WatchGuard Firebox Reviews

It is a firewall. I have two M400s. They act as security for the Internet, like a border between us and the Internet.

We allow more outside vendors to be able to come in, then I could protect them. This is a way that I could leverage the solution which has improved business. It has made vendors coming from the outside able to get to resources that we can provide them without allowing them onto our production network.

We have the logging working along with the System Manager overview. This all seems very good to use and straightforward. It is where I look when I start since it gives me that sort of a single pane of glass for both firewalls.

It gives me Layer 3 and Layer 4 security. I don't know if it gives me the full Layer 7 security, which some other firewalls do. It might in new revisions of it. However, for what I need, it meets the sweet spot.

Having the VPN access helps productivity in the sense that people can get to resources anywhere.

• HostWatch is a nice feature.
• Logging
• The central management piece of the system
• The overview manager is good to have.
• The GUI is somewhat easy to use.

These features provide visibility on the network. When there is trouble, I like to see why I might be having trouble at the gateway level.

HostWatch makes it so I can see, in real-time, activity in the event that there is something weird happening on the network. This simplifies my job.

The product's usability is good. It is straightforward and simple. One of the benefits is that it is easy to navigate and intuitive.

Sometimes, the writing rules are a little confusing in how am I doing them.

I had some trouble with the previous product version (XTM) at the end. When the product aged a bit, there were no redundant power supplies. For what we're doing, it would've been nice to have something to fall back on instead rebuilding and taking it from an old configuration because the older version did die. We were able to take from an older configuration, build a new one quickly, and get it up and running, which didn't take long, but there was some pain around it.

With the previous version (XTM), I started seeing some hiccups.

With this new version (M400), it has been in place for about a year and been running just fine. I haven't had to reboot it. I don't think I've had an issue at all with it.

I manage the solution as the network administrator.

I am not sure what I can scale up to. It meets our needs, though. We're not a growing company. We are sort of a static company in terms of growth. As a static company, we are not looking to increase our usage.

We have around 200 users, who are tradesmen, toll collectors, administrators, accountants, and auditors.

I haven't used WatchGuard's technical support because it is an easy product to use.

We switched from WatchGuard's previous model due to age of hardware. We went from something that was seven or eight years old to something from the last year or two.

The initial setup was straightforward. We had been previously using WatchGuard and moved from an XTM to an M400. So, this is our second-generation of firewall with them, and I didn't have any problems.

The deployment took about a day. I upgraded the hardware, making sure that everything migrated over correctly. That was the goal. I had one rule that I dropped, but that's about it.

We have multiple networks with Internet points of presence where we have multiple firewalls. These are not at the distribution layer. The core layer is more where our firewall is.

For the price point, what we do with it, and the time that the last one lived for on our network, we have gotten our money's worth from it. I'm satisfied with the product for the most part.

We did consider other vendors. I don't think there's a need for us to switch right now. In the future, there might be. However, we're pretty happy right now with what we have.

We also looked at Palo Alto, Cisco, and Juniper NetScreen. We looked at Juniper because we have a lot of Juniper switching infrastructure. WatchGuard's price point worked, which is the reason why we stayed with WatchGuard.

Leverage the website. They have a good knowledge base out there. If this was a green deployment, make sure that you understand how the policies work for VPN and matting.

The throughput is adequate. It certainly handles what I pumped through it, which is about 150MB. I don't know how we would do on a big gigabit network, but for what I do, it works. I haven't seen any slow downs in throughput.

I am not using the Cloud Visibility feature.

We use it as a firewall. It protects us from security threats and uses a VPN tunnel.

WatchGuard Firebox made it so that I can connect to my remote offices without having to set up every computer to connect to our headquarters. Now, the remote offices can all just login to their system and work as if they are here at our headquarters.

The throughput and performance are excellent. I have never had a problem with them.

The solution provides our business with layered security. It gives us the ability to prevent traffic from coming in on certain ports and the ability to navigate certain traffic to different locations, not letting it just come into my system and do whatever it wants to do.

The VPN and tunnel between the two different clients. 

The ability to route Internet traffic to certain computers or IP addresses based on ports, etc. It provides me with ease of use, allowing navigation without having to do too much networking. It is all in a user friendly location.

The product is very usable. I haven't had too many issues with it. It seems to always run and be easy to make changes to, as long as you know what you want to do. There is plenty of documentation online to how to do what you need to do.

