WatchGuard Firebox OverviewUNIXBusinessApplication

WatchGuard Firebox is the #3 ranked solution in top Unified Threat Management (UTM) tools. PeerSpot users give WatchGuard Firebox an average rating of 8.2 out of 10. WatchGuard Firebox is most commonly compared to Fortinet FortiGate: WatchGuard Firebox vs Fortinet FortiGate. WatchGuard Firebox is popular among the large enterprise segment, accounting for 42% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 21% of all views.
WatchGuard Firebox Buyer's Guide

Download the WatchGuard Firebox Buyer's Guide including reviews and more. Updated: November 2022

What is WatchGuard Firebox?

WatchGuard Firebox is a unified security platform that offers organizations protection from cyber threats through a powerful network security device that controls all traffic between an external network and a trusted network. The solution is ideal for small and midsize businesses as well as for distributed enterprises. WatchGuard Firebox protects the entire network from intrusions, phishing attempts, malware, and ransomware by using cloud and virtual firewalls, AI-powered malware protection, and enhanced network visibility.

WatchGuard Firebox Features

WatchGuard Firebox has many valuable key features, including:

  • Policy management
  • Strong security
  • High performance
  • Network configuration for multiple clients
  • Built-in SD-WAN
  • Application control
  • Threat detection and response
  • Network discovery
  • Intuitive interface

WatchGuard Firebox Benefits

Some of the benefits of using WatchGuard Firebox include:

  • IT administrators can create and implement policies for content filtering, VPNs, and network inspections.
  • The solution is easy to set up, manage, and maintain.

Reviews from Real Users

Below are some reviews and helpful feedback written by WatchGuard Firebox users.

PeerSpot user Kelly C., IT Manager at a hospitality company, mentions, “One of the most valuable features is the Gateway AntiVirus. We scan all traffic as it's coming through. We also use spamBlocker to scrub spam. We use content filtering, which is critical in any corporate environment to make sure that people don't surf things they're not supposed to. WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively too.It's very easy to use. In terms of performance, WatchGuard has always worked well for us. Regarding the reporting, I was in the Dimension server earlier today. It's very powerful. I like it. And the management features are easy to use. I like the fact that I can open up the System Manager client or I can just do it through the web if I'm making a quick change.”

A Director of Information Technology at a retailer says, “Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager. It's a stable platform. The devices are pretty rock-solid.”

Jason M., IT Director at a healthcare company, explains, “The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out. In terms of the throughput and performance, we don't have a problem or any bottleneck there. We downgraded the size of our appliance because we're a small facility, and what we had before was actually too big. The one we are now going with seems to be doing a great job.” He also adds, “The management feature is pretty nice.”

Steve R., President and Owner at Peak Communication Systems, Inc., comments, "It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problems supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."

WatchGuard Firebox Customers

Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence

WatchGuard Firebox Video

WatchGuard Firebox Pricing Advice

What users are saying about WatchGuard Firebox pricing:
  • "I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
  • "The primary reason that we went with Firebox was its cost. It is very economical and it provided us with all the security functions that we were looking for at the time. And the throughput was more than what we required, so it was a very cost-effective device to deploy on our network."
  • "The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use."
  • "We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs."
  • "It has a very good price. It is not the most expensive one, and it is also not the cheapest one. It is just spot-on in terms of price."
  • "They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years."
  • WatchGuard Firebox Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Peter Galgano - PeerSpot reviewer
    Owner at a construction company with 51-200 employees
    Real User
    Top 10
    Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders
    Pros and Cons
    • "The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
    • "I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."

    What is our primary use case?

    It's a perimeter device and I use it as a DNS server for my domain, but I'm not the typical user for this type of device. I'm a hobbyist when it comes to this type of product and I use it in a small office environment.

    What is most valuable?

    It's competent. There's really nothing technically wrong with it. This is just a small device, and I don't use it for intrusion monitoring. I am only using it as a basic front-end and I have port-forwarding for services behind the network.

    I use it to give access to some remote users. I give them access to their desktops with RDP and I have a client so they can register on the domain network with dynamic DNS. The ports that I have assigned appear to be unattainable to outside "mal-actors," unless they have an address registered on the internet that this thing is expecting. That's a layer of security.

    What needs improvement?

    I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that.

    I also struggle with its usability a little bit. I come from an open source background, so I'm accustomed to BIND and DHCP from Linux builds. With their tools I'm struggling to have a web interface. I'm not getting a third-party web interface, so I'm using Webmin, which I have become accustomed to. You have to relearn or find services that you know are there. You have to figure out what they mean by an alias. Setting up a network interface or port-forwarding isn't necessarily using the language that I'm accustomed to. Every time you deal with a new user interface, they structure things differently. Where do you go and how do you maintain it and how do you document it?

    So I'm frustrated often when I get involved in vertical software where they start to brand or rename things, or they've adopted terminology. An example with WatchGuard is that every time I want to find a log, I have to search forever to find just basic logging. It's in there someplace, consistently. It's just that there isn't a button that says "logging."

    For how long have I used the solution?

    I've been using Firebox for two or three years.

    Buyer's Guide
    WatchGuard Firebox
    November 2022
    Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    653,757 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    The stability seems perfect. The last time I rebooted it was a half a year ago. 

    Hardware-wise, it's comparable to a Linksys consumer perimeter device. It's obviously got more bells and whistles behind it. It's some sort of ARM processor. I'm sure it's pretty low power. It sits there and idles and I can always get on it, and I can set it up with additional security to keep the ports safe. 

    The DNS works fine, although it's a little clumsy to find, and get at, and get set up. And I can set up some sort of VPN on it. I haven't at this point, but I've got a couple of licenses for VPN if I needed that for my home office.

    What do I think about the scalability of the solution?

    In terms of scalability, I would imagine they know what they're doing. I would imagine you could make it as big as you want it. I've seen some of their devices, with the intrusion detection, that are designed for large networks. We've got 15 or 20 devices here. At any given time, I have five active users, and they're mostly just getting Gmail or streaming music to their desktops. Our needs are really small, but I would imagine that a company like WatchGuard knows what it's doing and that they could scale it up as much as you need it to. 

    There's also WatchGuard Cloud. I think it's part of a subscription service and it maintains some sort of a threats database or maybe prevents users from getting on certain items. But those things are frustrating. You set them up and then people can't get where they want to go, and you have to crack the cloud on that. It's one thing if you're administering hundreds of desktops, but I can see all of mine. I know where my security problems are.

    When I first got the device I was thinking, "Oh, I could at least, just out of curiosity, dig into the intrusion detection and traffic monitoring stuff." I was reading some of the guides. It has the power, but it's going to start to slow network traffic at a certain point. So I just didn't pursue it anymore. My impression was that you would want to buy models that are two steps larger than this if you wanted to actually do any effective stuff. 

    For my purposes, I would just fire up a virtual machine, install pfSense and Snort, and figure out how that works. I could have as much hardware as I needed anytime I needed it.

    Which solution did I use previously and why did I switch?

    I had an inexpensive perimeter device, a $100 Linksys product. Behind that, I had DNS, DHCP, NTP, print servers, and my domain management. I use Samba for that. I just used whatever firewall was there.

    I switched to WatchGuard because I was experimenting with this VAR—he's a friend—to see if I could take what I've done and to get to know some of his tags and put some sort of a service agreement on my infrastructure, through his resources. We talked about it and they were seemingly interested. They do documentation or I might bring them in to do some of the coding projects I suffer with.

    My experience has been, in my unique situation, that when I end up bringing somebody in from a third-party, it's more work to train them. You're training somebody from a VAR and they are going to charge $150 an hour or so. That's a pretty healthy investment. The training would take a lot of my time. If I take that time and just solve my problem on my own, I get a two-for-one. I don't have to pay for it outside the company.

    But that's why I was bringing in this WatchGuard device in my particular situation. I was just experimenting and seeing if I could find a guy at this VAR whom I felt was worth investing more in, and having him be a third-party to maintain my system if it goes down or I get hit by a bus.

    How was the initial setup?

    I had to learn it. I had to find where they put stuff.

    It took minutes to get the thing up and operating. I started to configure DHCP and puzzle through what they meant by that, and find ways to identify what leases were there and if it was able to register with this other DNS server I have on it.

    I've fussed with it any number of times, setting up the port-forwarding for the RDP clients. I knew where to go and what to do, and I got that working pretty quickly. But that was one of the situations where I needed to see a log to see what was happening—it wasn't answering—and to find out what the function was, I had to find the log. It took me an age to find the log. Once I found out what was being rejected, then I figured it out. I've had a couple of bouts of that.

    What about the implementation team?

    The VAR came in—they charged me plenty, a couple of hundred dollars—to set the thing up. He put the thing down. I said, "How do I get onto it?" He made an account for me on it, but it wasn't, by design, to be user-configurable. Normally, they would configure it from their side and every time I would want to make a change I would have to call them.

    Then I asked him about the DNS , and he said, "Well, is this it?" He didn't really know it very well. He was just a mid-level tech for a VAR who can set the things up in their base configuration, but he couldn't answer any questions.

    From there, it was me. I can't get support from the WatchGuard group itself because they work through the VARs. So I'm looking at those websites that have server guys who talk about things that frustrate them, to find where the DNS is. Even now, I can't easily find logging. I have to search for it every time I want to see a log. The frustration I have with these devices is that they're put together in a certain way and you've got to learn where they want you to go to get what you want.

    What's my experience with pricing, setup cost, and licensing?

    I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it. I imagine there's some aspect of it that I won't be able to utilize if it goes off of support.

    For what it is—for example, for a doctors' office building or a situation with remote offices and no tech guy on staff—it's perfect. It has antivirus subscription services, IPS, web blocker, file exception, spam blocker, application control, reputation defense, botnet detection.

