2018-10-04T17:27:00Z

What needs improvement with WatchGuard Firebox?

Julia Miller - PeerSpot reviewer
  • 0
  • 52
PeerSpot user
61

61 Answers

Eduardo Monteiro. - PeerSpot reviewer
Real User
Top 5
2024-02-27T13:29:02Z
Feb 27, 2024

The solution's pricing could be improved.

Search for a product comparison
ümit Yasin Karakurt - PeerSpot reviewer
Real User
Top 10
2023-09-27T13:01:33Z
Sep 27, 2023

In WatchGuard Firebox, the antivirus and malware detection systems are areas with shortcomings that require improvement since they are the most important elements of a cybersecurity tool. In the future releases of WatchGuard Firebox, I want to see more frequent updates.

Abhiram Sreekumaran Nair Anitha - PeerSpot reviewer
Real User
Top 10
2023-07-28T19:00:52Z
Jul 28, 2023

WatchGuard has several limitations, particularly concerning throughput and performance, and management, firmware updates, and customer support need improvement. The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. Moreover, the solution doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end. WatchGuard cannot perform packet captures for multiple IPs simultaneously, restricting us from achieving them individually. Due to these limitations, we are considering migrating to Fortinet.

Carlos Coris - PeerSpot reviewer
Real User
Top 5
2023-06-16T11:25:48Z
Jun 16, 2023

When working with WatchGuard, specifically in configuring Panda Security on the portal for the first time, it was challenging for me. Creating the partner center and setting up the account in Panda Security was not straightforward. Although working with the Panda Security part itself is easy, I faced difficulties in creating the partner center. So, maybe this could be an area of improvement. Another area of improvement is the license. The price could be cheaper.

RA
Real User
Top 20
2023-05-05T09:13:00Z
May 5, 2023

The performance of the solution's processor needs to be faster than other vendors. Also, it is time-consuming to configure it whenever multiple policies are involved. This area needs improvement as well.

MUSTAPHAABAHLOUS - PeerSpot reviewer
Real User
Top 20
2023-04-12T14:18:43Z
Apr 12, 2023

Although this solution is better than others on the market, I'd like to see improvement in the visibility of network traffic. It feels that the web interface is missing some parts, particularly access and configuration.

Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Luca Toni - PeerSpot reviewer
Real User
Top 5
2023-04-12T13:38:44Z
Apr 12, 2023

Visibility with an app that could extract or connect the data without entering Firefox directly would be an improvement. I am looking for tools that can improve mobile security because our Firebox router mainly focuses on physical perimeter security. While we can use VPN to connect laptops to the network, mobile phones, and tablets can only rely on wireless networks, which don't provide direct endpoint security. Therefore, I believe there is a need for additional measures to connect mobile devices securely to the Firebox router. The price has room for improvement.

Ronald Lewis - PeerSpot reviewer
Real User
Top 10
2023-02-07T18:18:42Z
Feb 7, 2023

The VPN aspect of the WatchGuard Firebox is an area that could potentially benefit from improvement. We encountered difficulties while attempting to integrate Windows 11 laptops into the system, which resulted in unreliable connections. After some research, we discovered that this was primarily due to compatibility issues with Windows 11 and required a patch. However, it was still a challenge as it seemed that even when we tried to keep the laptops on Windows 10, they still exhibited the same issues as Windows 11 machines. Despite WatchGuard attributing the problem to Microsoft, we were eventually able to find a solution and all the machines are now functioning seamlessly. The solution comes with a web interface that facilitates configurations, but it doesn't have the same level of functionality as the installed client or system manager. The web UI could be further improved. In a future release, the detection of ransomware would be helpful. Ransomware is our biggest fear.

MS
Real User
Top 20
2023-01-12T16:42:00Z
Jan 12, 2023

The user interface for WatchGuard Firebox has room for improvement. Right now, it's a bit complex to work with and could be easier. I like Fortigate better because its user interface is nicer and easier to work with than WatchGuard Firebox, so improving the user interface would be great.