It simplifies my job because I can make any changes all in one location. I can login at the user-friendly site versus trying to do it in a programming or networking level site.

There is always room to get better, which is why I gave the solution a nine out of 10.

The stability is great. I have only had one go out on me, and it was because of my issue. 

We have one IT person for deployment and maintenance.

It is very scalable. I don't see an issue with scaling. I could always add another system by buying a new box and adding the connection. It would be easy.

I would assume anybody connected to the Internet is using WatchGuard, because they are using their block sites, etc. Everybody in our company is using the Internet, which is around 60 to 70 people. However, the people who are really using it are the people that work at different remote locations and login either via the tunnel or VPN. That is roughly around 15 to 20 people who do data entry and processing.

We do not have plans to increase usage for a couple years.

The technical support was good. Last year, I had an issue with one of the Fireboxes going down. It was overheated, because my server room became overheated and this fried it. However, the technical support was excellent. They got me a Firebox out as soon as possible, which helped me resolve the problem, getting it back up and running. They were great.

I didn't do the setup.

The deployment took about a couple of days, because when we were initially setting it up, we didn't understand everything to do with IPs. Now that we've played with it over time, we understand what it's doing and how it's working. It is definitely easier and faster now, but the first time building it was at least a couple of days.

When we deploy the product to other locations, we usually just get a box. On it, we make a copy of another box, importing the information into the new box, then change the settings that need to connect to the IP address on the incoming box. After that, we just run out and change the ports over, then go. It's not hard at all.

We set it up ourselves.

The solution saves us about an hour a month.

Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing.

It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do.

We are not using the solution’s Cloud Visibility feature.

I use it for protecting my network and for routing. Also, if my network connection goes down with CenturyLink, it automatically switches over to my Verizon cellular.

It protects me against malicious websites, as well as malicious downloads, as a perimeter anti-virus. I've also seen it blocking a lot of pings and different probes. 

A file wasn't opening on one of our mobile devices, so the owner said, "Hey, open it on your computer," and WatchGuard stopped it. I didn't have to try to remove a virus from my accountant's computer because WatchGuard stopped it. 

It has also saved me time by not having to rebuild because of damage to the network due to nefarious situations. Since I installed WatchGuard, it has probably saved me 20 hours a year thanks to increased uptime as well as not having any issues with viruses on computers. It's protecting my network and I don't have to deal with downtime.

It has increased productivity in security management.

I've also had very good uptake time. I would have to reboot my previous routers once a month or so or try to figure out what was wrong with them. With WatchGuard I've had zero problems. If I ever have an issue with connecting to the internet, it's always due to my internet provider.

As the person who manages IT for the business, it saves me thousands of dollars.

• Safety
• Uptime

The solution's reporting and management features are good.

I would like to see more simplified management of the firewall. It's something that I've had to bring in outside support for - for setting up the firewall - because I don't fully understand it yet. I've been learning it. Some of that is my fault, but it's a complicated system to use. I don't know if it can be simplified much, because of the nature of what it's doing. But it's very complicated.

It's very stable. I haven't ever had a product that is this stable.

It appears to be scalable. Scalability doesn't apply to me very much. I did have to buy a new router since the last one wasn't powerful enough. But it was not too bad because I was able to upload all my previous settings to this new one. It handles our entire network, but I don't have any plans on increasing usage.

We have 15 employees and everyone uses it for some sort of connection, whether it be for their phones to connect to our server for our time-tracking system, or for our office computers. I'm the only person who takes care of its maintenance.

I would rate their technical support very highly. They are very knowledgeable.

I used Ubiquity. I switched because it was not stable and it would not provide a lot of the services that I needed.

It was complicated, but it's hard to say that it's the fault of the device itself, and not the complexity of what I was doing. It's managing my internet connection. I eliminated my internet provider's modem from my network. It's doing all of the routing and the work of the modem for my fibre internet connection. So it was complicated to set that up with my internet provider, but I don't know if that's due to the appliance itself.

The deployment took less than a day. It's hard to say exactly how long it took because I do woodworking as well as maintaining our network. It's hard for me to give it my full attention but I would say it took about four hours.

I purchased it through Last Mile Gear, a reseller. One of their techs assisted me in installing it. He was pretty helpful. I also called WatchGuard's helpline and they were very helpful.

The service seemed fairly expensive, but when I saw it stopped a malicious file and saved our computer from having to be rebuilt, I upped it to their Security Suite. It definitely showed itself to be useful, and I'm glad that I have it.

