WatchGuard Firebox Reviews

I used WatchGuard Firebox for small configurations and to give Active Directory access to some users so they could bypass the firewall. I also used the solution as a VPN.

WatchGuard Firebox is easy to configure and has a nice user interface.

The solution's pricing could be improved.

I have been using WatchGuard Firebox for one year.

I rate the solution ten out of ten for stability.

Around five users are using the solution in our organization.

I rate WatchGuard Firebox a seven out of ten for scalability.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a six or seven out of ten.

The pricing depends on the quality of the product we are buying and the support. WatchGuard Firebox has good quality, but it is expensive.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven or eight out of ten.

The solution has some specific rules that detect multiple traffic from the same IP address. It will generate a report and send it to the administration's account email address so that we can analyze it and give the correct feedback for us to take action.

With the high competition in the market with AI, everything is done a lot faster, and all the companies are trying to lower the cost of their IT solutions. Companies that don't make the correct investments in their IT solutions face malware attacks and ransomware attacks. Every company needs security because any kind of disruption will be extremely costly for the company to get out of.

The solution's VPN capabilities have greatly improved our remote work security. It was very easy to configure and use. It was a bit tricky to configure on the remote computer, but everything was okay.

The solution's management interface eases the setup and ongoing maintenance of the solution. I did an update a couple of months ago, and it was very easy. I rate the solution's documentation a six out of ten.

I would recommend WatchGuard Firebox to other users because it's a well-known company that has been in the market for quite some time. It might have some vulnerabilities, like every other product in the market. Once the vulnerability is detected, it quickly makes patches for the system.

Overall, I rate the solution a nine out of ten.

In Italy, small and medium-sized enterprises are prevalent, with fewer than 20 devices being used in most companies. As a result, we typically use entry-level routers such as the T25 or T45.

We sell security and management services for our clients' structures, which allows us to provide visibility into events and the flow of actions taken by both the users and our company. We are pleased to have this tool within the Firebox toolset, as it enables us to show customers what is happening during an incident, as well as to continually monitor the structure.

Management and visibility are the most valuable features.

Visibility with an app that could extract or connect the data without entering Firefox directly would be an improvement.

I am looking for tools that can improve mobile security because our Firebox router mainly focuses on physical perimeter security. While we can use VPN to connect laptops to the network, mobile phones, and tablets can only rely on wireless networks, which don't provide direct endpoint security. Therefore, I believe there is a need for additional measures to connect mobile devices securely to the Firebox router.

The price has room for improvement.

I have been using the solution for a couple of years.

The solution is generally stable, although we have encountered a few hardware issues that were promptly resolved by replacing the affected devices.

The support is great and specialized.

The initial setup is straightforward. Our deployment strategy is simple. We require a couple of people. First, we set up the structure and connect the Firebox, whether it's a new installation or a replacement for other devices. Next, we prepare the configuration, LAN, and rules. Then, we make a brief stop to switch the core device to the customer's structure. After that, we move to each endpoint and use VPN or other tools to complete the setup. The direct operation on the endpoint site takes less than an hour, and the preparing phase another two to four hours.

The implementation was completed in-house.

We are utilizing an MSP licensing model and are content with the minimal amount spent on the devices rather than committing to long-term licensing.

I give the solution a ten out of ten.

The maintenance of a simple structure is easy.

I recommend trying WatchGuard Firebox directly but keep in mind that the wireless devices can only be connected to the wireless network.

Our primary use case for this solution is a primary firewall.

The features I found most valuable are probably the built-in VPN functionality and the scalability because they can both be centrally managed. It is very easy to scale. It is also very granular, so you can be as restrictive or as non-restrictive as you like. This means you can be very precise with it.

The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming.

I have been using this solution for a year now.

I would rate the stability of this solution an eight out of 10, with one being unstable and 10 being very stable.

I would rate the scalability of this solution a 10, on a scale of one to 10, with one being not scalable at all and 10 being very scalable.

We currently have about 200 users.

From my experience with their customer service team, I would say that they seem quite knowledgeable and fairly quick to respond.

Previously, we used FortiGate. FortiGate is a much more mature product. I feel like FortiGate is a lot easier to work with. Firebox, you're able to achieve the same outcomes, but it can be a lot more complicated to do so.

The initial setup can be somewhat complex. I would rate it a six out of 10, with one being not complicated at all and 10 being very complex.

Our deployment was done through a third party.

I would rate their pricing plan a four, which means it's definitely on the cheaper scale.

I would recommend this product, but you need to make sure that you've got the technical capability to work with it because it can be quite complicated. Overall, I would rate this solution a seven out of 10, with one being poor and 10 being excellent.

