WatchGuard Firebox Reviews

We use WatchGuard Intrusion Prevention Service to secure our servers. It's usually deployed to protect the whole network and the service.

It works right out of the box. You just have to enable it and you can start working. I have worked with other firewalls as well. With other solutions, you have to do a lot of tweaking. WatchGuard is pretty simple to use and easy to pick up.

It's pretty simple. It's very user friendly. I don't really see a way to simplify it further.

I have been using this solution for more than four years.

It's definitely stable. Sometimes there are some issues, but they usually get fixed with the updates — it automatically updates.

In terms of scalability, the interface and everything remains the same. If you go for a very small device or even a very large device, the user fee and the user experience is the same. So, obviously, you should go for a large device. At any time, if you are willing to upgrade, if you want to scale up, then you can just buy a new device and deploy it. The best thing is that you can just migrate the same configuration from a small device to a larger employee's device.

Regarding technical support, they could use more engineers. There is less support from engineers and they give you less time. There is always room for improvement regarding the support.

The initial setup is very straightforward. It can be deployed within three to four hours.

The price of WatchGuard Intrusion Prevention Service is pretty reasonable compared to similar solutions. The pricing is pretty competitive.

On a scale from one to ten, I would give this solution a rating of seven. If they made it more stable and improved customer support, I would give them a higher rating.

It is mostly for small to medium-sized businesses. Usually, large organizations have different requirements and they look for different kinds of products. 

Our company routinely deals with credit card numbers in transactions and we use WatchGuard to protect our clients' information. 

The most valuable feature is the protection that it offers.

The analytics are important because if there is an abnormality then it provides that information to us.

The ease of detecting where an issue is should be improved. It would be helpful if when an issue is detected, the system can send us an SMS message to our phones. This would allow us to immediately respond.

I have been working with WatchGuard since 2015, although we only implemented the Threat Detection and Response earlier this year.

Technical support is good. Our level one support in the country is near our office and when we have an issue they immediately respond.

We have had no issues with deployment because it can be pushed to the client.

The pricing is competitive.

When we implement a new product such as this, we start with a PoC. We ask our vendor to provide a demonstration and then we use it in our environment. This allows us to test each of our scenarios. My advice to others is to follow this approach whenever they want to use a product. Do the testing before they buy it.

Every product has it's weaknesses. Just because it benefits one company, doesn't mean that it benefits another. This is why testing is important.

I would rate this solution an eight out of ten.

The solution is very powerful.

It is the most effective on non-encrypted traffic and it is able to determine some threats through deep packet inspection. 

There is a basic deep packet inspection within the antivirus that is able to be run against proxy filtering and certain policies. It's pretty standard in the industry. 

The solution isn't what I would consider feature-rich.

Due to the fact that the high volume of traffic that is currently encrypted, I find that the antivirus is less effective every year. That's not just WatchGuard, however. It's the biggest area in need of improvement right now is as a whole in the industry. It has the same weaknesses other firewalls have, and that's its inability to dissect encrypted traffic. It is capable of doing it, however, it requires some specialty configuration that often interferes with Azure, Amazon cloud services, or things of that nature.

It would be useful if we could be able to get a report as to why the solution is doing one action but stopping another. You can configure it as part of the firewall to decrypt that traffic, effectively making it a middle man, however, in doing so, you often disrupt Microsoft Office 365 and Amazon Web Services. The capability is there. It is just not considered a recommended best practice.

While the ability to determine threats in non-encrypted traffic is a good part of a solution, it is not an adequate standalone. It does not have an endpoint component.

The feature I'm most interested in is additional endpoint protection, however, they recently purchased Panda. That would go in line with the EDR product. As a managed service provider, I'm always looking to simplify and clean my stack, so I can provide my customers with the best possible service with the least complexity. It's nice to know that they're actively working towards that already. 

Also, I should note that most of the features I want are currently already in beta.

I have 18 years of experience with the WatchGuard brand, and 13 years directly with their threat detection and response products. I've put in more than 30 pieces of WatchGuard hardware, firewalls, access points, etc., in the last 60 days.

