WatchGuard Firebox Reviews

I'm a system administrator and we have a partnership with WatchGuard. 

The solution has a useful traffic monitor. You can check if the packet in the unit works and analyze the proof quickly. It's very easy to use and provides good security. 

We've found that sometimes the solution is not easy to understand and we need to bring in some specialist assistance. 

I've been using this solution for two years. 

The solution is very stable.

We haven't needed to scale so I can't comment on that. 

The support is good but we've had some difficult situations because not everyone in support is good when it comes to specific problems such as VoIP. 

We previously used Cisco but there came a time when we needed to move to a more updated product. 

The solution is difficult to implement without a specialist, especially the first time. It requires an IT technician. It's become easier for us to deploy ourselves now that we've had some experience.

Licensing costs are very reasonable and paid annually. If you need additional options they can be bought separately. 

This device is for Unified Threat Management (UTM). Our primary uses for this solution are as a firewall, antivirus, anti-spyware, web-blocker, and APT blocker.

I can say that it has been defending our organization. There are from ten to one hundred attacks per day to our IT forum and our email server.

The most valuable feature for small and medium businesses is the support for various protocol proxies. Without any subscription, they can realize an IDS/IPS solution.

It would be wonderful if the WatchGuard team develops nice products for threat intelligence. They have a subscription service called DNSWatch, but this needs to be improved.

This product is very stable.

There is no problem with the scalability. If I need a more powerful appliance then I can buy it, but I can also use less powerful devices. Overall, scalability is ok with this solution.

We have about fifty people using this solution. There are two IT specialists, and all of the rest are salespeople, office support, etc.

The technical support is very good. I know only of one company whose tech support is better than WatchGuard's.

I have experience with Check Point UTM, and I find that this application has approximately the same functionality, but it is cheaper.

The initial setup is very easy. It is not complex.

For a small organization that has between fifty and one hundred users, the deployment can be done in perhaps fifteen minutes to three hours. Our deployment took approximately one hour.

Only one person is required for maintenance.

We handled the deployment ourselves.

I can see ROI within several months.

The cheapest configuration, for maybe five people, is approximately $500.

There are several other license steps that vary based on the number of security services that are included in the subscription.

We had considered several other solutions such as pfSense, MikroTik, and Fortinet. However, we became a WatchGuard distributor for the territory of the Russian Federation, so we are using only WatchGuard solutions.

It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality.

I would rate this solution a ten out of ten.

We are using it for firewalling and providing wireless network connectivity for access points. It is a standard product for our infrastructure. 

We can implement it very easily. There are some standards that we can explain to our colleagues. It is easy to maintain the same type of installation at various customer locations. It is easy to pass on the information to our team about how to implement it in the same way.

The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on.

Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for.

I have been using this solution since 2014.

It is a very stable product. Usually, we have several years of uptime on WatchGuard Fireboxes. They can run for very long without any issues.

It is very scalable. We have several customers with several sites, and we can easily extend the network by using Fireboxes at several sites with site-to-site tunnels. If you use the WatchGuard system management software, you can even drag two Fireboxes together, and they automatically make their own tunnel. You don't even have to perform any additional tasks. It is very user-friendly in terms of scalability.

We get good support. It can take a bit longer only in the case of a specific problem that even they are not aware of, but that's the case with many of their competitors. In general, their support is very good.

It is fairly easy to deploy. You can also deploy it remotely. It provides a very easy and out-of-the-box experience.

It has a very good price. It is not the most expensive one, and it is also not the cheapest one. It is just spot-on in terms of price.

We evaluated Fortinet and Cisco. We chose WatchGuard because we wanted our engineers to be able to learn and work with the product in a very short amount of time.

When comparing Fortinet and WatchGuard, in the past, Fortinet was before WatchGuard in providing the features for directly resolving DNS names and hostnames and making additions to the rules. A few months later, WatchGuard also implemented these features. Nowadays, it goes both ways.

I would advise others to definitely take the WatchGuard Essential Security training course, which is a four-day or three-day course. It really gives a broad overview of the product. You get a good, basic, and overall feeling of the product. You can take it in groups. We normally go with four to five engineers of our company. Most of the time, after that course, you can implement the basic product and even scale it out to many more locations without requiring additional training.

I would rate WatchGuard Firebox a nine out of ten. I am pretty satisfied with this solution.

It's our external firewall and VPN solution.

• It allows us to access the outside world.
• It keeps us safe from external threats coming in.
• It allows us to have remote access.

The fact that it just works is one of the most valuable features.

It's fairly intuitive when trying to figure out how to try to get things configured the way you need them. It either works or it doesn't, which means if you have a failure you have a chance to get things fixed.

