WatchGuard Firebox Reviews

We are WatchGuard partners, and we also use it on our own. We are using it for general firewall purposes and vulnerability management. We are also using some of the additional security stacks such as intrusion detection and so on.

We are one version behind the latest version. We have it on-prem at the moment, but some of our customers have private cloud solutions.

I like intrusion detection the most.

I'm pretty happy with it, but vulnerability management could improve a little bit in comparison to other parts, such as Cisco and so on.

There could also be better reporting. For example, there should be more out-of-the-box management reports. These two improvements would be nice.

I have been using this solution for around 10 to 15 years.

It's stable.

It's scalable, but I haven't compared it with others.

There are five people who are using it from an administrative perspective, but everyone is using WatchGuard because of the VPN.

I haven't interacted with them myself, but my colleagues state that their support line is good.

Its setup is of medium complexity. It's not super easy. Everything is in its right place, but it's not as complicated as other vendors. It's in the middle.

The deployment duration varies. Depending on your needs, it could take a few hours.

It's in the medium range. Its price is pretty good considering the functions and add-ons that are used.

I would advise having a proper look at the features because there are a lot of different versions, scales, and limits on different Fireboxes. You have to decide in advance which one is good for you in terms of performance, future needs, and so on. You shouldn't have too many changes in your landscape. 

I would rate it an eight out of ten.

I found several features valuable in WatchGuard Application Control such as the HTTP Proxy, DNSWatch, VPN, and HTTPS Content Inspection.

What could be improved in WatchGuard Application Control is its price. It could be cheaper. You always want the best price for any solution, but for security products, pricing is usually on the higher side.

I've been using WatchGuard Application Control for five years now.

WatchGuard Application Control is a stable solution.

WatchGuard Application Control is a scalable solution.

Whenever I need support for WatchGuard Application Control, I'm able to get it from the vendor.

The initial setup for WatchGuard Application Control is easy if you understand its UI and features. I would rate its setup as four out of five.

The licensing model for WatchGuard Application Control is based on the number of users. WatchGuard Application Control also has licensing models with several features.

On a scale of one to five, I would rate the price of this solution a five.

The number of users for WatchGuard Application Control is currently five hundred, in several locations, for several clients.

My advice to others looking into using WatchGuard Application Control is that it's a great solution. It has several features, and every year, WatchGuard implements another solution that complements its security functions. WatchGuard Application Control is always improving through the addition of new features.

My rating for WatchGuard Application Control is nine out of ten because it's a good solution for me.

My company is a partner of WatchGuard.

I'm a system administrator and we have a partnership with WatchGuard. 

The solution has a useful traffic monitor. You can check if the packet in the unit works and analyze the proof quickly. It's very easy to use and provides good security. 

We've found that sometimes the solution is not easy to understand and we need to bring in some specialist assistance. 

I've been using this solution for two years. 

The solution is very stable.

We haven't needed to scale so I can't comment on that. 

The support is good but we've had some difficult situations because not everyone in support is good when it comes to specific problems such as VoIP. 

We previously used Cisco but there came a time when we needed to move to a more updated product. 

The solution is difficult to implement without a specialist, especially the first time. It requires an IT technician. It's become easier for us to deploy ourselves now that we've had some experience.

Licensing costs are very reasonable and paid annually. If you need additional options they can be bought separately. 

I mainly use Firebox for SSL, VPN, internet proxy, site-to-site tunnels, and intrusion protection.

Firebox's best feature is the access portal.

Firebox would be improved with integration for endpoint protection solutions.

I've been using Firebox for three years.

Firebox is generally stable, with only some glitches here and there, and its performance is okay.

Firebox is scalable.

WatchGuard's technical support is okay, but they could do more to push knowledge so the customer could solve their own problems.

Neutral

The initial setup was straightforward.

We used an in-house team.

Firebox is priced reasonably.

I would give Firebox a rating of seven out of ten.

I use WatchGuard Threat Detection and Response to protect our clients from ransomware, spam, and other threats. We want to make sure all their applications are secure.

I have been using WatchGuard Threat Detection and Response for approximately two years.

WatchGuard Threat Detection and Response is a reliable solution.

I have found WatchGuard Threat Detection and Response to be scalable.

