WatchGuard Firebox Reviews

We really don't use the firewall too much, we use it more as a VPN. We've got several different networks that we're joining through WatchGuard.

It has made firewall configuration really simple. It doesn't take years of training or certificates to go in and manage it. That's a big deal. We set up our firewall, operating as a VPN. It's bringing several networks together and it made that process easy.

In terms of my job, it's taken so little of my attention. I have worked with Cisco firewalls and they were complex. WatchGuard is easily understood and managed. It's easy to watch traffic go through the network, to look for ports that are closed or open, and to see what's actually moving through the network and what's not. It has made it easy to understand network traffic.

The learning curve is very small in comparison to the Cisco firewall. Within two hours, I was managing WatchGuard, whereas with Cisco it might have taken a month to accomplish that same level of proficiency. As far as the control of traffic is concerned, I spend one or two hours a week on WatchGuard, as compared to about eight hours with the Cisco firewall. It has freed up my time to do other things.

What I like most is the analytical side. It's pretty simple to understand when you want to do any diagnostics on your network. If you want to go in and see what packages are having trouble getting through, what's being held, stalled, etc., it's very easy to use in that way.

In terms of the usability overall, it's pretty simple but, at the same time, it's pretty full-featured in terms of what it can do. We only use part of it, only because that's where we're at right now. But for a small network, for a small organization, especially, it's a complete solution to your firewall needs. It's relatively simple for me to get into and to work with when I need to; if I need to set up an ARP table or to create different reports. For a smaller network with lesser-trained IT people - if they're lucky, they've got one IT guy trying to do it all - it's an excellent size. Whether you've got a few machines or several hundred, it's pretty simple.

One of the things that is always valuable is workshops. It's really hard to get away and do webinars, but what I would like is a selection of webinars. I see WatchGuard comes forward with a webinar where they're going to introduce this or that. I'd like to see a lot more of those and a lot shorter.

On lynda.com I can just point to a video to show me something I need to know how to do; for example, how to merge contacts in Outlook. But it is a ten-minute video. I would like to see more of that kind of learning. I'm sure WatchGuard has got all these videos, has got the webinars and the training sessions. But when I need to know something, I need to be able to get to it quickly. I want an indexed learning system very close to what lynda.com might use. I also want to be able to put questions forward either in a "frequently-asked-questions" forum or by sending them up to the support team for quick reply. 

I want to be able to go to a portal and put in my problem and have WatchGuard bounce back to me with, "Well, this is how we can do it," or "We don't have a solution for that." And then I can go to other vendors to look for a solution.

The more targeted learning system I can have, the better. If I have to schedule a webinar that might take 30 minutes, there's a good chance I'll miss it. I sign up for webinars and it happens that I'm not available because I've got other fires going. The learning has to be there almost at my whim: "I've got a fire burning, I've got to figure out how to put it out. I need a ten-minute video to show me." Those learning sessions have to be available and easily found, when I need them. I have so little control over my schedule on a daily basis, and I'm sure I'm like many others.

One other shortcoming is that there is no backup for it. We really haven't figured out how we might solve that problem. We may want to put a duplicate in. With Cisco, it's not uncommon to have dual firewalls with something our size. That way, if one were to fail, we've always got the other. With WatchGuard, we just have the one box. If that were to fail, we'd probably be really hurting.

I haven't had to look at it in nine months. It just works pretty painlessly. It's very stable. It's kind of invisible.

We haven't hit a limit. We have the wireless running through it, a camera system running through it. There are 50 workstations running through it, as well as servers. I don't have any problems with it whatsoever. 

Tech support is everything for any product. WatchGuard's technical support is up there at eight or nine out of ten. That's really what you're looking for in a product; more than the product itself, it's that support. If it's not there, you can just frustrate yourself to death on solutions. WatchGuard is support is easily available and know what they are talking about.