    It works out to $100 or $200 a year if you buy several years at once. It's fair. But when you get into the intrusion detection and gateway stuff, it can be fairly expensive and you're going to need more expensive hardware.

    Which other solutions did I evaluate?

    I looked at a lot of stuff. I'm familiar with pfSense. I have used that a little bit here and there over the years, so if I went to an open-source solution I would go straight to that. And I looked at the professional versions and this one had a $700, three-year service contract on it and it handled VPN. The VAR supported it and they like it.

    I don't really feel that it improves anything compared to a more common firewall device. It's certainly less capable or less configurable compared to something like a pfSense, an open source perimeter device that can be integrated with intrusion detection and network monitoring on a computer or on a virtual machine-type of setting.

    The thing that the Firebox adds is it's managed and a VAR can support it. It's a known entity. It's supportable, whereas it's more difficult to support a pfSense-type of setup. You pretty much have to maintain the latter yourself.

    It's there for a reason. It's there for VARs to be able to put in a known device that they can train on and the user doesn't need to manage it much. In my circumstances, I'm the IT guy of the company, and it's a small company. I'm also the owner and I understand this stuff. It's somewhat of a hobby for me to be able to configure and have a competent domain, without having to pay a VAR tens of thousands of dollars a year, and without having to pay subscription services. I'm not the targeted client for it. I'm more like the hobbyist and the super-geeks who use open source, freely available tools. The types of people who need this sort of service shouldn't listen to me. A hobbyist would never touch this product.

    What other advice do I have?

    Use it. It's very unlikely that a perimeter device is going to be cracked unless you leave something really crazy open. Most consumers are going to have some sort of perimeter device involved with their internet delivery and they're going to have some sort of a reasonably clean plug, with some port forwarding for their outbound connections coming into their network. And then if they're geeks, they're going to set up a pfSense virtual machine or get a little ARM processor.

    I wanted to have a physical device at the network that I could just glare at. But you can set up a perimeter device with hardware, pfSense, or virtual pfSense, in the back of a 20-year-old computer. As long as you're careful about how you set up your routing, it's as effective as anything.

    In terms of its throughput, we barely use it. All we're really doing is using it as a perimeter device and gateway. It's just fine. It's a tiny little thing. It has two interfaces plus the WAN interface. It's fine for what I do. I trust it being maintained. And until I got to the point of wanting to use it for domain monitoring, and traffic shaping or IDS-type of stuff, it really didn't require any processing power. It's competent for that.

    It's a firewall so it provides my business with layered security. But it's got additional options, many of which you have to pay for. My device is too low-powered to efficiently host any of that stuff. I'd probably have to upgrade hardware in order to do the layered security types of things, and I would probably have to pay a fairly expensive subscription.

    For the cost, if I got to the point where I was going to make a change, I would probably go to an open source tool, and suffer through that too, but get it to the point where I could do pretty much anything I wanted with it.

    I should be in a situation where I have somebody else maintaining this stuff and not doing it myself. If that was the case, I would use a device just like this. But if I'm still playing around with the nuts and bolts of IT management in my company, then I'm probably going to revert to an open source tool again.

    Firebox is 10 out of 10 at what it does. In terms of usefulness and reducing frustration, at my level, it's a three. It's not targeted for me, but it's good at what it does. Overall I would rate it at eight. I don't have a bad thing to say about the hardware and the software, for what it is. It's just frustrating for my particular use case.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Marlon Sealey - PeerSpot reviewer
    I.T. Co-ordinator at National Lotteries Control Board
    Real User
    Top 20
    Allows us to manage VLANs and to review and determine what traffic we want to allow or deny
    Pros and Cons
    • "Two of the functionalities we use most are the traffic monitoring and the full panel dashboard. Those are two things that are very useful for us... In addition, it provides us with layered security. It allows us to determine what types of access, to which networks, we want to allow or deny."
    • "I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not."

    What is our primary use case?

    We use them for perimeter security and also to manage virtual LANs.

    How has it helped my organization?

    The main benefit for us is the ability to manage the VLANs. It allows us to monitor types of traffic and to actually review and determine what traffic we want to allow and deny. It also allows us to modify the categories of restrictions that need to be applied.

    It has also simplified some of the processes that we have. For example, we were having some issues in identifying where most of our bandwidth was being used up, which devices and which users, and what they were using the bandwidth to do. Were they watching videos or were they looking at some other bandwidth-intensive site or application? We have been able to determine user behavior on the network.

    We are quite happy with the Firebox. It really helps us with the ease of managing firewalls at other locations. It has really helped us save time by not having to go to other locations. We have devices at two smaller offices, where we don't have IT staff. It has allowed us to remotely manage and update the firewalls at those locations. It's saving us at least four hours a week.

