WatchGuard Firebox Reviews

We use the solution as an internet gateway. With its help, we can establish the connection between our company's HQ and branch.

The solution provided us with site connections and internet policies.

The solution's valuable feature is its pricing which is better than other competitors.

The performance of the solution's processor needs to be faster than other vendors. Also, it is time-consuming to configure it whenever multiple policies are involved. This area needs improvement as well.

I have been using the solution since 2012.

The solution is highly stable. I rate its stability a nine.

We have around 200-300 solution users in our organization. I rate its scalability a nine.

The solution's technical support is excellent.

Fortinet is faster to configure and access policies than WatchGuard.

The solution's initial setup process was simple, as I already have experience using it. It takes a month to complete. The process involves setting up the solution in a lab. Later, deploying it in a production environment once it meets all the configuration requirements.

Initially, we took help from a third-party vendor to deploy the solution. Afterward, we did it in-house. It requires three to four network administrators for deployment and two network administrators for maintenance.

The solution is worth buying.

I rate the solution's pricing as an eight.

I rate the solution as an eight. It offers more variable license bundles and has high availability than the other products.

In Italy, small and medium-sized enterprises are prevalent, with fewer than 20 devices being used in most companies. As a result, we typically use entry-level routers such as the T25 or T45.

We sell security and management services for our clients' structures, which allows us to provide visibility into events and the flow of actions taken by both the users and our company. We are pleased to have this tool within the Firebox toolset, as it enables us to show customers what is happening during an incident, as well as to continually monitor the structure.

Management and visibility are the most valuable features.

Visibility with an app that could extract or connect the data without entering Firefox directly would be an improvement.

I am looking for tools that can improve mobile security because our Firebox router mainly focuses on physical perimeter security. While we can use VPN to connect laptops to the network, mobile phones, and tablets can only rely on wireless networks, which don't provide direct endpoint security. Therefore, I believe there is a need for additional measures to connect mobile devices securely to the Firebox router.

The price has room for improvement.

I have been using the solution for a couple of years.

The solution is generally stable, although we have encountered a few hardware issues that were promptly resolved by replacing the affected devices.

The support is great and specialized.

The initial setup is straightforward. Our deployment strategy is simple. We require a couple of people. First, we set up the structure and connect the Firebox, whether it's a new installation or a replacement for other devices. Next, we prepare the configuration, LAN, and rules. Then, we make a brief stop to switch the core device to the customer's structure. After that, we move to each endpoint and use VPN or other tools to complete the setup. The direct operation on the endpoint site takes less than an hour, and the preparing phase another two to four hours.

The implementation was completed in-house.

We are utilizing an MSP licensing model and are content with the minimal amount spent on the devices rather than committing to long-term licensing.

I give the solution a ten out of ten.

The maintenance of a simple structure is easy.

I recommend trying WatchGuard Firebox directly but keep in mind that the wireless devices can only be connected to the wireless network.

WatchGuard Firebox is used as the core firewall. It's also used for routing purposes. As a software, it's also used as a VPN access for external clients.

How WatchGuard Firebox improved my organization is that it provided a deeper level of traffic management. It allowed the company to more effectively manage the network traffic, which led to higher efficiencies across the network. Though FortiGate does a much better job of managing traffic, WatchGuard Firebox does it more efficiently.

What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great.

What could use some significant improvement in WatchGuard Firebox would be its interface and policy management.

An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it.

I've been using WatchGuard Firebox since 2016. I'm still using it.

WatchGuard Firebox is a very stable product with no issues whatsoever.

WatchGuard Firebox is a very scalable product. My company decided, after initial implementation, to move to a redundant core network, and it was able to implement a second device seamlessly to act as a passive follow.

All of my interactions with the technical support team of WatchGuard Firebox have been great, so far. The support team is very responsive and very knowledgeable. I haven't had an issue that the team hasn't been able to resolve. The team always responded within the SLAs.