We were looking for a solution. The engineer that I had knew of WatchGuard and thought it was probably a good idea, and that was the whole strategy. He had worked with it before and he was the lead engineer when we implemented it. He was right about WatchGuard, it is a good product.

We were using Ciscos. They were aged and out of date. They were pretty well done. Our options were to get new Ciscos and get them configured. Of course the deployment and hardware were expensive. And the maintenance or the management, in the long run, was much more expensive.

With the WatchGuard, the initial hardware was less expensive. And the implementation, because it didn't require as much training, was much less expensive. And the management is much less. When I say "much less," I'm talking about 25 percent of the cost of what the similar Cisco would be.

I remember it being somewhat complicated. There were some complications we ran into; it didn't seem to be quite as easy as what we'd hoped. We did have really good support though, from WatchGuard, on the other end, assisting with the setup. That made all the difference in the world. That made it pretty painless. That was the key. 

When you're configuring a new piece of hardware, there's always some little switch that you miss or that just doesn't make sense. When you've got that support on the other end they know exactly where to go... WatchGuard had that.

At first, we were running into some issues configuring it to meet our needs. It was throwing us for a loop for a while. The issue was setting up the correct rules. But from the time we got that done, it just sits there and runs. We've had it 15 months and I haven't seen it in nine months. We got it configured and set up, and it just operates. 

We had it running on the first day, literally within hours. We had a lot of configuration to be done over the next six months, twists here and there. But as far as actually being able to set it up and have a firewall in place, that was done within two or three hours.

There are no costs in addition to the standard licensing fees. It was pretty much, "Get the license and you're good to go for the year."

We looked at Cisco in addition to WatchGuard. We didn't look at anything else.

I wouldn't hesitate to implement this solution. Particularly if you're down to an IT staff of one, this is a really good solution. If you're that small and your IT staff is very limited, then you're probably lacking the onsite expertise to move to a more expensive solution anyway. I would strongly recommend it.

We've got three people who sign in to WatchGuard, me and two others. Beyond that, everybody else is just an end-user. I'm the only full-time IT person we have on staff. We do have a vendor that we use for a lot of our engineering solutions and design. They spend about 12 hours a week on our network.

As for increasing our usage of it, I don't know what all its capabilities are. I deal with problems all the time and I have to come up with solutions for them. I don't foresee any expanded use of WatchGuard. However, it may be that it can solve some of my problems much more simply than some of the other solutions I'm thinking about. But I don't really know how it could at this point, so I'm not seeing us using more of it than we are now.

I would give WatchGuard a ten out of ten. It's simple, easily managed, and it has good tech support compared to other products out there. Because it is a full-functioning firewall, it does everything with full support. You're not buying a cheaper quality of firewall at all. It's full quality, fully functional and has good support.

We use it for our firewall as well as for our branch office VPNs.

The WatchGuard devices allow us to self-manage our network and our branch office VPNs. As a result, we've saved ourselves a lot of money, without compromising our security. It provides a much more economical and effective solution. We used to have an MPLS network which was a cloud-based firewall system and it cost us a small fortune every month. But when we implemented all these firewalls and got it all configured, up and running, we literally saved ourselves $10,000 a month.

It makes managing the network a lot easier. It takes care of our network for us.

Once it was set up and running, it began to save us time. It works, and we spend very little time managing it. We have very few issues with it. We might spend an hour a month managing it, if that.

The firewall aspect and the branch office VPNs are the most valuable features. They just plain work. We don't have any issues with it. We don't have to spend a lot of time maintaining it. You set it up and, for the most part, you can forget about it.

In terms of the usability:

• It's user-friendly with an easy user interface.
• It has a lot of features.

The throughput the solution provides is good.

In addition, WatchGuard provides our business with layered security. It certainly protects our network, blocks unwanted incoming traffic and, at the same time, can manage outbound traffic too.

We use WatchGuard to manage our failover for internet. If a primary internet goes down, it does a failover to the secondary the internet. However, what it doesn't do so well is that if the primary internet has a lot of latency but it's not completely down, it doesn't do a failover to the backup in a timely manner.