Matthew Cooper - PeerSpot reviewer
Real User
Top 10
2022-12-14T08:28:08Z
Dec 14, 2022

The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming.

WN
Real User
Top 20
2022-11-08T16:23:43Z
Nov 8, 2022

I would like to see more training become available for us. I would like to see the port conflicts improved.

PR
Real User
Top 20
2022-11-02T13:25:27Z
Nov 2, 2022

I'm pretty happy with it, but vulnerability management could improve a little bit in comparison to other parts, such as Cisco and so on. There could also be better reporting. For example, there should be more out-of-the-box management reports. These two improvements would be nice.

DM
Real User
Top 20
2022-09-01T21:52:09Z
Sep 1, 2022

WatchGuard Firebox could improve the speed of updates, such as new features or improvements. However, they are frequently improving the solution in many areas, such as geo-locations, definitions, and web blocking.

Nadeem Abdulla - PeerSpot reviewer
Real User
Top 10
2022-07-22T12:40:16Z
Jul 22, 2022

Firebox would be improved with integration for endpoint protection solutions.

FB
Real User
Top 20
2022-07-21T19:53:43Z
Jul 21, 2022

We've found that sometimes the solution is not easy to understand and we need to bring in some specialist assistance.

Andrew Keywood - PeerSpot reviewer
Reseller
Top 10
2022-07-05T10:52:06Z
Jul 5, 2022

There is room for improvement in the threat protection, data packet inspection, and performance of the solution. Generally, it's just a lower-end product. It does the job but doesn't do it very well. Compared to Palo Alto, for example, some of the main differences are zero-day protection, performance, deep packet inspection, and App-ID. I'm not really a fan of WatchGuard. We only use it with one client and we're trying to get them to get rid of it. I prefer to use Palo Alto instead. Industry analysts have voted Palo Alto the number one firewall for the last eight consecutive years, so if you want good protection, it's a no-brainer.

SE
MSP
2022-03-22T18:54:20Z
Mar 22, 2022

They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time.

Surjith Cs - PeerSpot reviewer
Real User
2022-01-19T14:30:00Z
Jan 19, 2022

An area for improvement is that when we use a web administration link, there is no security.

MA
Real User
Top 5Leaderboard
2022-01-04T21:26:53Z
Jan 4, 2022

The vendor needs to address customer concerns and develop more according to requests, instead of prioritizing based on the existing roadmap. This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests. This is especially true in cases where the feature is common among competitors. In the future, I would like to see better integration with Active Directory. It should depend on the user's login. This is a feature in big demand and most competitors do not deal with it the right way. Making this change would make sense with customers.

LP
Real User
2021-12-27T19:34:00Z
Dec 27, 2021

The reporting could use improvement, because most of the firewalls available in the market come with the reporting built-in, with the memory and the hard disk capacity and all. With WatchGuard, the models we use, none of them support that part.

ST
Real User
2021-07-10T18:31:17Z
Jul 10, 2021

The solution can improve by adding a feature to tag a MAC address of a computer system in the policy and more IP configuration settings.

SM
Real User
2021-06-02T14:21:41Z
Jun 2, 2021

The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in.

RV
Reseller
2021-04-22T19:03:30Z
Apr 22, 2021

Often, customers don't end up using a lot of the features. They should move more towards integration with other OEMs such as web application firewalls, et cetera. There should be better integration and a way to configure multiple vendors into the same data center in order to offer more flexibility.

AS
Real User
2021-04-02T12:38:13Z
Apr 2, 2021

The solution is lacking a professional website, they should be updated more often.

MS
Real User
2021-01-24T19:01:00Z
Jan 24, 2021

I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not.