On a scale of one to five, I'm rating the support for WatchGuard Firebox a five.

We used Palo Alto before WatchGuard Firebox, and the reason we switched was because of some failures in the Palo Alto firewall.

The initial setup for WatchGuard Firebox was very straightforward, though my company has a relatively complex network utilizing SD-WAN, MPLS, and BOVPN technologies. On a scale of one to five, where one is the worst and five is the best, I'm rating my setup experience a four. There's always room for improvement, but it was a fairly good process.

The deployment of the WatchGuard Firebox took eight hours to complete.

WatchGuard Firebox has been implemented as the core firewall for the organization. The reason my organization upgraded to the device and switched from a previous software was due to a hardware failure of the previous firewall.

We deployed WatchGuard Firebox internally, through my team.

In terms of ROI from WatchGuard Firebox, from a data perspective, I couldn't share only because my company doesn't have any metrics on ROI. However, I can say that the threat management and prevention features such as IPS and IDS caught several malicious files coming in through the firewall or WatchGuard Firebox, so I suppose that alone makes it worth its weight in gold.

We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs.

I didn't evaluate other solutions, apart from Palo Alto, before using WatchGuard Firebox.

I'm using the latest version of WatchGuard Firebox.

My company has one thousand and five hundred users of WatchGuard Firebox in IT, Finance, and Graphic Design.

At this point, there's no plan to scale WatchGuard Firebox, but it's fairly well-configured to scale if required.

I do ninety-nine percent of the work in terms of maintaining the product. One person seems enough for the maintenance of the WatchGuard Firebox.

The only advice I would share to others looking to implement WatchGuard Firebox for business is to consult with a person experienced on the platform, specifically during your first implementation, just because there could be some unique issues that you may face that you won't find outside of the WatchGuard platform. Overall, I would recommend WatchGuard Firebox to others.

In general, I'd give WatchGuard Firebox eight out of ten because there's always room for improvement. No product will ever get a perfect ten. I ruled out nine as the rating and I gave WatchGuard Firebox an eight just because fundamentally, a firewall packet and policy management is at the forefront of what a firewall does, and not being able to modify the policy really bumps the product down a little bit in terms of rating, in my opinion.

I'm a customer of WatchGuard Firebox.

We primarily use WatchGuard Firebox like a typical firewall, to protect ourselves from outside and inside threats. 

I have the WatchGuard Firebox M270, deployed on-premise. 

WatchGuard Firebox improved our organization by acting as a firewall, with all the specific components of one. If you have an antiviral solution, you can see how many were blocked; from where they were blocked; what the statistics are on the areas that the attacks came from; and if there are attempts, or if they do get through the firewall, where they came from and where they went. You know exactly what to look for, to see if there is any kind of penetration inside your system, or if anything has been compromised, and you can take any measurements against these threats. 

All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited. 

There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well. 

Most of the features that I have right now are more than okay with me, but something like a better interface is always worth suggesting. Also, things like computer-based training on firewalls and specific solutions—especially in things that have been deployed on every new version—is usually something that we need to see in order to understand what, exactly, these people have created for us. 

I have been a WatchGuard user since 2004. 

This solution is stable. 

I am the only one who maintains the firewall—we don't have a team to handle it. 

This solution has been scalable to the level that my company wants. 

Behind the firewall, we have 60 users. On a daily basis, there are approximately 40 to 45 users in the office: they are people from the purchasing department, technical department, accounting department, operation department, etc. 

In general, their support is okay, and nothing fancy. We have had a few chats and a few cases on several things that I wanted to do by myself, but needed some guidance on. The speed is not the speed of light, but we are getting through to what we want to have within a day or so. 

I don't have any comparison to make with a solution that's on the same level as WatchGuard Firebox. We had some experience with all of the Cisco firewalls, but they didn't have the same level of security that we have with our existing firewall. Those were quite old, so I cannot really compare that old technology with something that is so new. 