The stability is great. 

We don't really have any experience with the scalability. We implemented the appropriate devices for our size and we haven't really grown to the point that we've had to upgrade devices. The scalability is fine in the sense that we have some locations with more people, and WatchGuard has a slightly beefier device than we use at some of our smaller locations. All in all, it works well.

All of our networks are managed by WatchGuard. If we add locations we'll be using it for them as well in the future, although we don't have new locations on the horizon. We use it every day because it manages our network. Because all of our network traffic runs through WatchGuard, everybody uses it. But they're not using it for a specific function, other than to communicate between locations.

The customer service is good. If we have an occasional issue there are helpful. They help us resolve problems. Overall, I'm pleased.

We had a third-party MPLS network that managed all of the cloud-based software but it was very expensive. It was similar in effect, but it was a third-party, as opposed to WatchGuard which is self-managed. The main reason we switched was the pricing.

The initial setup was a little complex. But once we understood how it works and after we got the first one configured, the rest of the firewalls were pretty easy. It is pretty straightforward. It is just a matter of learning it initially: understanding the nuances of the application and the user interface, understanding how to set it up and understanding what does what and the naming of features. That initial learning curve was a little steep, but once we got into it, it made a lot of sense.

Company-wide, our deployment took about 30 days.

Our initial implementation strategy was to do a backup to the internet and ultimately remove our MPLS and use the branch office VPN to manage it ourselves.

We were helped by an authorized WatchGuard reseller on the initial setup. Once we got through the first one, we took over from them internally. The reseller was NetSmart. Our overall experience with them was very good.

We still have a relationship with them. We do a lot of our stuff in-house, but if we have something that we need a little bit of help with, we do reach out to them from time to time. But doing so, for us, is pretty rare at this point.

We have absolutely seen return on investment. We saved a small fortune switching over. It paid for itself, literally, within the first couple months.

When we bought them we got a three-year license for each device. The two larger devices are about $1,000 each and the smaller ones are about $500 or $600 each. 

There are some additional software features that you can add on and pay for, but we don't use them. 

We didn't evaluate other options. The WatchGuard reseller was a company we had done business with before and they recommended it right out of the gate. We went with that.

It's worth it, depending on your current network environment. If you are in the same situation we were in, it's really a no-brainer going from the MPLS network to self-managing it with simple broadband internet. It works great. To be honest, you'd be crazy not to do it. The advantages of WatchGuard over MPLS are that it's cheaper and you have more control because it's self-managed. The only con is that it does require a little bit of maintenance that you wouldn't otherwise have to do, but it's minimal.

In terms of distributed locations, we have a firewall at all of our locations. Once we got it set up we'd visit a branch, install it, test it, and implement it.

As for maintenance, it requires just one person, a network administrator. We manage it ourselves and there's not a whole lot to it.

WatchGuard Gateway AntiVirus is a firewall solution. We use it for internet access for our employees and network security in business operations.

WatchGuard Gateway AntiVirus is just a firewall. It's a very good solution for network security automation, but it does not improve our business work.

I value the stability of the product most. WatchGuard Gateway AntiVirus also has great scalability. But for us, it's only about ten people who use it.

I would recommend the solution. It's a good and stable product. Nothing is too difficult. 

The solution was very good with the anti-virus. I haven't a problem with anti-virus stability using WatchGuard for over two years.

My company is not big. Since we purchased the solution, it's been normal. No problems.

WatchGuard technical support requires a license. We never called them because the solution is working correctly and conveniently.

The setup is easy if experienced. The web interface is no problem. It takes only one hour. 

The solution is a pop-in installation. I did it by myself.

WatchGuard Gateway AntiVirus has VPN access for all systems. It's a firewall and an anti-virus agent. It's fully complete for my company.

I would recommend the solution. On a scale from one to ten, I would rate it at ten.

