShift, supporting comprehensive security views across enterprise environments.
WatchGuard Firebox is a high-performance firewall known for its ease of setup, offering robust security with layered protection and centralized management capabilities.
WatchGuard Firebox stands out for its intuitive management and high throughput, addressing security needs with features like VPN, web filtering, and threat detection. Its centralized control and reporting abilities, along with Active Directory integration, make it popular among varied organizations. Its user-friendly interface and ongoing updates enhance usability and reliability. However, there's a call for better cloud-based administration, scalability, and improved integration with third-party vendors.
What are the key features of WatchGuard Firebox?WatchGuard Firebox is implemented across industries to secure internet gateways and protect data in multi-site businesses. Its applications span from Unified Threat Management (UTM) and intrusion prevention to compliance support in business environments requiring secure connectivity through VPNs.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.