The initial setup was quite straightforward because we are a small company. We have 50 people working at this company, so it's a rather small installation with no fancy or complex configuration. The deployment took an hour or so, but from that point on, there have been numerous hours of work to get up to the point we're at now with our firewall solution. 

It's quite easy to deploy because the initial installation doesn't involve many fancy things. Out of the box, it's quite clear that it has features that need to be blocked, and these features have already been blocked by default, to help anybody deploying this solution. It's like having 35%-40% of your configuration ready, so you only need to add another 25%-30% to reach approximately 70% of your full configuration, which takes no more than a couple of hours. The additional 30% are the small, exact things and the prediction correction, the things that are usually done on a firewall solution in the following hours, days, months, years by the users of the device. However, you can reach the level that you personally believe in, 100%, within a matter of days if you know exactly what you need to do. 

I implemented this solution all by myself, since I was lucky enough to have basic firewall knowledge. Our implementation strategy was to get to the level, as fast as possible, where I could meet the minimum requirements of the company, concerning its firewall policy. 

I have definitely seen a return on investment. To be exact, you cannot really value the return of investment on this kind of product because an IT product usually delivers services that cannot really be measured in money. Rather, it can be measure in things that we can do and things that we cannot do. So, money-wise, you cannot really measure it, but if I'm measuring it on things that I wanted to achieve with a device, there was a 100% return back. 

The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use.

I rate WatchGuard Firebox an eight out of ten. 

This is a solid device and it delivers what it says. It doesn't do fancy or extraordinary things, but it does delivery exactly what it's supposed to deliver. 

We use it in my company and for my clients as well. We sell Internet access, so we use them as a firewall to hopefully protect our clients. We work with one of our partners, who is a certified WatchGuard engineer, and have come up with a fairly good plan to get these completely fired up and working. That makes a huge difference.

We're now up to the 7 Series. We've gone through WatchGuard 3 Series, 5 Series, and 6 Series. So, we've gone through several different versions over the years.

Firebox's reporting and management features have been very helpful to us. Unfortunately, we don't always have them turned on at the right time. That's something we have to be aware of. However, once they're turned on, they seem to do really well in identifying things across the board for us. We can usually hunt down problems very quickly and go from there.

The solution provides our business with layered security.

We do most of our services now as Voice over IP services. We do not do computer services. We have been able to slowly pair down exactly what we need to program within Firebox to give us the best quality of service for our customers. 

We can open or close individual ports, which most can, but I like the way that this programs. Meaning its GUI interface versus Cisco's, where their interface is still not all that great. We just become very comfortable with WatchGuard over the years because we know what to do with them.

We have found it to be very usable and friendly. We can use it for identifying and hunting down. If we run into a problem for some reason, the reporting capability makes it much easier for us to ID where problems may be.

Depending on what specific model you get, along with how deeply reprogrammed and restrictive we make it, their throughput is pretty good. Though, the models are all pretty close to the same. We get about an 85 to 90 percent throughput, depending on which of their security platforms we install. Some will take a little bit more and some will take a little less.

The pricing could be improved. It is definitely one of the more expensive products, though you can't really compare it to Ubiquiti or SonicWall.

About 15 years.

Its stability and reliability make it a good product for us.

Over the last 15 years, there has been only one Firebox in which we've had any hardware problems and one box in which we have had a software problem. In both cases, WatchGuard overnighted a new box to us so we had it the next day, then we were able to repair or replace, as necessary.

They seem to be fairly stable. Like anything else, it's an electronic device that can last for 10 minutes or 10 years.

They have put together a good process where we can go in and see, based on the processor power of Firebox, which one we would want to use on what circuit size. They have it from very small to extremely large.

We have four telephone technicians in the company who have had the training and capability to work on Firebox.

For us, a large environment is somebody with 250 or 300 users inside the company.

Our partner has used their support. It's really good support. If they don't answer immediately, they get back to you very quickly, usually in less than an hour.