Our primary use case is VPN connectivity between 50 locations and our headquarters.

It saves us a lot of money over MPLS connections, about $125,000 per year.

WatchGuard provides us with one of our layers of security. The HTTPS proxy is where a lot of things get trapped.

The most valuable are the VPN and proxy features. We have all the sites we have to connect and that's how we do it.

I've been using it for so long so I'm pretty used to it. But I think it's fairly simple to use and understand. It helps if you're an IT expert. There isn't much of a learning curve if someone has an understanding of connectivity and firewalling. If they don't, there is certainly a learning curve.

The throughput is excellent. It's only limited to our bandwidth. We haven't had any trouble with throughput. The throughput of the firewall, in all cases, seems to be better than the bandwidth available. It's not the bottleneck.

I don't use the reporting features a whole lot, but Dimension is pretty good.

It's very hard to get information from their website, for exactly what I need to do. Sometimes I end up having to open a lot of support tickets. It's either too detailed or not. I never have good luck with their online tools. It's a navigational issue which makes it hard to find what I'm looking for and it's just so broad.

In addition, I have had a ticket in for an awful long time regarding a bug that they should address. If you're using a firewall as a DHCP server, it doesn't keep a good record of the leases. I opened a ticket on this about two years ago, and every couple of months I get an email back that it's still under engineering review.

They're very stable. I've had one firewall fail at 50 locations in the last ten years.

Scalability for me would mean, as we add more branch locations, the firewall here can support all of those VPN connections, and I'm not even scratching the service of what it can hit. It's very scalable.

Tech support has been good. It's gotten a lot better the past few years; it's very much improved. Twelve years ago it was the worst. Now, it's very good. They get back to me in a day if it's nothing critical. And I don't ever really have to escalate. They're pretty resourceful and understand their product.

Previously, I built a Linux box.

The initial setup is very straightforward. I've done it so many times that I could do it in my sleep. It's pretty simple to run through the GUI and get a quick setup. It's like if you asked me, is it hard to drive a car? I've been driving a car so long I don't know any other options. It takes me maybe an hour to set one up and get it ready to send out. At that point, it's fully configured. It's just plug-and-play when it gets to the location.

I, or one of my IT guys, will often have to be onsite. We'll send one out to a branch, then we'll have to walk the warehouse manager through how to plug things in. Deploying it to distributed locations consists of plugging it into the modem and plugging it into the network, assuming I programmed it correctly.

Deploying it requires just one person. We have three people in the IT group maintaining the entire network, but it's mostly me. It takes me about five hours a week.

ROI is very abstract for a security tool. As far as being able to create VPN tunnels versus having it managed by another vendor, as I said, it saves us about $125,000 a year, maybe a little more. Even comparing it so an SDYN solution from an outside vendor, it's a lot less expensive.

We only license our corporate one and the one we have at our DR site, we don't worry about the branches. It doesn't pay for us to license the ones at the branches. What they charge for what they call basic maintenance is extremely high for those little fireboxes. So we don't bother with them.

They're good machines. They're fairly easy to configure and they're stable.

We mostly use the M400 at corporate and at our branch offices we use T35s, T30s, and XTM25s. In terms of additional usage, I'm looking at the management console and, possibly, the drag-and-drop VPNs.

I would rate it at nine out of ten. The documentation makes it a little hard to find what I need sometimes.

We use them as our firewall in every location. It's extensively used and our locations for it are ever-expanding. Right now, we have 14 locations with them. We have everything from the M300 to the T50-W to the T30-W.

Like any other firewall, if it goes down, it's going to cause problems but these don't go down.

If I had to spend half my day fighting the stuff that it's keeping out, in that sense, it's increasing productivity. But if I was having to do that, I would find something else.

There are a lot of features I really like.

One of them is that the interface is more intuitive for us. And the success rate has been very good for us. It's easier to use than a SonicWall. There's a learning curve with every firewall, but this one is a lot more intuitive than some of the other ones I've used.