    I don't think it has helped improve productivity in terms of efficiency, but it has enabled us to improve the security of the network. We don't have to worry as much about where the users are going. And if a user was blocked, it will let us know why they were blocked, what category of trip was being blocked, or what policy it was blocked under. Even if our staff is going to a legitimate site, but the site is under a wrong category, it allows us to put that site on our exemption list to allow it.

    It has also really helped us with our management and to monitor internet usage. Our department is just three people and it has made it very easy for us to manage.

    What is most valuable?

    • Two of the functionalities we use most are the traffic monitoring and the full panel dashboard. Those are two things that are very useful for us.
    • It's very easy to use. The interface does not present a challenge for the user. It is a great device for small businesses with up to 500 users. It allows easy management of all devices from one central device and updates are very easy as well.
    • The performance is also very good. The throughput is excellent. I've not had any issues with that so far.
    • The reporting and management features are excellent. They're easy to navigate and very intuitive, and reports are easy to read.
    • In addition, it provides us with layered security. It allows us to determine what types of access, to which networks, we want to allow or deny.
    • We also like the site-to-site VPN that allows us to connect to and securely access devices at other locations.

    What needs improvement?

    I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not.

    For how long have I used the solution?

    We have used WatchGuard Firebox for seven years.

    What do I think about the stability of the solution?

    The Firebox is very stable. We have not had a failure over the seven years we've used them.

    What do I think about the scalability of the solution?

    In terms of scalability, we would need to add another device to the M300 that we have right now. I know there are models of Firebox that you can actually add hardware to, to get them scaled up and for additional portals. But the one that we have, in terms of subscription, is very scalable in terms of features, and it integrates with WatchGuard's central interface where it can update our firmware as the updates come out.

    What we want to do is put in some more redundancy in our network access. We want to have a second Firebox at each location. We have two ISPs at each location, so instead of both ISPs going to one Firebox, we want to split the ISPs between the two Fireboxes and have load balancing through the internet on firewalls.

    We have 100 employees at our head office, and we have 10 employees at our sub-offices. In terms of devices, we probably have about 150 devices, including printers and computers at our head office, and about 12 devices at each of our sub-offices.

    How are customer service and technical support?

    We used the technical support once, when we had some issues with employees trying to access legitimate sites. That is when we learned about setting exemptions for certain sites. A company might be a travel site, for instance, but due to the amount of advertising they do, it might be flagged as an advertising site. To resolve that issue, when it's a legitimate site that does a lot of advertising, you can go to support for help in figuring that out, and also for help in putting necessary exemptions in place. 

    The support was very professional. They were very patient, and they explained the issues and the solutions fully.

    Which solution did I use previously and why did I switch?

    I don't have a lot of experience with other firewalls. There was a Cisco Certified office that I was exposed to before we moved to the WatchGuard Firebox. It felt like the WatchGuard was a lot easier to use, and easier to set up than the Certified Office device.

    The primary reason that we went with Firebox was its cost. It is very economical and it provided us with all the security functions that we were looking for at the time. And the throughput was more than what we required, so it was a very cost-effective device to deploy on our network.

    How was the initial setup?

    The initial setup of Firebox was straightforward. It was not complex.

    For our deployment we configured all three access points at one location, our head office, and tested them in that one environment. Then, at the various offices, it was just a matter of changing the IP address. We had one technician go to one office and another technician go to the other office to install the Fireboxes and connect them to the network. As they were plugged in, they connected and it provided the service that we wanted from day one. We didn't have to do too many reconfigurations. The policies that come with it out-of-the-box provide adequate network protection, and we just had to put in special policies to allow various types of traffic, either both ways or one way, to various ports on the firewall. We didn't have many problems in getting them up and running at each office.

    Deployment took one day at each location. Overall, we were able to prepare the Fireboxes and test them in less than a week. We prepared everything at one location, did the testing on the second day, and on the third and fourth days we went to the other two office locations to install them.

    What was our ROI?

    With the Firebox solutions we have had a lot more accessibility, in the network, to our third-party vendors and suppliers. Prior to that, we did not have a direct connection to those companies, but with the Firebox we were able to configure a DMZ, and that allowed us to apply the granular restrictions that we really wanted. It allowed us to reduce the number of devices that we have on one desk, at certain workstations. Instead of having the supplier's computer and our computer, we were able to use just one computer, and connect to the supplier.

    What other advice do I have?

    Going with the Firebox is a no-brainer. It provides the necessary security, out-of-the-box, for your configuration of the policies. It's very easy to use and it also gives you a reporting dashboard that can be customized. It makes a lot of sense out of all the data. It's very easy to read. We use a 40-inch display in our office and have it connected to the Firebox so that we can see what's going on on the network. We can look at it and see how the traffic is going through it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    WatchGuard Firebox
    November 2022
    Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    653,757 professionals have used our research since 2012.
    ICT Manager at a maritime company with 11-50 employees
    Real User
    Easy to deploy and it provides useful data on threats
    Pros and Cons
    • "All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited."
    • "There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well."