We see cases where several of our clients are switching from a different firewall to WatchGuard. With Cisco, it depends on who's supporting it. SonicWall seems to give us a bit more problems when it comes to interfacing with IP telephone devices or if we're doing SIP trunking.

Firebox stabilizes it so we know we get better support for the platform and user when it comes to Voice over IP. We find a lot of them don't give us the ease of setting it up. Now that we know we have it down to what we're doing so the platform stays stable, we can imply good quality of service for the customer and keep going on so they continually get good performance on their network.

In the beginning to set this solution up, it takes four to six hours. That is to get a brand new one out of the box and make sure it's got all the latest and greatest revisions on it, then setting it up. That also depends on the size of the client that you are supporting with it.

We have a template built for it. Once we upload the template, we go in and adjust it accordingly.

We have a few Fireboxes deployed to distributed locations, not a lot. However, it does work well in a distributed environment. We have one customer who has five offices in five different states. He has Firebox for all of them and it seems to work pretty well.

Deploying to distributed locations is easy enough. We have a template. We just get the IP addresses for the network and update the template, so it has the appropriate addresses. We can either have one of their folks do it because this happens to be a tech company, not necessarily IT. However, a tech company is knowledgeable enough. We can send it out there and tell them what to plug in where and turn it on. Then, if we're really lucky, it comes up without any problems at all because we've already set it all up before we take it out to them. So, the deployment becomes easy depending on how you want to address it. There have been times where we've gone out to deploy them in different locations. Most of the time, depending on the company, we can set it up to deploy, then just plug and play.

Make sure you have a good, qualified, trained engineer to help you initially get it set up. I do not recommend you doing it on your own unless you're somewhat trained in the terminology and capabilities of the particular product.

We have an engineering specialist, who has been certified by WatchGuard, secure attack vectors for us.

Once we get done putting the solution in and getting it set, there are times that the local IT support may be different from ours. They may go in and make a few minor tweaks to it. We try to keep that to a minimum because it is just one of those situations where we would like not to have too many hands in the pot.

It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level.

They license it. When we buy it, we buy it with a three-year license. That's the most cost-effective way to do it. So, if you're going to buy it, then buy it with the three-year licensing. Only the person buying it can determine which level of licenses they have. That's something to truly consider.

There are no additional costs unless you choose their advanced licenses or different levels that they have for security. You can add on more security licenses with what you have in Microsoft today, but we have not been adding those on.

Our experience has been that Firebox actually performs a little better than some of its competitors as far as throughput goes. However, it depends on how much of their security software you get loaded, because they have different versions.

We have used other products. We've used SonicWall, Ubiquiti, and Cisco PIX. My personal favorite happens to be WatchGuard. Also, if we compare WatchGuard against Ubiquiti or Cisco PIX Firewalls, its ability to add multiple IP addresses and ports is much simpler than those. I can run several different networks off of ports that come on the hardware device. Depending on the model, there are anywhere from four to eight ports on the device, so you can plug it in at different levels.

It is a great piece of hardware.

The learning curve for this solution depends on your background. If you have some technology background, implementing it will probably be okay. They have a WatchGuard academy. If you have no background at all, I wouldn't suggest you do it. In comparison, when you get trained with Cisco, there are several different classes to go through and each class is several hours long.

I would rate it as a nine or nine point five out of 10.

We have had some difficulty introducing the brand on the market because, in Angola, we have another brand with a more aggressive approach than WatchGuard. The end users prefer other brands like Sophos and Check Point over WatchGuard Firebox. We will soon be an expositor of WatchGuard Firebox. We have some customers that use Panda Security just for endpoints. We have some customers that use WatchGuard Firebox directly or indirectly.

WatchGuard Firebox is the most powerful firewall for Wi-Fi security.

The scalability of the solution needs improvement.

I have been using WatchGuard Firebox for more than one year.

WatchGuard Firebox is a stable solution.

I rate WatchGuard Firebox ten out of ten for stability.

At the moment we are providing support to five customers.