I've been using WatchGuard's Gateway AntiVirus specifically for 15 years now.

The solution has remained very stable. It has never resulted in a service-related ticket being required or anything along those lines. Users can rely on it as it doesn't crash and there aren't bugs or glitches that affect its functionality.

The solution is very scalable as part of a whole solution. One of the best features is that it's capable of having file exceptions based on the MD5 hash.

As a consultant, I have many of the systems out in production and they are in environments ranging from five to 10 users, up to several hundred.

The technical support has been amazing. We're very satisfied with their level of support.

The initial setup was very, very easy. It was not complex at all.

Discussing licensing is tricky. It is not available as a standalone purchase. It is part of a whole, so I can't divide out the costs in an effective way.

We're a service provider and have been for a number of years. I'm a consultant.

The solution is part of the firewall and the UTM. It's never really handled as a separate entity, though it is licensed. It's part of their unified threat bundle.

I've used almost all of the current GUI interfaces. The antivirus has changed the backend engine a couple of times over the years. The current revision, I believe, is Bitdefender driven, but I'm not exactly 100% sure.

I'd advise other organizations, when setting up the solution, to configure all proxies and policies prior to doing the subscription service setup. 

If the policies are pre-configured and your proxies are set up prior to activating the security antivirus or the Gateway AntiVirus, 90% of the configuration is done for you. You only find yourself manually doing it if you are building rules after the fact.

As an antivirus and standalone product, I would rate the solution seven out of ten. The main reason is, as a gateway appliance, it does not have the capability to perform the same function as an endpoint antivirus. It is not a substitute for endpoint antivirus.

It's our firewall for the internet.

The most valuable feature is the NAT-ing, the IP addresses. What the firewall does is that it NATs through the IP addresses for different servers. We can direct the traffic where it needs to go. We can control the traffic.

It's fairly easy to use. I don't think we have any trouble with it.

We've also never had any trouble with the throughput or performance. We've just recently upgraded the internet and we're getting our router upgraded. Once we get that in place, we'll see how the Firebox responds. To date, we've never had any problems.

It also provides us with layered security.

I would like to see more tutorials on setting up the Firebox.

I've been Using WatchGuard for well over 10 years.

The stability has been fine. We've had no issues with its stability.

We haven't scaled it.

There are about 40 users, anywhere from plant production to purchasing to the president, and accounting. They all go through the firebox to get to the internet of course. It's used by all management in the organization, for sure.

We don't have any plans to increase usage of the solution.

There is just one person who handles the deployment and maintenance of the solution. He's a programmer.

We didn't have a previous solution. It's always been a Firebox.

I don't believe we had any trouble with the initial setup. 

My gut feeling is that we have seen ROI. It keeps us secure and it allows us to get out to the internet. As opposed to having no protection, it has provided ROI.

I've had no problems with the licensing.

It works for us.

In terms of simplifying any aspects of my job, there's nothing I can specifically say because I've used WatchGuard for so long that I don't have anything to compare it against.

It's our external firewall and VPN solution.

• It allows us to access the outside world.
• It keeps us safe from external threats coming in.
• It allows us to have remote access.

The fact that it just works is one of the most valuable features.

It's fairly intuitive when trying to figure out how to try to get things configured the way you need them. It either works or it doesn't, which means if you have a failure you have a chance to get things fixed.

In addition, I have not noticed any throughput issues at all. The device we have will actually operate at faster technologies than we have available to us.

Management of the solution is great and it also provides us with layered security. It has onboard virus scanning features that allow it to scan before something gets to the host. It will also stop a person from going to a site that is known to be bad.

There is room for improvement on the education side, regarding what does what, rather than just throwing it at a person and assuming they know everything about it. A lot of times, you have to call WatchGuard support to get the solution that will work, rather than their just having it published so that you can fix the problem on your own.

We've been with WatchGuard now for about six years. We've got their XTM firewall.