    What is our primary use case?

    We primarily use WatchGuard Firebox like a typical firewall, to protect ourselves from outside and inside threats. 

    I have the WatchGuard Firebox M270, deployed on-premise. 

    How has it helped my organization?

    WatchGuard Firebox improved our organization by acting as a firewall, with all the specific components of one. If you have an antiviral solution, you can see how many were blocked; from where they were blocked; what the statistics are on the areas that the attacks came from; and if there are attempts, or if they do get through the firewall, where they came from and where they went. You know exactly what to look for, to see if there is any kind of penetration inside your system, or if anything has been compromised, and you can take any measurements against these threats. 

    What is most valuable?

    All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited. 

    What needs improvement?

    There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well. 

    Most of the features that I have right now are more than okay with me, but something like a better interface is always worth suggesting. Also, things like computer-based training on firewalls and specific solutions—especially in things that have been deployed on every new version—is usually something that we need to see in order to understand what, exactly, these people have created for us. 

    For how long have I used the solution?

    I have been a WatchGuard user since 2004. 

    What do I think about the stability of the solution?

    This solution is stable. 

    I am the only one who maintains the firewall—we don't have a team to handle it. 

    What do I think about the scalability of the solution?

    This solution has been scalable to the level that my company wants. 

    Behind the firewall, we have 60 users. On a daily basis, there are approximately 40 to 45 users in the office: they are people from the purchasing department, technical department, accounting department, operation department, etc. 

    How are customer service and support?

    In general, their support is okay, and nothing fancy. We have had a few chats and a few cases on several things that I wanted to do by myself, but needed some guidance on. The speed is not the speed of light, but we are getting through to what we want to have within a day or so. 

    Which solution did I use previously and why did I switch?

    I don't have any comparison to make with a solution that's on the same level as WatchGuard Firebox. We had some experience with all of the Cisco firewalls, but they didn't have the same level of security that we have with our existing firewall. Those were quite old, so I cannot really compare that old technology with something that is so new. 

    How was the initial setup?

    The initial setup was quite straightforward because we are a small company. We have 50 people working at this company, so it's a rather small installation with no fancy or complex configuration. The deployment took an hour or so, but from that point on, there have been numerous hours of work to get up to the point we're at now with our firewall solution. 

    It's quite easy to deploy because the initial installation doesn't involve many fancy things. Out of the box, it's quite clear that it has features that need to be blocked, and these features have already been blocked by default, to help anybody deploying this solution. It's like having 35%-40% of your configuration ready, so you only need to add another 25%-30% to reach approximately 70% of your full configuration, which takes no more than a couple of hours. The additional 30% are the small, exact things and the prediction correction, the things that are usually done on a firewall solution in the following hours, days, months, years by the users of the device. However, you can reach the level that you personally believe in, 100%, within a matter of days if you know exactly what you need to do. 

    What about the implementation team?

    I implemented this solution all by myself, since I was lucky enough to have basic firewall knowledge. Our implementation strategy was to get to the level, as fast as possible, where I could meet the minimum requirements of the company, concerning its firewall policy. 

    What was our ROI?

    I have definitely seen a return on investment. To be exact, you cannot really value the return of investment on this kind of product because an IT product usually delivers services that cannot really be measured in money. Rather, it can be measure in things that we can do and things that we cannot do. So, money-wise, you cannot really measure it, but if I'm measuring it on things that I wanted to achieve with a device, there was a 100% return back. 

    What's my experience with pricing, setup cost, and licensing?

    The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use.

    What other advice do I have?

    I rate WatchGuard Firebox an eight out of ten. 

    This is a solid device and it delivers what it says. It doesn't do fancy or extraordinary things, but it does delivery exactly what it's supposed to deliver. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Technical Support at a tech vendor with 11-50 employees
    Real User
    Well priced solution for Firewall and VPN features
    Pros and Cons
    • "The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser."
    • "In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing."

    What is our primary use case?

    Actually, we do not use WatchGuard Firebox, we just sell and sometimes deploy and install it for the customer. We usually set up a few basic policies then give it to them to continue on.

    What is most valuable?

    The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser.

    The other feature is the side to side VPN. We have a bank client and they use a WatchGuard device for their headquarters and other WatchGuard devices for their branches. Setting up those IP's and VPN's was quite easy because the relay was at the branch office where the VPN resides. So that was quite handy to set up.

    What needs improvement?

    In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing.

    We have seen other products like Sophos, Checkpoint and Palo Alto that were much easier to set up their web built setting than it is with WatchGuard. So aside from all other features, including the VPN security policies, the only feature that is quite confusing is the web block feature.

    They could make the web blocker much easier to set up.

    What do I think about the scalability of the solution?

    In terms of scalability, they have models like the 5,000 series and 6,000 series. We have not reached that yet. We are only a small company and our customers are only small and medium businesses. So no enterprise companies yet. But I think if we need a bigger box, we would go with the 5,000 series.