We have approximately 30 people using this solution.

If we are not able to find answers to our questions about the solution from documents we can contact the support online through a portal on the application we have. They are able to help us when we have issues.

I was using a different solution previously to WatchGuard Threat Detection and Response.

The installation of WatchGuard Threat Detection and Response is straightforward. It did not take a lot of time, approximately 10 minutes.

There is a license required to use the solution and we pay annually. The price could be reduced because it is a bit expensive.

I would recommend this solution to others.

I rate WatchGuard Threat Detection and Response an eight out of ten.

Actually, we do not use WatchGuard Firebox, we just sell and sometimes deploy and install it for the customer. We usually set up a few basic policies then give it to them to continue on.

The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser.

The other feature is the side to side VPN. We have a bank client and they use a WatchGuard device for their headquarters and other WatchGuard devices for their branches. Setting up those IP's and VPN's was quite easy because the relay was at the branch office where the VPN resides. So that was quite handy to set up.

In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing.

We have seen other products like Sophos, Checkpoint and Palo Alto that were much easier to set up their web built setting than it is with WatchGuard. So aside from all other features, including the VPN security policies, the only feature that is quite confusing is the web block feature.

They could make the web blocker much easier to set up.

In terms of scalability, they have models like the 5,000 series and 6,000 series. We have not reached that yet. We are only a small company and our customers are only small and medium businesses. So no enterprise companies yet. But I think if we need a bigger box, we would go with the 5,000 series.

Right now we're only at about 200 hundred users. Sometimes we are trying to push for the 300 series or 500 series, but not yet.

We require a staff of one or two for deployment and maintenance.

I think technical support is okay. When I log a case, they usually respond within a day. Then, if they need to do some things for the client, they are quite flexible and do it based on the client's schedule. So no problem with the support. They are good. So far all our issues we have raised, and we have large cases, have been resolved. So their tech support is quite good.

We switched because WatchGuard is cheaper. An old product that we previously sold was quite expensive, especially the security renewal after every year, but WatchGuard offered quite a competitive price and in a bundle that was much easier to understand. Cyberoam, for example, was quite complex to set up under licensing. Cyberoam was bought by Sophos. So we switched to WatchGuard for the price.

The main highlight is price. The client has quite a tight budget so we can offer much more with WatchGuard.

Setup was easy because the manual was there and it was quite easy to connect to a particular port. It's very understandable. Setup was very straightforward, nothing complex.

Deployment could take only a few minutes or up to an hour and we can already set up a few basic policies. But the thing that drags longer is teaching the client to use it and to set up their own security policies. Sometimes they don't have enough experience at setting up WatchGuard, it's still new to them. But maybe after a few hours of lectures from us they get it. We still continue to support them after initial set up, for example if if they want to set up a policy we can assist them with that.

I have seen a return on investment, especially for the client. They have less problems in the bandwidth because the users are not going to unnecessary sites. So productivity should be better. Clients would not be tempted to browse unnecessary sites, games, download movies, because there is a firewall with restrictions in the policies. So therefore, the users would be performing at their best.

The box costs 180,000. One third of the price of the box goes to the yearly renewal fee, around 50 or 60, for the basic. There is the advanced feature which is half of the box, but the basic is quite enough for most of our brand, which is why we have not used the TDR yet.

And the response comes free for the advanced features and advanced licensing.

The advice I would give to anyone considering WatchGuard Firebox is that it is a good product, despite what they say about it not being in the Gartner quadrant leaders. It performs well. It's fast. The only downside would be the web filtering side of things. If the client wants a good web filtering device, they have to go to another vendor, but just for Firewall IP and VPN, I think WatchGuard will be good.

I'm not saying that the web filtering for WatchGuard is really bad, just confusing. Some clients don't want to do something that's confusing for them, they prefer something easy, but if they can live with a little confusion, then it's okay. But it is good to have a good partner, someone like us, in case the client has a problem setting up their policies, especially in the web filtering, we can help.

Speaking on behalf of the client, I think they are okay with the solution. They are still continuing to use it past a year already, and they continue to renew. They are satisfied with its performance and what it is capable of doing.

On a scale of one to ten, I'll give WatchGuard Firebox an eight.