We use WatchGuard Firebox for the site's firewall and VPN solution. The WatchGuard supports remote gateway and mobile VPNs. WatchGuard Firebox serves as the primary firewall for the site.

The solution has many security features. We have an intrusion provision system and filtering and block filtering. These features have been enabled, and we have created services around them.

WatchGuard has several limitations, particularly concerning throughput and performance, and management, firmware updates, and customer support need improvement. The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. 

Moreover, the solution doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

WatchGuard cannot perform packet captures for multiple IPs simultaneously, restricting us from achieving them individually. Due to these limitations, we are considering migrating to Fortinet.

I have been using this solution since 2018.

The solution is stable, as I have been using a couple of devices without any restart since 2018, and there has been no downtime for these devices.

I rate the solution’s stability a nine out of ten.

I rate the solution’s scalability a seven out of ten.

The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. It doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

Neutral

I would rate my experience with the initial setup around six on a scale of one to ten, one being hard and ten being easy.

WatchGuard is better when compared to other firewalls. It is affordable for a midsized company.

WatchGuard is affordable, with features for individual customers, end-users, and midsized companies. However, big businesses with growth and an increasing workload have to migrate.

I rate the solution’s pricing a four on a scale of ten, one being lowest and ten being highest.

We don’t know much about what's happening in the traffic pattern. We will have the opportunity to configure everything. We can use the firewall for dynamic routing and various other tasks. However, despite its capabilities and offerings, there are still some limitations. WatchGuard doesn’t offer deep-level packet filtering or in-depth packet analysis for companies with numerous applications. WatchGuard is a good solution if you require a comprehensive analysis of your organization’s activities within your budget.

Overall, I rate the solution a seven out of ten.

We are using WatchGuard Firebox for defense of our internal infrastructure.

I wouldn't say that Firebox has improved the way our organization functions, but rather that it protects our organization.

The solution identifies attacks on our services and, as a result, directs our attention precisely to the cause of the problem. As we are not actively watching the traffic ourselves and we completely rely on Firebox to alert us instead, the solution saves us about 30 hours per week.

The most valuable features are WatchGuard’s antivirus, traffic protection, and ease of configuration. I also appreciate their traffic analytics. 

After conducting several tests I found the antivirus is working very well. Additionally, they have a very interesting feature, DNS WatchGuard, which is checking DNS requests for phishing, among other things, and it has caught a lot of unwanted attempts and attacks.

Regarding the management features, the interface is user-friendly, and the instructions are well documented. There is a fast learning curve and everything is intuitive and understandable.

It also provides us with layered security. Firebox protects our traffic, as we have numerous Web Services that are external and which are a priority for us to defend. We don't use the rest as much.

I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure. Having said that, reporting features were not very important for us when selecting a solution. What was important were other types of functionality that WatchGuard Firebox was able to meet.

In addition to the reporting features, I would suggest they work on an SSL VPN gateway.

We have been working with WatchGuard Firebox for about one year. Initially we got an M200 model and then switched to an M470 in a cluster.

In terms of the stability, everything is perfect. We haven’t experienced any issues.

The solution scales intuitively and quickly with any internet, meaning the solution’s protocols support any internet configuration. The connectivity scales in any location.

We could scale it to several companies with up to 100 employees and up to 1 Gb of traffic.

I would rate WatchGuard's tech support at the highest mark of five out of five. I was very pleased with them. We were working with them on the software licensing and opened some tickets related to technical issues. In both cases, they resolved the issues promptly and without unnecessary back-and-forth, unlike when working with the support teams of other vendors.

Before Firebox we used a Sophos firewall. We switched because the WatchGuard firewall offers a broad set of features and parameters that were lacking in the Sophos firewall. Additionally, the WatchGuard solution was cheaper.

WatchGuard has a comprehensive antivirus system included in the firewall and that was important for us. Sophos’ antivirus features were weak, in comparison.

The initial setup was medium in terms of the difficulty of some aspects, such as initially understanding the logic of their security policies. It took several hours to acquaint myself and to fully understand things. The whole deployment took about three days.

We initially had an implementation strategy, but it was adapted according to the recommendations and specifications of WatchGuard.

In terms of the technical aspects, I am the only who works with this solution in our organization.

Initially, we purchased the Firebox just for us but, as of today, we have deployed it to two or three other companies. The client sent us project specs with necessary internet configurations for each device, as well as the physical locations. We replicated their infrastructure in our test environment, configured each device according to their specs, and shipped the device to them. The client then connected the device with a cable to the ports outlined in our instructions and everything worked the first time.

During the deployment we worked closely with WatchGuard’s tech support team and they were very speedy in their responses to us.