PG
Real User
2020-12-17T09:13:00Z
Dec 17, 2020

I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that. I also struggle with its usability a little bit. I come from an open source background, so I'm accustomed to BIND and DHCP from Linux builds. With their tools I'm struggling to have a web interface. I'm not getting a third-party web interface, so I'm using Webmin, which I have become accustomed to. You have to relearn or find services that you know are there. You have to figure out what they mean by an alias. Setting up a network interface or port-forwarding isn't necessarily using the language that I'm accustomed to. Every time you deal with a new user interface, they structure things differently. Where do you go and how do you maintain it and how do you document it? So I'm frustrated often when I get involved in vertical software where they start to brand or rename things, or they've adopted terminology. An example with WatchGuard is that every time I want to find a log, I have to search forever to find just basic logging. It's in there someplace, consistently. It's just that there isn't a button that says "logging."

MA
Real User
Top 5Leaderboard
2020-08-20T18:56:00Z
Aug 20, 2020

I would like to see the number of management consoles reduced. As it is now, Firebox can be configured using the web UI, WatchGuard System Manager, Dimension server, and from the cloud. This should be done without affecting the way we deal with the configuration file, as it's one of the strongest points in making its implementation smooth and easy. I would like to see the devices made more flexible by adding modules to increase the ports that we can use. As it's started from T80, the last edition of tabletop appliances, it should also be applied to all M series appliances.

AS
Real User
2020-08-13T08:33:00Z
Aug 13, 2020

I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure. Having said that, reporting features were not very important for us when selecting a solution. What was important were other types of functionality that WatchGuard Firebox was able to meet. In addition to the reporting features, I would suggest they work on an SSL VPN gateway.

SR
Reseller
2020-08-02T08:16:00Z
Aug 2, 2020

The pricing could be improved. It is definitely one of the more expensive products, though you can't really compare it to Ubiquiti or SonicWall.

FC
Real User
2020-07-27T07:17:00Z
Jul 27, 2020

The reporting features are not as flexible as I thought before I bought it. You can retrieve some simple statistics from the centralized reporting server. But let's say I want to look at the volume of internet access among our staff. There are no out-of-the-box reports or stats or any unit of measurement that show internet access for particular staff. There is no report that shows how long they're on or the volume of traffic, especially in a particular period. It's not necessary that it have very modern BI analytics, but at this point I'm a little bit disappointed with the reporting. One of the purposes of implementing the firewall was to do more application control and reduce the risk involved in employees accessing the internet. We want to measure and know how much time of our staff spends accessing and browsing and using internet resources.

RM
Consultant
2020-07-08T09:01:00Z
Jul 8, 2020

The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous.

DE
Real User
2020-06-25T10:53:00Z
Jun 25, 2020

Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard. I'm missing a tool by default, where you can find unused policies. This is possible when a) you adminstrate the firebox with dimension, or b) you connect it to Watchguard's cloud.

GH
Real User
2020-05-05T06:08:00Z
May 5, 2020

I would like to see more tutorials on setting up the Firebox.

GT
Real User
2020-05-03T06:36:00Z
May 3, 2020

If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier. Also, if they could provide more examples in their documentation, that would help. Sometimes they will say, "Hey, go in and set this up," and it would be so much easier to do it if they put in a couple of examples and showed me. Imagine instructions on how to change a tire and the steps you go through. Give me some pictures or some examples of how you change the tire. Where do you put the jack so it doesn't tear up the fender on your car? I'm a person who loves looking at examples cause I can look at things and see how they applied them and then learn from them. Even if they put in some snapshots and said, "Here's how this should look after you put this information in," that would help. It would be confirmation that this is accurate and this is going to work. Finally, when we did the split tunneling, as it turned out, that was an all-or-nothing, global setting. As soon as I did that it impacted everybody. What I was hoping to do was to set that up so that I could do a pilot group and, once it was working, I could turn it on for everybody. We needed to get it going and it was all-or-nothing. We did that on a weekend and it ate up my weekend time.