I rate WatchGuard Firebox a nine out of ten for scalability.

The solution’s technical support team is very good. We have always received quick responses from the support team.

WatchGuard Firebox’s initial setup is very easy. The configuration is easy since the solution is user-friendly and has an intuitive platform and dashboard.

The solution is not expensive and customers pay for a yearly license.

We have a direct relationship with the master distributor of WatchGuard Firebox in Angola and Africa. WatchGuard Firebox is the only solution we work with for firewalls and cybersecurity.

When we start WatchGuard Firebox's deployment, we redirect it to the cloud.

Overall, I rate WatchGuard Firebox ten out of ten.

The WatchGuard Firebox is our version of a firewall. It has several use cases. 

WatchGuard Firebox's two-factor authentication feature is particularly useful and provides an added layer of protection. It's been a reliable and stable solution for us.

When working with WatchGuard, specifically in configuring Panda Security on the portal for the first time, it was challenging for me. Creating the partner center and setting up the account in Panda Security was not straightforward. Although working with the Panda Security part itself is easy, I faced difficulties in creating the partner center. So, maybe this could be an area of improvement. 

Another area of improvement is the license. The price could be cheaper. 

We currently use WatchGuard Firebox T20 model.

There are around 26 users using this solution. In terms of user capacity, the T20 model can support up to 20 users.

WatchGuard Firebox is easy to use and set up. I work with the solution every day, so I'm quite familiar with it. In my experience, setting up WatchGuard has been straightforward. It didn't require much effort. 

Although I have spoken to others who mentioned that implementing it for the first time can be challenging, I personally found it easy. I had no issues with the setup.

Whether it was deployed in the cloud or locally, it took a month. I maintain the solution and provide technical support. 

I recall when I bought the first Firebox; someone advised me to start by seeking assistance from the WatchGuard support center. I found all the necessary information to implement the solution. That's why I believe it was relatively easy for me to implement it the first time. However, I am aware that many people find it challenging to implement WatchGuard on their first attempt.

Currently, we use an internal lead to sell WatchGuard to our clients. So, the price varies. However, it's worth mentioning that our internal use of WatchGuard includes Panda Security as well.

We do pay for a license. It's a three-year license. It is an expensive solution. The price could be lower.

WatchGuard is not a widely known solution in my country. People here tend to use CheckPoint, Fortinet, and Palo Alto more. However, I believe WatchGuard is a good solution that more people should be aware of and consider. We are actively working to promote it in Angola. In fact, there might be more companies in our country that could benefit from using the WatchGuard solution.

Overall, I would rate the solution an eight out of ten.

We primarily use the solution to secure our networks in branch via SSL and VPN. We also use it for our web pages hosted on our servers. This product handled everything UTM.

The solution has benefitted us by offering a secure connection. We don't spend as much time analyzing when traffic goes somewhere. We have clearance capabilities. We see what happens in our network.

The hardware is quite good.

The solution is fast. When we commit and change items in Firebox. It just works and it is simple. When you drop a connection, it gets dropped in a second. The speed is important to us.

It has everything we need in terms of functionality.

The solution is scalable.

It is stable and reliable. 

Pricing is reasonable. 

The UI and web view aren't nice. The fonts are too small, for example. 

I've been using the solution for three years. 

It is very stable. I haven't seen any issues with it. There are no bugs or glitches. It doesn't crash or freeze. It is reliable. I'd rate it nine out of ten in terms of stability.

The solution can scale quite well. If a company needs to expand, it can. I'd rate the ability to scale at an eight or a nine out of ten. It's easy.

I've never directly reached out to technical support.

When we need to make something really good, we need to take the time to ensure that's the case. However, the configurations are simple.

We had a business help us implement the solution. 

So far, the solution has been worth the cost.

The product isn't necessarily expensive to acquire. The pricing is reasonable. 

There are no extra costs or hidden fees. 

I'd rate the solution nine out of ten. We've been pleased with the product overall.