We've been very happy with the throughput and the performance the solution provides.

The Dimension control, the one-spot reporting and control, has been nice. It's been easy to go in and make sure people are doing what they're supposed to be doing and that only the right stuff is getting in.

It provides us with layered security.

It's got a global map where you can block IP based on which country it's coming from. I haven't seen that on anything else.

They work. We don't have to boot them. 

The only time they get booted is if there is a major, extended loss of power. Otherwise, they just stay up and running. The location I'm at has been up for 90 days and the only reason it went down 90 days ago was that we had about a 12-hour power outage. It got our batteries. It got everything. But like I said, they're reliable.

There is scalability because they have different models to choose from, as long as you buy right.

We have 500 employees and about 150 users. I'm sure we have plans to increase usage. In terms of how extensively it is being used, it's filtering every piece of internet traffic we have.

I haven't had to use their technical support in about seven years.

When it comes to installing a new box, it's pretty simple. We have a config we copy over to it and then we just customize that config with the IP addressing that we need at that location. It doesn't get much easier than that. It takes less than an hour and takes one person to deploy it.

We used a third-party integrator when we did our mass upgrade in 2017. At that time, all of our other ones had become end-of-life. They were Firebox Edges. We bought the boxes, dumped the configs on them, between us and the third-party, and either I or the third-party would deliver and install. Onsite downtime was as little as ten minutes.

Deploying it to distributed locations was super-simple.

We haven't had anything get through it. It's hard to say what your return on investment is when you're saving problems. You can't quantify how many possible threats you're saving in a day.

We bought ours bundled with two or three years at the time we bought them. I haven't seen the pricing since 2017, but it was competitive. SonicWall, Barracuda, and WatchGuard were all about the same price when we did our last pricing.

We investigated SonicWall back in about 2016 and decided to stay with WatchGuard because we felt the interface was a lot better. It's also easier to manage, easier to keep an eye on. We really despised the SonicWall. The support for it was awful. Dell already had it and it was bad. I had experience with SonicWall in the past, before it was a Dell company. The SonicWalls were pretty good then.

We looked into Barracuda. We didn't actually test it. We used some other Barracuda stuff, but we didn't actually even test their firewall. I don't remember why we didn't go with them. That was a decision made three years ago. We use their backup appliance and couldn't be happier with it, so it wasn't a support issue or a reputation issue. I don't know if there was a little difference in pricing which was the reason that we didn't try it.

We investigated the other one, we actually put the test box in, and Firebox was far superior to what we tested.

Give Firebox a good, strong look. Give it a test run and I'm sure you'll be happy with it. We've always had it. Our opinion of it is that it flat-out works and we're very satisfied with it.

I'm sure there are better ones out there for somebody who has more time to manage it. But if you're looking for something so that you don't need a dedicated staff to manage it, I'd say this is a pretty good one. I give it a nine out of ten.

Production business use at multiple interconnected locations.

It is one of the layers of our security and it definitely does protect us from many attack vectors. Between the antivirus scanning, the blocking, and DNSWatch, it is protecting us from a number of attack vectors. It is also provides useful diagnostic tools for identifying and troubleshooting issues. A recent example was when a few LOB network devices were having issues which was affecting operations. ZazaThe ability to search the realtime and historical logs helped me to navigate, zone in, and identify the ultimate issue. It ended up not being the firewall, but fast access to the logs helped me determine and prove that to be the case.

Because of the way it's organized and the user-friendliness of the device, it does make my job managing the firewall profiles and security a lot easier. There's nothing you have to do through the command line. Being able to definitively know what the configuration is, visually, being able to edit it offline without affecting production have all been big time-savers for me. When I had to do two firewalls which had similar configurations it saved me at least 20 hours of setup work. Templates allowed me to create and define a bunch of objects once and use them in both places.

Overall, per month, Firebox will save me four to five hours, depending on if there's something I have to investigate.