The price of the solution corresponds to the quality and the feature set offered. There are no additional costs to the standard licensing fees.

Before selecting WatchGuard Firebox, we evaluated the Cisco FirePOWER firewall and, in comparison, Firebox is much easier to use.

Also, WatchGuard’s solution, in terms of the cost-per-value ratio, is very balanced.

My advice would be to try this product.

As for the throughput, at this point it is hard for us to evaluate it because we don’t have heavy traffic, or at least we do not experience the traffic throughput specified for this model. Our inbound and outbound traffic is 1 Gb and the M470 handles it very well, not even stressing its components.

When it comes to the solution’s Cloud Visibility feature, they need to improve on the reporting. But in terms of the logs, it gives us very good visibility.

Overall, I would rate the solution a strong eight out of 10.

We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.

It helps keep unwanted traffic from coming in, or traffic from going out that we don't want to see out there. If we have unwanted traffic coming in, traffic that we don't need as a facility, then we would be opening ourselves up to security problems and vulnerabilities. It helps because malicious attacks coming in are things I don't have to worry about. So far the WatchGuard has done a good job at blocking all that.

In terms of simplifying my job, the simplest device is one that you can put in place and not have to worry about it. That's the WatchGuard. It's there, it's working. I don't have problems with it so it's "out of sight, out of mind."

It also saves me time, by doing what it's supposed to do. I don't have to mitigate problems that it allowed through. I couldn't tell you how much time it has saved me. It really would depend on what kind of problems I might experience.

The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out.

In terms of the throughput and performance, we don't have a problem or any bottleneck there. We downgraded the size of our appliance because we're a small facility, and what we had before was actually too big. The one we are now going with seems to be doing a great job.

The management feature is pretty nice.

I'm not really impressed with the reporting side of it. It may be something I just haven't figured out very well, but it's hard to filter down on reporting of the actual valuable information that you would want. There is a lot of information out there so you have to have some kind of tool capture it and then filter through it. So far, I haven't found the reporting side of the WatchGuard to be that user-friendly. I would definitely like to see better reporting tools from WatchGuard. That would be a very high priority for me.

Also, setting up the site-to-site VPN is pretty easy with the WatchGuard, but the client VPN setup is not very friendly. If you have a client-to-device VPN that you need to set up for a mobile user there are different protocols that they will accept but none of them are a plug-and-play type of option.

The organization has had WatchGuard, different versions, for 12 years. I've used WatchGuard, myself, for about seven years. We got the Firebox approximately three years ago.

The stability is great. I've not had any problems. In three years, we've had to restart the device maybe twice. We've had to restart it more than to clear out any cache, because you don't want anything building up in cache memory. But we've only had two problems where we needed to restart the device. And it actually restarts really fast. It doesn't have much downtime at all.

It's used extensively. This is the only firewall we have in the facility, between the hospital, nursing home, and home health. It handles all the traffic that comes from all three campuses here. I don't see us expanding enough to worry about getting another device. This one seems to be doing exactly what it needs to do.

I've only had to use their technical support twice in quite a few years, so it would be hard for me to rate. But they were responsive when I did have a problem. I haven't had any problems with support at all.

I moved here in 2013 and the company was using the WatchGuard at that point.

With this newest device, the initial setup was pretty straightforward. We were able to copy the configuration from the old device. That's a good thing about it: the configuration file is able to transfer from an old device to a newer device and just continue going. It takes a long time to build up different traffic policies, and to make exceptions for different websites. If you had to do that every time you got a new device, that would be a problem. Luckily, with this, you're able to save your configuration file and transfer it to the new device.

The deployment of this new device took 30 minutes, at most. There are only three people in our IT department, but the deployment only required me to be involved. The other two guys are network technicians. All three of us can go in and modify policies or do whatever we need to do, but it generally doesn't take much maintenance.

I got on the phone with WatchGuard to make sure that everything would transfer over and they assured me that it would. And as far as the switching over to the new device goes, most of the planning required was just letting users know that the internet was going to go down for just a little while. We planned it for a period of slow usage here at the hospital where we could bring it all down, copy the config file, move it to the new device, put it in place, and swap the connections over. It came right up. We had to import the new key and got it activated. But other than that, everything worked.

ROI on this type of solution is a hard number to quantify. We've not had a problem so that in itself is a return on investment. If you don't have an issue how do you calculate what your return of investment would be? How do you quantify the peace of mind? But we've not had to spend a lot of time troubleshooting.

The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand. 

And with this appliance you also get a certain number of VPN tunnels. With this one, it's something like 500, not that we would even use that many. Whereas with SonicWall, at the time we were using it, it came with 10 and then anything over that had to be purchased.

Money-wise, it's a one-and-done with the WatchGuard. With SonicWall, there were a few things that you had to pay extra for to get. 

The subscription services with the WatchGuard are pretty nice.

I used the SonicWall at another hospital in southwest Arkansas. 

WatchGuard has come quite a way, as far as the Fireware Web UI goes. The GUI application has become better, making it easier to navigate through setting up policies and setting up VPN tunnels, etc. SonicWall had been there quite a while longer than WatchGuard, in terms of being user-friendly. But I can't complain about the WatchGuard now. When I first moved here, it was very cumbersome to navigate through, but with the Web UI it's really improved.

They do have a client that you can connect to the WatchGuard if you want to use that client. It's still kind of clunky for navigating and I very seldom use it anymore. They call it the WatchGuard System Manager. It's not quite as friendly as the Web UI. It's usable, it's just not really friendly. But the Web UI is very well done.

My advice would be go for it. We've not had any problem with it. We've been very pleased, especially with the newer WatchGuard we've put in place. It's very responsive. It works great. It may have a little bit of a curve on learning it, but once you learn it, it's hard to say you'd want to go back to something else.

It took me a little bit to get used to WatchGuard. I was familiar with SonicWall before I moved into this role. But now that I've used it for almost seven years, I've gotten to know it pretty well and it works great. Once you get used to what I would call the idiosyncrasies of WatchGuard, as opposed to the SonicWall, it's pretty easy to configure. Using the WatchGuard web UI also makes it a lot easier to configure.

It provides us with somewhat layered security. It is the firewall between us and the outside world. With our subscription we do have the Gateway AV, so it does watch for things of that nature. We have certain policies in place that help with the layered part of it. But it's just one of many layers. We have other things in place to help, but it's definitely something I wouldn't want to do without.

Our main use case for WatchGuard Firebox is to protect companies from Internet threats.

The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats. It is essential to renew licensing and subscriptions to safeguard against potential penetrations.

One area for improvement could be making the interface even more user-friendly.

I have been working with WatchGuard Firebox for a couple of years.

WatchGuard support is generally helpful and does a good job, although occasionally I may need to call for clarification on some technical matters.

Other products like Fortinet and Palo Alto have had security flaws, but WatchGuard Firebox fits within the budget of the client.

I also work with Cisco, and Cisco's CLI is highly customizable, though it requires more time to learn initially. Cisco's support is also quite good.

The main difference between Cisco and WatchGuard Firebox is the support structure. With Cisco, you can directly communicate with the manufacturer, while with WatchGuard Firebox, support is through local channels only, without the option to directly contact WatchGuard via email or open a ticket.

Managing WatchGuard Firebox is easy for experienced users. Initial setup and deployment typically take a couple of days, including preconfiguration before installation on-site to avoid potential issues.

The price of WatchGuard Firebox is generally lower than Cisco, making it easier to sell to customers. However, if the price were slightly lower than it is now, it would be even more appealing. Some customers underestimate the importance of the subscriptions included with the boxes, but with experience, I have seen how critical they are for protecting against hackers and data breaches.

WatchGuard Firebox works well for network security, email protection, and phishing prevention. It is cost-efficient and offers features like EDR or XDR without being overly expensive.

Overall, I would rate WatchGuard Firebox as a seven out of ten. It is a solid tool.

Our client deploys WatchGuard Firebox and helps to establish VPN connection between multiple files. 

I find this solution very easy to manage. The web manager and Firebox key features are particularly impressive for cloud applications. That's why I often recommend this solution to our clients. It has good threat management capabilities and works against different types of threats.       

I think one area for improvement in this solution would be enhancing communication with tools like Active Directory. This would make the tool easier to integrate and effective for users.

I have been using WatchGuard Firebox for the past eight years.

The solution has been stable without any noticeable bugs.

I find WatchGuard Firebox to have medium scalability, serving around ten medium-sized clients with approximately five hundred users each. 

I find the service support to be slow at times, especially in terms of response and case resolution. 

Neutral

I would rate the initial setup as ten out of ten, since it is very easy.

The deployment process is quite fast, usually taking just one day. To deploy the solution, we follow the steps outlined in the deployment guide, which are straightforward and easy to follow.

WatchGuard Firebox is typically deployed on-premises in our client's organizations.

I would rate the pricing at seven out of ten. As for the licensing costs, we typically have yearly licenses for our clients, but there are no additional costs beyond the standard licensing fees.

I always recommend using WatchGuard Firebox in our projects because it's straightforward to manage and deploy.

I would rate this product an eight out of ten.