What is most valuable?
The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network.
I can see all of that from any cloud solution. So far, it has been really easy to install, deploy, and have visibility on the endpoints that I manage.
What needs improvement?
I'm just looking for a few extra features, which are likely included in XDR and the other additional software services. Mainly the FortiEDR system. If I go through the computer status and look at the risk, it's a very basic assessment.
Compared to Rapid7, which is a highly rated vulnerability scanner, WatchGuard is more limited. Rapid7 can give me vulnerabilities like autorun being enabled and provide solutions to fix them. It can also reassess vulnerabilities.
However, the EDR Core I'm using only gives me basic information, like "File full of fire and execution detection" as a high vulnerability. It doesn't tell me how to fix it, just that it's a risk. It's very minimal in terms of risk assessment. Rapid7 would say, "This software is outdated," or "You're using an older version of SQL." It's much more detailed, whereas EDR Core is more scaled-down and doesn't provide a full assessment.
So, I'd like a few extra features, especially around threat severity assessment.
For how long have I used the solution?
I have actually been using this for the past two weeks because I'm using it in a test environment before I deploy it into anything.
I want to make sure that the features they are providing are what my client really wants. Regarding compliance, it really receives no complaints.
So, with the EDR tool, which is what I currently use, I have deployed it in my business. I checked if it could gather my asset information, software information and scan my machines for any malware. So, that basic functionality is fantastic.
What do I think about the stability of the solution?
It has been stable so far. I haven't noticed any performance impact on my machines. My only complaint is that I can't schedule scans. I can only see live monitoring of micro activity. I'd like to schedule scans at specific times, but maybe that feature is only available in higher subscription tiers.
Buyer's Guide
WatchGuard Firebox
June 2026
Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,016 professionals have used our research since 2012.
What do I think about the scalability of the solution?
I've only been using it for two weeks. I would like to see more features, especially with the addition of xDR or Endpoint Detection and Response Pro (EDR Pro).
How are customer service and support?
I'm still exploring what's available in my current plan. Once I understand everything better, I'll reach out to WatchGuard if I need additional features or clarification.
However, I requested a full cybersecurity overview from their sales department to explore all their solutions, including network asset management, penetration testing, etc. They'll recommend different subscription tiers based on my needs.
Which solution did I use previously and why did I switch?
Fortinet is the main competitor, especially when considering firewall and firewall configuration. Microsoft Defender for Endpoint (MDE) is also in the mix, as some of our clients use it. These are competitors for a comprehensive security offering, not just antivirus.
Other competitors who offer similar features like asset management would be Trellix, SentinelOne (formerly McAfee), Microsoft Azure Sentinel, and Palo Alto Networks Cortex XDR.
In my experience, WatchGuard shines in deployment simplicity, especially for firewalls and firewall configuration. The renewal process is also easier, and their documentation, support library, and overall support experience are excellent.
How was the initial setup?
The initial setup was easy. It took ten minutes. I read the instructions. I downloaded the software and installed it on my machine in a minute, and it automatically showed up in the cloud console.
It even identified other machines on the network and asked if I wanted to deploy protection to them. All I had to do was provide admin credentials and let it run. Within half an hour, all the protected machines were visible in the cloud console, including my servers and workstations.
I would rate my experience with the initial setup a ten out of ten, where one is difficult, and ten is easy. One of the easiest EDR deployments I've ever done.
Some parts are deployed from the cloud. I have my cloud account, but I downloaded the client software that I executed on individual machines. So, it's hybrid, but the core Threat platform is in the cloud. I just installed the client on each machine. So, it's primarily a cloud solution.
What about the implementation team?
What's my experience with pricing, setup cost, and licensing?
The pricing is acceptable and competitive. WatchGuard's pricing is in a range where they can compete effectively with other vendors. WatchGuard offers similar features for a comparable price, making them a good option for small businesses like ours.
We mainly support small businesses with 1 to 5 users, or maybe up to 50 users at most. That's why we chose WatchGuard. It's cost-effective for small office, home office (SOHO) environments.
What other advice do I have?
It is very easy to use. It's designed for anyone, even non-technical folks like myself. Anyone could pick it up. It's like "IT for Dummies" - read it, and boom, you're a WatchGuard specialist! But, knowing deployment requirements helps, but WatchGuard makes it user-friendly.
Overall, I would rate the solution a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller