Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
EDR (Endpoint Detection and Response)
September 2022
Get our free report covering Trend Micro, Sophos, SentinelOne, and other competitors of WatchGuard Threat Detection and Response. Updated: September 2022.
634,550 professionals have used our research since 2012.

Read reviews of WatchGuard Threat Detection and Response alternatives and competitors

Systems Engineer at a tech services company with 1-10 employees
Real User
Top 10
Good protection and awareness, good scalability, and good support
Pros and Cons
  • "The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
  • "It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."

What is our primary use case?

We have got WatchGuard Firewalls. So, we use their EDR, which is a part of the security package that they provide us.

We use this solution for additional protection and response. We use it in combination with the antivirus that we provide to our clients. We have the latest version of this solution.

What is most valuable?

The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. 

It didn't have a central console earlier, but now it has a central console, which is pretty good.

What needs improvement?

It can have a couple of false positives, but after you add them to your allow list, it works fine.

It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good.

For how long have I used the solution?

I have been using this solution for probably about a year.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

Its scalability is really good. You can scale up or scale down depending on the number of users. 

We have over 200 clients of this solution. We have plans to increase its usage. We'll be deploying it for other clients to whom we provide our services.

How are customer service and technical support?

They provide very good support. I am definitely satisfied with their support.

How was the initial setup?

It is straightforward. It doesn't take long.

Which other solutions did I evaluate?

We evaluated a couple of other options such as SentinelOne and Palo Alto EDR Edition. We went with this solution because it is inbuilt with the network security routers that they provide. It is like an all-in-one sort of bundle system, and that's why we chose it.

What other advice do I have?

I would rate WatchGuard Threat Detection and Response a nine out of ten. It is pretty good, and I am satisfied with it.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Mohamed Y Ahmed - PeerSpot reviewer
Technical & Pre-Sales Manager at GateLock
Real User
Top 5Leaderboard
Good log correlation features, straightforward to set up, and works with traditional antivirus products
Pros and Cons
  • "The most valuable feature is the correlation of logs from different devices."
  • "This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."

What is our primary use case?

We are a solution provider and WatchGuard is one of the product lines that we implement for our customers. I am the person in the company that is responsible for WatchGuard products.

We do not use this product in my organization. I'm enabling partners and providing training for them on how to use this technology and how to sell it.

I assist customers with implementing PoC installations in different environments.

This product has a dashboard on the cloud that manages logs coming for the WatchGuard Firebox and workstations. It is a good product but it is not a fully integrated EDR or endpoint solution.

How has it helped my organization?

This product is one that not many customers request.

What is most valuable?

The most valuable feature is the correlation of logs from different devices.

If there is a traditional antivirus solution installed on the machine then we can use it with this solution, helping to protect the endpoint from zero-day attacks.

What needs improvement?

This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them. If it were fully integrated with WatchGuard Firebox then it would make sense.

For how long have I used the solution?

I began working with WatchGuard products approximately two years ago but WatchGuard Threat Detection and Response is one that I have not been working with for a long time.

What do I think about the scalability of the solution?

Scalability is very good because it's just an endpoint and therefore, it is managed through the cloud. There are no challenges.

How are customer service and support?

Technical support for this product is perfect. If you open a ticket with them, even with the slowest SLA, they reply to you within four hours. You can also request that they open a remote session with you.

Which solution did I use previously and why did I switch?

Quite some time ago, I had experience with Sophos products as a distributor in Egypt.

I also have experience with products by Fortinet. I have been evaluating Fortinet because they are one of our competitors.

How was the initial setup?

The initial setup is very straightforward. The length of time required for deployment depends on the number of endpoints that we are dealing with.

For a new setup, we can complete the bulk of the deployment at one time, but it is better to schedule it. This also depends on the number of endpoints because if it is huge then it will take time. A small number of endpoints, such as 20 machines can be completed in perhaps one to two hours.

The number of people required for deployment also depends on the number of endpoints.

What other advice do I have?

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
EDR (Endpoint Detection and Response)
September 2022
Get our free report covering Trend Micro, Sophos, SentinelOne, and other competitors of WatchGuard Threat Detection and Response. Updated: September 2022.
634,550 professionals have used our research since 2012.