The Application Control and web blocker have been very valuable because they let me control the outgoing traffic of my users and keep them off of both productivity wasters and sources of vulnerabilities in my environment. 

I like the High Availability feature because it allows a firewall to fail while keeping the environment up and running.

In terms of its usability, it's very straightforward to use, once you understand the way they look at a firewall and the design choices they made.

The throughput the solution provides is excellent. I have not had any performance-related issues with any of the fireboxes I've used.

I like their management features a lot. Their System Manager server as well the System Manager software make managing them, and tracking changes, very easy and complete. In terms of the reporting, I am just starting to look at the reports in Dimension and they look pretty well-organized and useful.

The product could have some more predefined service protocols in the list, which don't have to manually be defined. But that's very low hanging fruit.

The documentation for the System Manager/Dimension configuration, could be a little bit clearer. The use case where you have multiple sites with multiple firewalls, and one site that has the System Manager server and the Dimension server, wasn't really well defined. It took me a little bit of digging to get that to actually work.

It's pretty rock-solid. I've never had to reboot one because it was acting in an unstable manner and have some that I ran through their entire usable lives without issue.

The scalability is good, assuming you buy the right model. They make it easy to trade up to a bigger model without having a big, financial impact, giving you a discount to trade up. 

The times I've used technical support it was excellent.

I moved from FortiGate. The reasons i switched include price - WatchGuard is a lot more cost-effective than FortiGate - and complexity. FortiGate is very complicated, had little documentation which relied heavily on cookbooks, and a lot of command-line required to get some common things to work. WatchGuard is very well-documented and everything fits within their configuration. Nothing that I've encountered has to be done through the command line. And when your subscription expires on the WatchGuard, it will still pass traffic, if you configure it to. FortiGate will only allow one connection out. 

The initial set up was very straightforward. You take it out of the box, you plug it in, you download the software, and it starts working. That's what I consider to be the initial set up, and that was very easy and very fast.

The deployment took me a total of about 40 hours for two sites, two firewalls, and with an incredibly complicated configuration. The complexity was a product of the environment, not the firewall.

I utilized the template feature to make everything that could be the same, the same across both sites, which are connected locations.

In-house.

They are well priced for the market and offer discounts for competitor trades and model upgrades which are definitely worth taking advantage of.

FortiGate and WatchGuard were the only two I've evaluated recently.

I would definitely recommend using WatchGuard.

I would also recommend taking one of the courses that goes through all the features of the device and the way it is organized. Every firewall vendor looks at things differently. If you don't understand the way WatchGuard is structured, you may make a strategic mistake in setting it up and you'll have to tear some of it down and redo which is true of any firewall. Leanr and use the tools Watchguard  provides.

I used to do everything in WatchGuard through their Web UI but I now use the System Manager software because it is very valuable. It provides a lot of features that I had not realized I was missing. The System Manager Server is able to store previous versions of the configuration, and to force people to enter comments regarding what they changed when they save one. Being able to compare the configurations side-by-side, and have it tell you the differences are great tools that you should know about if you're going to start implementing a WatchGuard.

We are not currently using this solution. Rather, we are reselling, and I have implemented these systems.

The most recent one I implemented was an M200 model that was being used as a gateway firewall to control their internet usage, primarily for URL filtering.

The reports are detailed. Rather than showing the IP address for a query, such as "who is the most active internet user", it will show their name and the specific activities that he or she is browsing on the internet.

The most valuable feature is the Active Directory integration. WatchGuard is very easy to integrate with. The URL filtering is ok, but instead of filtering by IP addresses I usually set up filtering through Active Directory user profiles.

I can import the users directly from Active Directory and create a space for a certain user or a certain group. This is something that is great because I have a lot of trouble setting this up with other products.

I also liked a new feature, the WatchGuard TDR (Threat Detection and Response). This reports malware activity to the cloud.

This solution needs the option to add an external hard drive. The competitors have this. With WatchGuard, you have to get another server, set it up, and then point it to WatchGuard. That is where the logs will be stored.