It's prevented network intrusions, which is invaluable. Having 100 percent uptime so far has made it a great value.

The cost three years ago was about $800. There were no additional costs beyond the initial purchase.

The reseller recommended WatchGuard, so that's what I went with.

If you can understand the way the firewall works, the logic of the firewall, it will serve you really well. It's a very stable, great product.

I started with a T10. I ended up needing a more powerful version, so I bought the T30 about two years ago. I've been very happy with it. The usability is difficult but it's a complicated system. It's a professional solution. I wouldn't recommend it to my friends for their homes, but for business, I think it's a fantastic solution.

I'm happy with the throughput on the T30. The T10 was definitely lacking. It was definitely slow.

I would rate it a nine out of ten. The way to make it a ten would be to make it easier to use for a novice.

We use it for our firewall as well as for our branch office VPNs.

The WatchGuard devices allow us to self-manage our network and our branch office VPNs. As a result, we've saved ourselves a lot of money, without compromising our security. It provides a much more economical and effective solution. We used to have an MPLS network which was a cloud-based firewall system and it cost us a small fortune every month. But when we implemented all these firewalls and got it all configured, up and running, we literally saved ourselves $10,000 a month.

It makes managing the network a lot easier. It takes care of our network for us.

Once it was set up and running, it began to save us time. It works, and we spend very little time managing it. We have very few issues with it. We might spend an hour a month managing it, if that.

The firewall aspect and the branch office VPNs are the most valuable features. They just plain work. We don't have any issues with it. We don't have to spend a lot of time maintaining it. You set it up and, for the most part, you can forget about it.

In terms of the usability:

• It's user-friendly with an easy user interface.
• It has a lot of features.

The throughput the solution provides is good.

In addition, WatchGuard provides our business with layered security. It certainly protects our network, blocks unwanted incoming traffic and, at the same time, can manage outbound traffic too.

We use WatchGuard to manage our failover for internet. If a primary internet goes down, it does a failover to the secondary the internet. However, what it doesn't do so well is that if the primary internet has a lot of latency but it's not completely down, it doesn't do a failover to the backup in a timely manner.

The stability is great. 

We don't really have any experience with the scalability. We implemented the appropriate devices for our size and we haven't really grown to the point that we've had to upgrade devices. The scalability is fine in the sense that we have some locations with more people, and WatchGuard has a slightly beefier device than we use at some of our smaller locations. All in all, it works well.

All of our networks are managed by WatchGuard. If we add locations we'll be using it for them as well in the future, although we don't have new locations on the horizon. We use it every day because it manages our network. Because all of our network traffic runs through WatchGuard, everybody uses it. But they're not using it for a specific function, other than to communicate between locations.

The customer service is good. If we have an occasional issue there are helpful. They help us resolve problems. Overall, I'm pleased.

We had a third-party MPLS network that managed all of the cloud-based software but it was very expensive. It was similar in effect, but it was a third-party, as opposed to WatchGuard which is self-managed. The main reason we switched was the pricing.

The initial setup was a little complex. But once we understood how it works and after we got the first one configured, the rest of the firewalls were pretty easy. It is pretty straightforward. It is just a matter of learning it initially: understanding the nuances of the application and the user interface, understanding how to set it up and understanding what does what and the naming of features. That initial learning curve was a little steep, but once we got into it, it made a lot of sense.

Company-wide, our deployment took about 30 days.

Our initial implementation strategy was to do a backup to the internet and ultimately remove our MPLS and use the branch office VPN to manage it ourselves.

We were helped by an authorized WatchGuard reseller on the initial setup. Once we got through the first one, we took over from them internally. The reseller was NetSmart. Our overall experience with them was very good.

We still have a relationship with them. We do a lot of our stuff in-house, but if we have something that we need a little bit of help with, we do reach out to them from time to time. But doing so, for us, is pretty rare at this point.

We have absolutely seen return on investment. We saved a small fortune switching over. It paid for itself, literally, within the first couple months.

When we bought them we got a three-year license for each device. The two larger devices are about $1,000 each and the smaller ones are about $500 or $600 each. 

There are some additional software features that you can add on and pay for, but we don't use them. 

We didn't evaluate other options. The WatchGuard reseller was a company we had done business with before and they recommended it right out of the gate. We went with that.