JS
Real User
2020-04-28T08:50:00Z
Apr 28, 2020

There is room for improvement on the education side, regarding what does what, rather than just throwing it at a person and assuming they know everything about it. A lot of times, you have to call WatchGuard support to get the solution that will work, rather than their just having it published so that you can fix the problem on your own.

JM
Real User
2020-04-08T06:36:00Z
Apr 8, 2020

I'm not really impressed with the reporting side of it. It may be something I just haven't figured out very well, but it's hard to filter down on reporting of the actual valuable information that you would want. There is a lot of information out there so you have to have some kind of tool capture it and then filter through it. So far, I haven't found the reporting side of the WatchGuard to be that user-friendly. I would definitely like to see better reporting tools from WatchGuard. That would be a very high priority for me. Also, setting up the site-to-site VPN is pretty easy with the WatchGuard, but the client VPN setup is not very friendly. If you have a client-to-device VPN that you need to set up for a mobile user there are different protocols that they will accept but none of them are a plug-and-play type of option.

GS
Real User
2020-04-07T06:13:00Z
Apr 7, 2020

There are a couple of things I wished that it would do, but I can't think of those off the top of my head.

GP
Real User
2020-04-01T07:25:00Z
Apr 1, 2020

The usability could be better, but it is definitely manageable. If we have to go to a backup internet connection, that could be a little bit easier. Other than that, I really don't have any complaints about it.

KC
Real User
2020-03-30T07:58:00Z
Mar 30, 2020

WatchGuard could be a little more robust in reporting. I get requests a lot to figure out people's internet traffic. We want to know what people are doing when they are on the internet. There is still a little bit of fine-tuning that can be done to that process.

GH
Real User
2019-11-14T06:34:00Z
Nov 14, 2019

Websense is an application that monitors and filters internet traffic. Websense was derived from WatchGuard. But when you go to WatchGuard to actually implement that particular feature, you have to use some type of additional feature and you have to pay for it, unfortunately. I think it should be free or free in the WatchGuard box itself, as an option. It would be nice if they didn't charge us for that. And if they won't offer it for free, they should offer something better. It definitely needs a big improvement because it's very unfriendly. It's called Dimension Basic and there is a reason they call it basic, because it gives you very basic information. Let's say you want to track someone's internet activity or where they've been going. Websense gives you detailed information as far as the source. But this one only gives you very basic information and, on top of that, it's a free version for only a few months and then you have to pay for it. So not only is the version very basic but you still have to pay for it. That, in my opinion, has room for improvement. Everything else that we have, the live security services and network discovery and all the spam blocking, threat protection, and the web blocker, is included.

SJ
Real User
2019-11-13T05:29:00Z
Nov 13, 2019

The reporting is a little on the weak side. I would like to see a better reporting set and easier drill-down options.

AH
Real User
2019-11-07T10:36:00Z
Nov 7, 2019

There is a slight learning curve. Beyond that, the only issue we've had in the past two or three years had to do with the number of current tunnel connections, and that was just an issue with our size of Firebox. We got a bigger Firebox. The old one was able to handle the load. It was just that we ran into a licensing issue. We had hit our number of concurrent tunnels. We have a lot of tunnels with the phone system. We have tunnels to and from each site for the phones to be able to talk. It was a little bit of a surprise when we came across this situation, but it's present in the documentation. It didn't take us long to figure out that that was the reason we were having an issue. It was just our not having the forethought to make sure that what we had was able to expand to meet our needs.

CW
Real User
2019-11-06T03:06:00Z
Nov 6, 2019

We would like to see granular notification settings and more advanced filtering in traffic monitoring.

HC
Real User
2019-10-03T07:51:00Z
Oct 3, 2019

There are some features I'd like to see, although they are not standard in any of the products in this class; for example, better monitoring. I'd like to have better access to workstation monitoring, connection monitoring, and the amount of time an address is being used, to better gauge proper network utilization. If I knew that something was connected to a particular external location for an extended period that seems abnormal, I'd be able to act upon it. It comes down to overall monitoring and reporting for the class of services that I have. The solution's reporting and management features, based on what I have, are fair. I'd like to see an easier way of managing, controlling, and viewing usage at an IP-address-based level.

JG
Real User
2019-10-02T11:08:00Z
Oct 2, 2019

We have several branch offices. Those things run, you forget about them. My biggest gripe was when I went to update some of my devices, to try to make some speed improvements, not only did I get hit with, "You need to renew your LiveSecurity," but there was this reinstatement fee that they threw in on top of it. That really angered me, to the point that I canceled the entire order. I actually almost replaced some of those devices and I'm looking to replace them because of that type of thing. It's fair to pay for services like filtering, etc., but I don't feel it's fair to pay for updates to a product because they're patching and fixing and updating their product because of bugs. If I want to pay for the next version of something that gives me additional features, that's fair. But to have to pay a reinstatement fee and that sort of thing, I find it to be a very poor and unethical practice. We'd never do that to our customers. The reason I haven't thrown a huge fit is because everybody does it. SonicWall will do it; Cisco. All those guys do that kind of thing. I really don't like that, particularly because you're talking about a device that you paid $300 for, and the reinstatement fees are another $200-plus. I can just buy a brand-new device for that, get a faster unit, and get another year of stuff. Maybe that's what they're trying to encourage me to do. But there are firewall devices out there that I can buy that will do a lot of the stuff that I need to do in the remote offices, without having to purchase a yearly or three-year plan. I keep our main system up to date, but for the small edge units, it's just an unneeded expense. That's my biggest negative and biggest gripe about WatchGuard. In terms of the reporting and management features — and this isn't necessarily a WatchGuard issue, this seems to be more of an industry-wide issue — you get reports, but a lot of times you don't know what you're looking at. You're so overwhelmed with the data. You're getting a lot of stuff that doesn't matter, so it takes time to parse through it, to actually get what you want to know. If it gives me a threat assessment such as, "You received an attack from North Korea," I don't know what that means. I know that an IP address from North Korea hit our server, and they tried a certain attack. Is that something I should take seriously or not? I don't know. But that seems to be true with a lot of the solutions out there. They tend to report everything, and there's not a lot of control over getting rid of the noise. I've had it report threat attacks from devices within my network, from my own PC, in fact. So it's misinterpreting some things, obviously. Reporting is not something I rely very heavily on because of that. I look at it but I don't know what I'm looking at. Instead, I have a monitor that displays various things about my network, and I will have the main screen up just to see things like which host in the network is the busiest. I tend to use the main dashboard to get real-time information.

JG
Real User
2019-07-31T05:52:00Z
Jul 31, 2019

Sometimes, the writing rules are a little confusing in how am I doing them. I had some trouble with the previous product version (XTM) at the end. When the product aged a bit, there were no redundant power supplies. For what we're doing, it would've been nice to have something to fall back on instead rebuilding and taking it from an old configuration because the older version did die. We were able to take from an older configuration, build a new one quickly, and get it up and running, which didn't take long, but there was some pain around it.

JR
Real User
2019-07-29T10:12:00Z
Jul 29, 2019

The software base, the management piece that goes onto a server, is not as user-friendly as I would like. There are three different pieces that you have to manage, so it's a little bit convoluted, in my opinion. For people who use it all the time, it's great. But I don't use the management interface all the time. Overall, it's powerful enough, so that is something that we can overlook.

GT
Real User
2019-07-29T10:12:00Z
Jul 29, 2019

There is always room to get better, which is why I gave the solution a nine out of 10.