    Right now we're only at about 200 hundred users. Sometimes we are trying to push for the 300 series or 500 series, but not yet.

    We require a staff of one or two for deployment and maintenance.

    How are customer service and support?

    I think technical support is okay. When I log a case, they usually respond within a day. Then, if they need to do some things for the client, they are quite flexible and do it based on the client's schedule. So no problem with the support. They are good. So far all our issues we have raised, and we have large cases, have been resolved. So their tech support is quite good.

    Which solution did I use previously and why did I switch?

    We switched because WatchGuard is cheaper. An old product that we previously sold was quite expensive, especially the security renewal after every year, but WatchGuard offered quite a competitive price and in a bundle that was much easier to understand. Cyberoam, for example, was quite complex to set up under licensing. Cyberoam was bought by Sophos. So we switched to WatchGuard for the price.

    The main highlight is price. The client has quite a tight budget so we can offer much more with WatchGuard.

    How was the initial setup?

    Setup was easy because the manual was there and it was quite easy to connect to a particular port. It's very understandable. Setup was very straightforward, nothing complex.

    Deployment could take only a few minutes or up to an hour and we can already set up a few basic policies. But the thing that drags longer is teaching the client to use it and to set up their own security policies. Sometimes they don't have enough experience at setting up WatchGuard, it's still new to them. But maybe after a few hours of lectures from us they get it. We still continue to support them after initial set up, for example if if they want to set up a policy we can assist them with that.

    What was our ROI?

    I have seen a return on investment, especially for the client. They have less problems in the bandwidth because the users are not going to unnecessary sites. So productivity should be better. Clients would not be tempted to browse unnecessary sites, games, download movies, because there is a firewall with restrictions in the policies. So therefore, the users would be performing at their best.

    What's my experience with pricing, setup cost, and licensing?

    The box costs 180,000. One third of the price of the box goes to the yearly renewal fee, around 50 or 60, for the basic. There is the advanced feature which is half of the box, but the basic is quite enough for most of our brand, which is why we have not used the TDR yet.

    And the response comes free for the advanced features and advanced licensing.

    What other advice do I have?

    The advice I would give to anyone considering WatchGuard Firebox is that it is a good product, despite what they say about it not being in the Gartner quadrant leaders. It performs well. It's fast. The only downside would be the web filtering side of things. If the client wants a good web filtering device, they have to go to another vendor, but just for Firewall IP and VPN, I think WatchGuard will be good.

    I'm not saying that the web filtering for WatchGuard is really bad, just confusing. Some clients don't want to do something that's confusing for them, they prefer something easy, but if they can live with a little confusion, then it's okay. But it is good to have a good partner, someone like us, in case the client has a problem setting up their policies, especially in the web filtering, we can help.

    Speaking on behalf of the client, I think they are okay with the solution. They are still continuing to use it past a year already, and they continue to renew. They are satisfied with its performance and what it is capable of doing.

    On a scale of one to ten, I'll give WatchGuard Firebox an eight.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Lead IT Systems Engineer/Solutions Architect at Queensland Aboriginal and Islander Health Council
    Real User
    Functional, with features that work well, has good reporting and dashboard capabilities, and manages traffic more efficiently
    Pros and Cons
    • "What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
    • "What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."

    What is our primary use case?

    WatchGuard Firebox is used as the core firewall. It's also used for routing purposes. As a software, it's also used as a VPN access for external clients.

    How has it helped my organization?

    How WatchGuard Firebox improved my organization is that it provided a deeper level of traffic management. It allowed the company to more effectively manage the network traffic, which led to higher efficiencies across the network. Though FortiGate does a much better job of managing traffic, WatchGuard Firebox does it more efficiently.

    What is most valuable?

    What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great.

    What needs improvement?

    What could use some significant improvement in WatchGuard Firebox would be its interface and policy management.

    An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it.

    For how long have I used the solution?

    I've been using WatchGuard Firebox since 2016. I'm still using it.

    What do I think about the stability of the solution?

    WatchGuard Firebox is a very stable product with no issues whatsoever.

    What do I think about the scalability of the solution?

    WatchGuard Firebox is a very scalable product. My company decided, after initial implementation, to move to a redundant core network, and it was able to implement a second device seamlessly to act as a passive follow.

    How are customer service and support?

    All of my interactions with the technical support team of WatchGuard Firebox have been great, so far. The support team is very responsive and very knowledgeable. I haven't had an issue that the team hasn't been able to resolve. The team always responded within the SLAs.

    On a scale of one to five, I'm rating the support for WatchGuard Firebox a five.

    Which solution did I use previously and why did I switch?

    We used Palo Alto before WatchGuard Firebox, and the reason we switched was because of some failures in the Palo Alto firewall.

    How was the initial setup?

    The initial setup for WatchGuard Firebox was very straightforward, though my company has a relatively complex network utilizing SD-WAN, MPLS, and BOVPN technologies. On a scale of one to five, where one is the worst and five is the best, I'm rating my setup experience a four. There's always room for improvement, but it was a fairly good process.