Their support is awesome. I get a solution to my problem within 24 hours, and if they don't have a solution within 24 hours, they usually have a higher-tier tech working with me until the problem is solved.

The setup was fairly straight forward. We were actually dealing with a failure situation when we received the product. So we had WatchGuard support on the lines from the get-go, helping us get started so that we could get the information. It's something that we would not have been able to do had they not helped.

The main firewall was deployed within a day. The satellites were deployed within a week.

We have two home offices that they're distributed to. Typically, I get the device in, I provision it with the workflows and the exceptions they need, and then they plug it.

I can't say whether Firebox has saved me time. It's a firewall and it does its job. So whether it be WatchGuard, SonicWall, or anybody else, if it does its job and I don't have to look at it, I'm happy. I haven't really looked at a lot of the reporting features. I mainly go in there, figure out where people are having troubles, and fix their problems. 

We were primarily using WatchGuard to control applications that were trying to access offsite network locations.

I am no longer using this solution because it was in my previous job.

This is a feature-rich product.

The most valuable feature is the category control.

This is an easy product to manage.

There should be more reports available on different subjects. There is a set of predefined Dimension reports but there needs to be more available on aspects like security and Wi-Fi.

I have been working with WatchGuard for more than eight years.

It is a stable solution.

We only had a single site, albeit a large one. Scalability was not something that I had to test beyond the one location, but it was good for our environment.

I was in contact with the WatchGuard technical support three or four times. I was satisfied with them and their responses. We had a WatchGuard Gold Support package.

I have also used Sophos Application Control and from my experience, WatchGuard is the better solution. With Sophos, it is not as easy to block categories, and creating firewall rules is much more difficult. 

The initial setup was generally straightforward. We had a little bit of difficulty with our second installation, which was virtualized. It took us two or three days to move from our on-premises deployment to the cloud. It was easy because we already had all of our rules in place. This included testing and not just the implementation.

When we first implemented WatchGuard, we had the help of a solution provider. 

For what we needed, WatchGuard was fine and generally covered our needs. It is easy to maintain and it is a product that I recommend. That said, there is always room for improvement.

I would rate this solution a nine out of ten.

We use it internally and we are an MSP for lots of other companies that use it as well. Our primary use case is to block applications. 

It does the job of what it says it does. We set it to what we want it to block and then it blocks it. 

They could expand the amount of applications that are on the list, but it's pretty intensive anyway, so it's pretty good.

I have been using this solution for five years. 

We don't get any issues or bugs with it. The stability is good. 

There are two IT guys who use it in our company. 

I have contacted their technical support and they were very, very good. 

The initial setup was reasonably simple. It took us a couple of hours to get it all set up and working with all of the firewalls set. Our own team did the setup. 

It comes in the main licensing costs from the WatchGuard if you buy the license. I don't know about the prices there.

WatchGuard does what it says it does. Definitely use it. If you want to block applications, then definitely use it. 

I would rate it an eight out of ten. There's going to be newer apps that are probably not going to be blocked straight away, but then they are in time, so it's not really an issue.

We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of our employees.

The way it saves me time is that there is no maintenance. Once we set it up, there's nothing else for us to do on a regular basis. It might be saving me about an hour a month.

• It has a good signal.
• We haven't had any security issues.
• The usability has been good. We haven't had any problems with it.
• The performance has been good. We haven't had any issues with the performance.

We have been using WatchGuard Firebox for about two years.

We haven't had any issues with it. We set it up and it's been running since we set it up.

We don't have any plans to increase usage. It just services our one office, with eight users.

We have not had to use their technical support.

We did not have a wireless solution before Firebox. The main reason we went with it was the security protocols. They were more robust on this device.

The setup was easy enough. It was more or less plug-and-play. There weren't a lot of settings that we had to run through. The setup wasn't that complicated. It took about two hours and there was just one person involved.

The addition of the WiFi saves us from usage of our data plan. We have had some cost savings there.

The pricing was in line with everyone else; maybe slightly higher. That's why it's not a 10 out of 10.