It's worth it, depending on your current network environment. If you are in the same situation we were in, it's really a no-brainer going from the MPLS network to self-managing it with simple broadband internet. It works great. To be honest, you'd be crazy not to do it. The advantages of WatchGuard over MPLS are that it's cheaper and you have more control because it's self-managed. The only con is that it does require a little bit of maintenance that you wouldn't otherwise have to do, but it's minimal.

In terms of distributed locations, we have a firewall at all of our locations. Once we got it set up we'd visit a branch, install it, test it, and implement it.

As for maintenance, it requires just one person, a network administrator. We manage it ourselves and there's not a whole lot to it.

The tool's most valuable feature is the dashboard. 

The solution needs to improve its accessibility. 

I have been working with the solution for four months. 

I rate the tool's stability an eight out of ten. 

My company has three users for WatchGuard Firebox. 

I rate WatchGuard Firebox a five out of ten. 

My company uses WatchGuard Firebox for the data centers that work in our office. My company has websites and web applications, because of which we use WatchGuard Firebox for system security.

In WatchGuard Firebox, the antivirus and malware detection systems are areas with shortcomings that require improvement since they are the most important elements of a cybersecurity tool.

In the future releases of WatchGuard Firebox, I want to see more frequent updates.

I have been using WatchGuard Firebox for two years. I am an end-user of WatchGuard Firebox.

Stability-wise, I rate the solution a one out of ten.

It is not a very scalable solution. Scalability-wise, I rate the solution a three out of ten. The scalability structure of the product does not work properly. There are some downtimes in the solution for which we don't get any notifications. In our company, we don't worry whenever there is an upgrade for the solution.

In my company, we are full-time users of WatchGuard Firebox, and we have applications that are not just used inside our office but publicly on the internet. My company faces many cyberattacks from Russia and China, which is really bad.

My company does not plan to increase the use of the solution.

When trying to contact the product's technical support team, it turns out to be a slow process.

I rate the technical support a three out of ten.

Negative

I rate the initial setup phase of the tool a seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on an on-premises model.

The solution's deployment process takes just a few hours to be completed.

For the deployment process, you first connect to a serial cable. WatchGuard has management software that you need to install on a computer to manage the firewall software. You need to connect the firewall serial cables to your computers. In my company, we manage just one software for upgrades and deployments.

One person is enough to take care of the product's deployment process.

WatchGuard Firebox is a cheap solution.

The systems from WatchGuard are not properly working since I have seen that my company faces exploits in security when using WatchGuard Firebox.

If you just plan to use WatchGuard Firebox in your office and not publicly, then it is okay to purchase it. With WatchGuard Firebox, you can manage your users and permissions while also taking care of the basic setup phase in your office. For systems open on the internet, you can use solutions bigger than WatchGuard Firebox that can provide you with more professional services.

Since the tool's performance is not good, I rate the overall tool a two out of ten.

We use this for our network, mainly for the configuration of rules, such as VPN connections, remote access connections, and application web filtering. I'm a security engineer and we are customers of WatchGuard.

This is a very flexible product without licensing limitations. They offer good classes through Gartner. 

Although this solution is better than others on the market, I'd like to see improvement in the visibility of network traffic. It feels that the web interface is missing some parts, particularly access and configuration. 

I've been using this solution for two years. 

The solution is stable. 

The solution is scalable.

We've never had to use the technical support. 

The initial setup is straightforward. 

I rate this solution eight out of 10. 

We're using WatchGuard Firebox for multi-factor authentication (MFA), layer three switching, and to segregate our industrial network from our corporate network.

The most valuable feature of WatchGuard Firebox is its ease of use.

WatchGuard Firebox could improve the speed of updates, such as new features or improvements. However, they are frequently improving the solution in many areas, such as geo-locations, definitions, and web blocking.

I have been using WatchGuard Firebox for approximately six years.

The stability of WatchGuard Firebox is very stable.

WatchGuard Firebox is very scalable. We're using it in a redundant system with two stacked together. It has good redundancy and is good for failover.

Our whole company of approximately 100 users is using the solution.

The support from WatchGuard Firebox is very good.

Positive

We have one system administrator doing the support and maintenance of the WatchGuard Firebox.

We license the WatchGuard Firebox annually. There are different types of subscriptions available. We are paying approximately $15,000 annually. The cost can increase if you purchase different subscriptions.

You can purchase the solution without support, but I would strongly recommend the support. The support is great.

I rate WatchGuard Firebox an eight out of ten.