    The deployment of the WatchGuard Firebox took eight hours to complete.

    WatchGuard Firebox has been implemented as the core firewall for the organization. The reason my organization upgraded to the device and switched from a previous software was due to a hardware failure of the previous firewall.

    What about the implementation team?

    We deployed WatchGuard Firebox internally, through my team.

    What was our ROI?

    In terms of ROI from WatchGuard Firebox, from a data perspective, I couldn't share only because my company doesn't have any metrics on ROI. However, I can say that the threat management and prevention features such as IPS and IDS caught several malicious files coming in through the firewall or WatchGuard Firebox, so I suppose that alone makes it worth its weight in gold.

    What's my experience with pricing, setup cost, and licensing?

    We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs.

    Which other solutions did I evaluate?

    I didn't evaluate other solutions, apart from Palo Alto, before using WatchGuard Firebox.

    What other advice do I have?

    I'm using the latest version of WatchGuard Firebox.

    My company has one thousand and five hundred users of WatchGuard Firebox in IT, Finance, and Graphic Design.

    At this point, there's no plan to scale WatchGuard Firebox, but it's fairly well-configured to scale if required.

    I do ninety-nine percent of the work in terms of maintaining the product. One person seems enough for the maintenance of the WatchGuard Firebox.

    The only advice I would share to others looking to implement WatchGuard Firebox for business is to consult with a person experienced on the platform, specifically during your first implementation, just because there could be some unique issues that you may face that you won't find outside of the WatchGuard platform. Overall, I would recommend WatchGuard Firebox to others.

    In general, I'd give WatchGuard Firebox eight out of ten because there's always room for improvement. No product will ever get a perfect ten. I ruled out nine as the rating and I gave WatchGuard Firebox an eight just because fundamentally, a firewall packet and policy management is at the forefront of what a firewall does, and not being able to modify the policy really bumps the product down a little bit in terms of rating, in my opinion.

    I'm a customer of WatchGuard Firebox.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Mohamed Y Ahmed - PeerSpot reviewer
    Technical & Pre-Sales Manager at GateLock
    Real User
    Top 5Leaderboard
    Easy and quick to set up with a helpful wizard, offers good protection, quick technical support
    Pros and Cons
    • "This product offers great protection using the default settings."
    • "This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."

    What is our primary use case?

    We are a solution provider and WatchGuard is one of the product lines that we implement for our customers. I am the person in the company that is responsible for WatchGuard products.

    We do not use this product in my organization. I'm enabling partners and providing training for them on how to use this technology and how to sell it.

    I assist customers with implementing PoC installations in different environments.

    My client that recently implemented WatchGuard Firebox is running an ERP that is used by clients that are in different countries from around the world. They are using Firebox to protect the ERP from outside threats. Essentially, they need to protect the perimeter because users come to the server from different environments.

    This solution protects the cloud-based server from incoming and outgoing traffic. In this regard, it acts as a web application filter for the server.

    What is most valuable?

    This product offers great protection using the default settings.

    What needs improvement?

    The vendor needs to address customer concerns and develop more according to requests, instead of prioritizing based on the existing roadmap. This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests. This is especially true in cases where the feature is common among competitors.

    In the future, I would like to see better integration with Active Directory. It should depend on the user's login. This is a feature in big demand and most competitors do not deal with it the right way. Making this change would make sense with customers.

    For how long have I used the solution?

    I began using WatchGuard Firebox approximately two years ago.

    What do I think about the stability of the solution?

    This is a very stable product.

    What do I think about the scalability of the solution?

    Scaling this solution requires a migration plan. For an on-premises deployment, there can be challenges related to extending the hardware appliances. A single box is not scalable itself. Rather, you need to migrate to a bigger appliance. But, there is an amazing feature for this called offline configuration.

    The offline configuration capability lets you migrate settings from one box to another in minutes. After five minutes, everything will be migrated to the other Firebox and it will scale smoothly without any interruptions.

    How are customer service and support?

    Technical support for this product is perfect. If you open a ticket with them, even with the slowest SLA, they reply to you within four hours. You can also request that they open a remote session with you.

    When it comes to feature requests, however, the vendor takes too long to reply.

    Which solution did I use previously and why did I switch?

    Quite some time ago, I had experience with Sophos products as a distributor in Egypt.

    I also have experience with products by Fortinet. I have been evaluating Fortinet because they are one of our competitors.

    How was the initial setup?

    The initial setup is very easy and straightforward. They have a great wizard and it has a great default protection setting. Anyone that is setting it up for the first time, or has not even used a network security product, doesn't need an expert to configure it. The default protection for threats is great.

    This is always deployed in a virtual environment, either on-premises or on the cloud. The deployment can be completed in six to ten minutes.

    What about the implementation team?

    I deploy this product for my customers.