JB
Real User
2019-07-28T07:35:00Z
Jul 28, 2019

Reporting is something you've got to set up separately. It's one of those things that you've got to put some time into. One of the options is to set up a local report server, which is what I did. It's not great. It's okay. I've heard their Dimension control reporting virtual machine is supposed to be a lot better, but I haven't had the time our resources to set that up. Some of the stuff is a little complicated to get up and running. Once you do, it becomes very user-friendly and easy to work with, but I find there are some implementation headaches with some of their stuff. I wish I had a contact at WatchGuard because there are a few things I'm not using. I'm not doing packet inspection because I know it's pretty intensive to install certificates on all my computers and have it actually analyze the encrypted traffic. That's something I'd like to do but I'd really like to talk to somebody at WatchGuard about it. Is that recommended with my number of users with my piece of hardware, or is that going to overload everything? I'm not using Dimension control. I'm not using cloud. If I had a sales rep or a support person that I could just check in with, that would help. Maybe they could do yearly account reviews where somebody calls me to say, "What are you using? What are you not using? What would you like more information about?" That sort of thing could go a long way. They do a lot of education, but it's sent out to the masses. They have really good emails they send out which I find very valuable, talking about the industry, security events, and other things to be aware of. But there's not too much personal reaching out that I've seen where they're say, "Hey, how can we help your company use this device better? What do you feel you need from us?" That's my main recommendation: There should be somebody reaching out to check in with us and help us get more out of our device.

JL
Real User
2019-07-28T07:35:00Z
Jul 28, 2019

We do a lot of work with cloud-based and Internet-based vendors. A lot of times when we are on the phone with them, I find that it is a bit more technical than they are used to when we are trying to set up specific exceptions to the firewall. We ask for the ports that it's going to use or the block of addresses that they're going to be going from. A lot of times the only thing that they have for us is the web address that they want me to whitelist. Unless I'm missing that functionality, it seems like it is looking more for those technical data points, essentially. A lot of times, I'm running into a problem where there's a lack of give and take between WatchGuard and me. We get it figured out eventually, but it would just be nice if there was a way to say, "We just want to whitelist this address."

AR
Real User
2019-07-18T11:31:00Z
Jul 18, 2019

The software in it could be a bit more friendly for an amateur user. I look at it and don't understand what half the stuff is. Looking at the interface, it is all mumbo-jumbo to me. It's not a simple interface. You have to be an IT guy to understand it. It is not for your average person to use, then walk away from it. It is much more entailed. It could be a bit more user-friendly, but my IT guy knows what he's doing with it. I just let him do most everything. They need to make it so you have a step-by-step guide which goes through and sets it all up for you. However, they don't have that. You have to know what you're doing with it.

JR
Real User
2019-07-16T05:40:00Z
Jul 16, 2019

I would like to see more simplified management of the firewall. It's something that I've had to bring in outside support for - for setting up the firewall - because I don't fully understand it yet. I've been learning it. Some of that is my fault, but it's a complicated system to use. I don't know if it can be simplified much, because of the nature of what it's doing. But it's very complicated.

JW
Real User
2019-07-14T10:21:00Z
Jul 14, 2019

We use WatchGuard to manage our failover for internet. If a primary internet goes down, it does a failover to the secondary the internet. However, what it doesn't do so well is that if the primary internet has a lot of latency but it's not completely down, it doesn't do a failover to the backup in a timely manner.