In addition, I have not noticed any throughput issues at all. The device we have will actually operate at faster technologies than we have available to us.

Management of the solution is great and it also provides us with layered security. It has onboard virus scanning features that allow it to scan before something gets to the host. It will also stop a person from going to a site that is known to be bad.

There is room for improvement on the education side, regarding what does what, rather than just throwing it at a person and assuming they know everything about it. A lot of times, you have to call WatchGuard support to get the solution that will work, rather than their just having it published so that you can fix the problem on your own.

We've been with WatchGuard now for about six years. We've got their XTM firewall.

Their support is awesome. I get a solution to my problem within 24 hours, and if they don't have a solution within 24 hours, they usually have a higher-tier tech working with me until the problem is solved.

The setup was fairly straight forward. We were actually dealing with a failure situation when we received the product. So we had WatchGuard support on the lines from the get-go, helping us get started so that we could get the information. It's something that we would not have been able to do had they not helped.

The main firewall was deployed within a day. The satellites were deployed within a week.

We have two home offices that they're distributed to. Typically, I get the device in, I provision it with the workflows and the exceptions they need, and then they plug it.

I can't say whether Firebox has saved me time. It's a firewall and it does its job. So whether it be WatchGuard, SonicWall, or anybody else, if it does its job and I don't have to look at it, I'm happy. I haven't really looked at a lot of the reporting features. I mainly go in there, figure out where people are having troubles, and fix their problems. 

We're using WatchGuard Firebox for multi-factor authentication (MFA), layer three switching, and to segregate our industrial network from our corporate network.

The most valuable feature of WatchGuard Firebox is its ease of use.

WatchGuard Firebox could improve the speed of updates, such as new features or improvements. However, they are frequently improving the solution in many areas, such as geo-locations, definitions, and web blocking.

I have been using WatchGuard Firebox for approximately six years.

The stability of WatchGuard Firebox is very stable.

WatchGuard Firebox is very scalable. We're using it in a redundant system with two stacked together. It has good redundancy and is good for failover.

Our whole company of approximately 100 users is using the solution.

The support from WatchGuard Firebox is very good.

Positive

We have one system administrator doing the support and maintenance of the WatchGuard Firebox.

We license the WatchGuard Firebox annually. There are different types of subscriptions available. We are paying approximately $15,000 annually. The cost can increase if you purchase different subscriptions.

You can purchase the solution without support, but I would strongly recommend the support. The support is great.

I rate WatchGuard Firebox an eight out of ten.

Actually, we do not use WatchGuard Firebox, we just sell and sometimes deploy and install it for the customer. We usually set up a few basic policies then give it to them to continue on.

The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser.

The other feature is the side to side VPN. We have a bank client and they use a WatchGuard device for their headquarters and other WatchGuard devices for their branches. Setting up those IP's and VPN's was quite easy because the relay was at the branch office where the VPN resides. So that was quite handy to set up.

In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing.

We have seen other products like Sophos, Checkpoint and Palo Alto that were much easier to set up their web built setting than it is with WatchGuard. So aside from all other features, including the VPN security policies, the only feature that is quite confusing is the web block feature.

They could make the web blocker much easier to set up.

In terms of scalability, they have models like the 5,000 series and 6,000 series. We have not reached that yet. We are only a small company and our customers are only small and medium businesses. So no enterprise companies yet. But I think if we need a bigger box, we would go with the 5,000 series.

Right now we're only at about 200 hundred users. Sometimes we are trying to push for the 300 series or 500 series, but not yet.

We require a staff of one or two for deployment and maintenance.

I think technical support is okay. When I log a case, they usually respond within a day. Then, if they need to do some things for the client, they are quite flexible and do it based on the client's schedule. So no problem with the support. They are good. So far all our issues we have raised, and we have large cases, have been resolved. So their tech support is quite good.

We switched because WatchGuard is cheaper. An old product that we previously sold was quite expensive, especially the security renewal after every year, but WatchGuard offered quite a competitive price and in a bundle that was much easier to understand. Cyberoam, for example, was quite complex to set up under licensing. Cyberoam was bought by Sophos. So we switched to WatchGuard for the price.

The main highlight is price. The client has quite a tight budget so we can offer much more with WatchGuard.

Setup was easy because the manual was there and it was quite easy to connect to a particular port. It's very understandable. Setup was very straightforward, nothing complex.

Deployment could take only a few minutes or up to an hour and we can already set up a few basic policies. But the thing that drags longer is teaching the client to use it and to set up their own security policies. Sometimes they don't have enough experience at setting up WatchGuard, it's still new to them. But maybe after a few hours of lectures from us they get it. We still continue to support them after initial set up, for example if if they want to set up a policy we can assist them with that.