    The staff required for deployment and maintenance depends on the project capacity. For a small or medium-sized project, one person is enough. For the smoothest deployment, this should be an engineer or an experienced technician that is aware of network security.

    What other advice do I have?

    My advice for anybody who is implementing WatchGuard Firebox is to follow the guidelines and best practices that are available on the WatchGuard help center.

    I would rate this solution a nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Reseller
    A user-friendly, stable, and scalable solution that runs for a long time and can be deployed remotely
    Pros and Cons
    • "The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on."
    • "Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for."

    What is our primary use case?

    We are using it for firewalling and providing wireless network connectivity for access points. It is a standard product for our infrastructure. 

    How has it helped my organization?

    We can implement it very easily. There are some standards that we can explain to our colleagues. It is easy to maintain the same type of installation at various customer locations. It is easy to pass on the information to our team about how to implement it in the same way.

    What is most valuable?

    The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on.

    What needs improvement?

    Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for.

    For how long have I used the solution?

    I have been using this solution since 2014.

    What do I think about the stability of the solution?

    It is a very stable product. Usually, we have several years of uptime on WatchGuard Fireboxes. They can run for very long without any issues.

    What do I think about the scalability of the solution?

    It is very scalable. We have several customers with several sites, and we can easily extend the network by using Fireboxes at several sites with site-to-site tunnels. If you use the WatchGuard system management software, you can even drag two Fireboxes together, and they automatically make their own tunnel. You don't even have to perform any additional tasks. It is very user-friendly in terms of scalability.

    How are customer service and technical support?

    We get good support. It can take a bit longer only in the case of a specific problem that even they are not aware of, but that's the case with many of their competitors. In general, their support is very good.

    How was the initial setup?

    It is fairly easy to deploy. You can also deploy it remotely. It provides a very easy and out-of-the-box experience.

    What's my experience with pricing, setup cost, and licensing?

    It has a very good price. It is not the most expensive one, and it is also not the cheapest one. It is just spot-on in terms of price.

    Which other solutions did I evaluate?

    We evaluated Fortinet and Cisco. We chose WatchGuard because we wanted our engineers to be able to learn and work with the product in a very short amount of time.

    When comparing Fortinet and WatchGuard, in the past, Fortinet was before WatchGuard in providing the features for directly resolving DNS names and hostnames and making additions to the rules. A few months later, WatchGuard also implemented these features. Nowadays, it goes both ways.

    What other advice do I have?

    I would advise others to definitely take the WatchGuard Essential Security training course, which is a four-day or three-day course. It really gives a broad overview of the product. You get a good, basic, and overall feeling of the product. You can take it in groups. We normally go with four to five engineers of our company. Most of the time, after that course, you can implement the basic product and even scale it out to many more locations without requiring additional training.

    I would rate WatchGuard Firebox a nine out of ten. I am pretty satisfied with this solution.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
    PeerSpot user
    Global Head ICT (CITP & MIE) at The Aga Khan Academies
    Real User
    Top 5
    Helpful for policy-based usage and monitoring our mail services, very stable, and fast support
    Pros and Cons
    • "Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable."
    • "The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in."

    What is our primary use case?

    We run education organizations. We have students and staff working on campus. We wanted to be protected within the campus as well as outside the campus.

    I am using WatchGuard Firebox XTM 850, and I have its latest version.

    How has it helped my organization?

    In terms of users within the campus, the policy-based usage helps us where we allow something during the daytime, something after school hours, and something during the night. In terms of outside the campus, it helps us in monitoring our mail services. All our deployments are protected from external users.

    What is most valuable?

    Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable.

    What needs improvement?

    The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in. 

    For how long have I used the solution?

    I have been using WatchGuard solutions for the last ten years.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    It is scalable. We have about 1,200 users at this point in time, but the number of devices exceeds 2,200. There are multiple devices per person in today's world. A staff member is using three or four devices, and students are using at least two, which makes it 2,500 or 3,000 devices.

    How are customer service and technical support?

    Their technical support is very good. You get a response within 15 minutes to an hour at the max.

    Which solution did I use previously and why did I switch?

    We had Cisco ASA Firewall. It was a very simple firewall.

    How was the initial setup?

    Its initial setup is very straightforward. It took 30 minutes.

    What about the implementation team?

    A consultant from WatchGuard was there. He showed it once, and our people could do it easily. They have deployed it again and again. It is pretty simple. 

    You just need one person for its deployment and maintenance. Security personnel is the one who manages it.

    What's my experience with pricing, setup cost, and licensing?

    They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years.

    Which other solutions did I evaluate?

    We evaluated SonicWall, Palo Alto, and Cisco, but this was the best.

    What other advice do I have?

    I would rate this solution a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free WatchGuard Firebox Report and get advice and tips from experienced pros sharing their opinions.
    Updated: November 2022
    Buyer's Guide
    Download our free WatchGuard Firebox Report and get advice and tips from experienced pros sharing their opinions.