We are a solution provider and WatchGuard is one of the product lines that we implement for our customers. I am the person in the company that is responsible for WatchGuard products.

We do not use this product in my organization. I'm enabling partners and providing training for them on how to use this technology and how to sell it.

I assist customers with implementing PoC installations in different environments.

This product has a dashboard on the cloud that manages logs coming for the WatchGuard Firebox and workstations. It is a good product but it is not a fully integrated EDR or endpoint solution.

This product is one that not many customers request.

The most valuable feature is the correlation of logs from different devices.

If there is a traditional antivirus solution installed on the machine then we can use it with this solution, helping to protect the endpoint from zero-day attacks.

This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them. If it were fully integrated with WatchGuard Firebox then it would make sense.

I began working with WatchGuard products approximately two years ago but WatchGuard Threat Detection and Response is one that I have not been working with for a long time.

Scalability is very good because it's just an endpoint and therefore, it is managed through the cloud. There are no challenges.

Technical support for this product is perfect. If you open a ticket with them, even with the slowest SLA, they reply to you within four hours. You can also request that they open a remote session with you.

Quite some time ago, I had experience with Sophos products as a distributor in Egypt.

I also have experience with products by Fortinet. I have been evaluating Fortinet because they are one of our competitors.

The initial setup is very straightforward. The length of time required for deployment depends on the number of endpoints that we are dealing with.

For a new setup, we can complete the bulk of the deployment at one time, but it is better to schedule it. This also depends on the number of endpoints because if it is huge then it will take time. A small number of endpoints, such as 20 machines can be completed in perhaps one to two hours.

The number of people required for deployment also depends on the number of endpoints.

I would rate this solution an eight out of ten.

We are a solution provider and WatchGuard is one of the product lines that we implement for our customers. I am the person in the company that is responsible for WatchGuard products.

We do not use this product in my organization. I'm enabling partners and providing training for them on how to use this technology and how to sell it.

I assist customers with implementing PoC installations in different environments.

My client that recently implemented WatchGuard Firebox is running an ERP that is used by clients that are in different countries from around the world. They are using Firebox to protect the ERP from outside threats. Essentially, they need to protect the perimeter because users come to the server from different environments.

This solution protects the cloud-based server from incoming and outgoing traffic. In this regard, it acts as a web application filter for the server.

This product offers great protection using the default settings.

The vendor needs to address customer concerns and develop more according to requests, instead of prioritizing based on the existing roadmap. This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests. This is especially true in cases where the feature is common among competitors.

In the future, I would like to see better integration with Active Directory. It should depend on the user's login. This is a feature in big demand and most competitors do not deal with it the right way. Making this change would make sense with customers.

I began using WatchGuard Firebox approximately two years ago.

This is a very stable product.

Scaling this solution requires a migration plan. For an on-premises deployment, there can be challenges related to extending the hardware appliances. A single box is not scalable itself. Rather, you need to migrate to a bigger appliance. But, there is an amazing feature for this called offline configuration.

The offline configuration capability lets you migrate settings from one box to another in minutes. After five minutes, everything will be migrated to the other Firebox and it will scale smoothly without any interruptions.

Technical support for this product is perfect. If you open a ticket with them, even with the slowest SLA, they reply to you within four hours. You can also request that they open a remote session with you.

When it comes to feature requests, however, the vendor takes too long to reply.

Quite some time ago, I had experience with Sophos products as a distributor in Egypt.

I also have experience with products by Fortinet. I have been evaluating Fortinet because they are one of our competitors.

The initial setup is very easy and straightforward. They have a great wizard and it has a great default protection setting. Anyone that is setting it up for the first time, or has not even used a network security product, doesn't need an expert to configure it. The default protection for threats is great.

This is always deployed in a virtual environment, either on-premises or on the cloud. The deployment can be completed in six to ten minutes.

I deploy this product for my customers.

The staff required for deployment and maintenance depends on the project capacity. For a small or medium-sized project, one person is enough. For the smoothest deployment, this should be an engineer or an experienced technician that is aware of network security.

My advice for anybody who is implementing WatchGuard Firebox is to follow the guidelines and best practices that are available on the WatchGuard help center.

I would rate this solution a nine out of ten.