Some find this tedious because they have to get another server, although I find it advantageous because there is no hard drive needed. It removes another point of failure. In any case, if the customer wants an external hard drive then it would give them the option.

I saw a feature in Cisco that was a historical trajectory of the files, or sets, moving in the network. I would like to see them include this feature in the next release of the TDR.

So far, the solution is stable.

I have two customers who have experienced problems due to a storm. An electrical surge came through the internet line and caused damage to the port. This had nothing to do with the stability of the product itself.

In terms of updates, it is one of the easiest firewalls to update. I just download the latest one and let it work until it reboots.

In the company where the M200 was implemented, they have fifty users.  

Whenever I have a problem I contact the technical support and I normally have to wait at least a day for them to respond. I have opened approximately twenty tickets, and so far, all of them have been resolved.

We used an older model of the WatchGuard solution, the T50 e-series, but we have replaced it. We received a discount on a bigger unit from Fortinet. However, we recently sold a WatchGuard M200 and I had the opportunity to use the product. Comparing what I see now to what it was before, there are a lot of good changes. Not so many in the GUI, so there is familiarity there, but I think that it is faster now.

My customer for this solution did not previously have a firewall. It was just an open internet router.

The initial setup is very easy for somebody who knows the product, so I can't say that it is complex. For someone who is new to the product, of course, they would find it intimidating at first.

The deployment took three days, with the third day being the turnover. I had to train them on how to use it. The first two days were spent setting it up.

One IT person handles maintenance for the solution, just for secondary support.

I took care of the deployment for our customer.

The subscription that was purchased is for three years but it is usually for one year at a time. There are no costs in addition to the standard licensing fees.

My customer was looking into Sohpos, but because the budget was drained they opted for WatchGuard. It was a cheaper solution.

Based on the reactions from people who I have implemented this solution for, some of them find it difficult to use before they get used to the interface. At the same time, if they later move to another product then they say that WatchGuard is simpler.

I keep hearing that WatchGuard is quite marginal because it is not listed as a leader in the Gartner Magic Quadrant. It is listed under Visionary. For a firewall product, I do think that it's a leader. It doesn't cost a lot compared to Cisco, Palo Alto, or others. I think that WatchGuard is good enough.

I would rate this product eight and a half out of ten.

This device is for Unified Threat Management (UTM). Our primary uses for this solution are as a firewall, antivirus, anti-spyware, web-blocker, and APT blocker.

I can say that it has been defending our organization. There are from ten to one hundred attacks per day to our IT forum and our email server.

The most valuable feature for small and medium businesses is the support for various protocol proxies. Without any subscription, they can realize an IDS/IPS solution.

It would be wonderful if the WatchGuard team develops nice products for threat intelligence. They have a subscription service called DNSWatch, but this needs to be improved.

This product is very stable.

There is no problem with the scalability. If I need a more powerful appliance then I can buy it, but I can also use less powerful devices. Overall, scalability is ok with this solution.

We have about fifty people using this solution. There are two IT specialists, and all of the rest are salespeople, office support, etc.

The technical support is very good. I know only of one company whose tech support is better than WatchGuard's.

I have experience with Check Point UTM, and I find that this application has approximately the same functionality, but it is cheaper.

The initial setup is very easy. It is not complex.

For a small organization that has between fifty and one hundred users, the deployment can be done in perhaps fifteen minutes to three hours. Our deployment took approximately one hour.

Only one person is required for maintenance.

We handled the deployment ourselves.

I can see ROI within several months.

The cheapest configuration, for maybe five people, is approximately $500.

There are several other license steps that vary based on the number of security services that are included in the subscription.

We had considered several other solutions such as pfSense, MikroTik, and Fortinet. However, we became a WatchGuard distributor for the territory of the Russian Federation, so we are using only WatchGuard solutions.

It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality.

I would rate this solution a ten out of ten.