I have seen a return on investment, especially for the client. They have less problems in the bandwidth because the users are not going to unnecessary sites. So productivity should be better. Clients would not be tempted to browse unnecessary sites, games, download movies, because there is a firewall with restrictions in the policies. So therefore, the users would be performing at their best.

The box costs 180,000. One third of the price of the box goes to the yearly renewal fee, around 50 or 60, for the basic. There is the advanced feature which is half of the box, but the basic is quite enough for most of our brand, which is why we have not used the TDR yet.

And the response comes free for the advanced features and advanced licensing.

The advice I would give to anyone considering WatchGuard Firebox is that it is a good product, despite what they say about it not being in the Gartner quadrant leaders. It performs well. It's fast. The only downside would be the web filtering side of things. If the client wants a good web filtering device, they have to go to another vendor, but just for Firewall IP and VPN, I think WatchGuard will be good.

I'm not saying that the web filtering for WatchGuard is really bad, just confusing. Some clients don't want to do something that's confusing for them, they prefer something easy, but if they can live with a little confusion, then it's okay. But it is good to have a good partner, someone like us, in case the client has a problem setting up their policies, especially in the web filtering, we can help.

Speaking on behalf of the client, I think they are okay with the solution. They are still continuing to use it past a year already, and they continue to renew. They are satisfied with its performance and what it is capable of doing.

On a scale of one to ten, I'll give WatchGuard Firebox an eight.

It's our firewall for the internet.

The most valuable feature is the NAT-ing, the IP addresses. What the firewall does is that it NATs through the IP addresses for different servers. We can direct the traffic where it needs to go. We can control the traffic.

It's fairly easy to use. I don't think we have any trouble with it.

We've also never had any trouble with the throughput or performance. We've just recently upgraded the internet and we're getting our router upgraded. Once we get that in place, we'll see how the Firebox responds. To date, we've never had any problems.

It also provides us with layered security.

I would like to see more tutorials on setting up the Firebox.

I've been Using WatchGuard for well over 10 years.

The stability has been fine. We've had no issues with its stability.

We haven't scaled it.

There are about 40 users, anywhere from plant production to purchasing to the president, and accounting. They all go through the firebox to get to the internet of course. It's used by all management in the organization, for sure.

We don't have any plans to increase usage of the solution.

There is just one person who handles the deployment and maintenance of the solution. He's a programmer.

We didn't have a previous solution. It's always been a Firebox.

I don't believe we had any trouble with the initial setup. 

My gut feeling is that we have seen ROI. It keeps us secure and it allows us to get out to the internet. As opposed to having no protection, it has provided ROI.

I've had no problems with the licensing.

It works for us.

In terms of simplifying any aspects of my job, there's nothing I can specifically say because I've used WatchGuard for so long that I don't have anything to compare it against.

It's our perimeter firewall.

We used to have Cisco and Cisco was pretty cumbersome. I actually still use Cisco, but I like WatchGuard for the features it has.

It provides us with Layer 2 and Layer 3 security.

If it didn't work we wouldn't be able to get to the internet and that would be a terrible thing.

All of its features are valuable, although we don't use the antivirus. We do use the web filter.

It's also the ease of configuration that I like. In terms of usability, it just works. And the throughput is 100 Mbps. It's fine.

There are a couple of things I wished that it would do, but I can't think of those off the top of my head.

I have been using WatchGuard Firebox for about 15 years.

It works and just keeps on working.

The scalability is fine.

Their technical support is good. Honestly, I haven't had to call them in five or six years.

We used Cisco previously. Cisco didn't have the features that I needed, like the proxies. A Cisco box would probably do that now, but back then they wouldn't. So we switched to WatchGuard.

The initial setup is straightforward. You just read the manual and follow the directions. It didn't take very long to set up. It was about an hour to have it configured and set up.

I have deployed Firebox to distributed locations. You just plug in the numbers, the IP addresses. That's all you do. It's pretty simple.

We have seen return on our investment. It just works. I may have to reboot it once every two or three years.

The pricing of WatchGuard was pretty comparable to Cisco, but I actually haven't looked at a new Cisco box in quite some time, so I can't say how they compare now.

I would advise that you go with whatever you're more comfortable with. If you're more comfortable with Cisco, then go with Cisco.

Firebox doesn't really save us time because whether you're going to configure a Cisco or you're going to configure a WatchGuard, you still have to configure something, no matter what it is. It is a little easier to configure WatchGuard though.

It takes just one person in our organization to deploy and support it, and that's me. Overall, our environment has about 300 users.