JJ
Real User
2019-07-14T10:21:00Z
Jul 14, 2019

One of the things that is always valuable is workshops. It's really hard to get away and do webinars, but what I would like is a selection of webinars. I see WatchGuard comes forward with a webinar where they're going to introduce this or that. I'd like to see a lot more of those and a lot shorter. On lynda.com I can just point to a video to show me something I need to know how to do; for example, how to merge contacts in Outlook. But it is a ten-minute video. I would like to see more of that kind of learning. I'm sure WatchGuard has got all these videos, has got the webinars and the training sessions. But when I need to know something, I need to be able to get to it quickly. I want an indexed learning system very close to what lynda.com might use. I also want to be able to put questions forward either in a "frequently-asked-questions" forum or by sending them up to the support team for quick reply. I want to be able to go to a portal and put in my problem and have WatchGuard bounce back to me with, "Well, this is how we can do it," or "We don't have a solution for that." And then I can go to other vendors to look for a solution. The more targeted learning system I can have, the better. If I have to schedule a webinar that might take 30 minutes, there's a good chance I'll miss it. I sign up for webinars and it happens that I'm not available because I've got other fires going. The learning has to be there almost at my whim: "I've got a fire burning, I've got to figure out how to put it out. I need a ten-minute video to show me." Those learning sessions have to be available and easily found, when I need them. I have so little control over my schedule on a daily basis, and I'm sure I'm like many others. One other shortcoming is that there is no backup for it. We really haven't figured out how we might solve that problem. We may want to put a duplicate in. With Cisco, it's not uncommon to have dual firewalls with something our size. That way, if one were to fail, we've always got the other. With WatchGuard, we just have the one box. If that were to fail, we'd probably be really hurting.

RP
Real User
2019-06-23T09:40:00Z
Jun 23, 2019

It's very hard to get information from their website, for exactly what I need to do. Sometimes I end up having to open a lot of support tickets. It's either too detailed or not. I never have good luck with their online tools. It's a navigational issue which makes it hard to find what I'm looking for and it's just so broad. In addition, I have had a ticket in for an awful long time regarding a bug that they should address. If you're using a firewall as a DHCP server, it doesn't keep a good record of the leases. I opened a ticket on this about two years ago, and every couple of months I get an email back that it's still under engineering review.

RM
Real User
2019-05-26T06:53:00Z
May 26, 2019

The product could have some more predefined service protocols in the list, which don't have to manually be defined. But that's very low hanging fruit. The documentation for the System Manager/Dimension configuration, could be a little bit clearer. The use case where you have multiple sites with multiple firewalls, and one site that has the System Manager server and the Dimension server, wasn't really well defined. It took me a little bit of digging to get that to actually work.

RL
Consultant
2019-05-16T16:17:00Z
May 16, 2019

It would be wonderful if the WatchGuard team develops nice products for threat intelligence. They have a subscription service called DNSWatch, but this needs to be improved.

SS
Real User
2019-05-16T16:17:00Z
May 16, 2019

This solution needs the option to add an external hard drive. The competitors have this. With WatchGuard, you have to get another server, set it up, and then point it to WatchGuard. That is where the logs will be stored. Some find this tedious because they have to get another server, although I find it advantageous because there is no hard drive needed. It removes another point of failure. In any case, if the customer wants an external hard drive then it would give them the option. I saw a feature in Cisco that was a historical trajectory of the files, or sets, moving in the network. I would like to see them include this feature in the next release of the TDR.

HA
Real User
2019-05-16T07:47:00Z
May 16, 2019

I don't know if it's just my version, but the WiFi access point integration has just started. It's getting better but if there were more reporting of the devices that are connected to WiFi access points that would be great. Right now I can see the MAC address and bandwidth usage for each device but that's about it. If I could see which sites the devices are visiting and what kind of traffic is generated from each device, that would be great.

it_user976371 - PeerSpot reviewer
Real User
2019-03-05T07:04:00Z
Mar 5, 2019

I don't think that WatchGuard would need to improve on their product. They have some of the least expensive appliances and software out there. They are extremely easy to use, the GUI is great through the web and on the desktop. That's why I feel WatchGuard has outdone themselves on their security products. Hands down, it's one of the best firewalls I have ever worked with.

MD
Real User
2018-10-04T17:27:00Z
Oct 4, 2018

The set-up and additional feature screens are old in design and very granular. You have to know what you are doing.

WatchGuard Firebox is a versatile security solution primarily used for security purposes such as firewalling, VPN, and protecting networks from outside and inside threats. It is also used for routing, multi-factor authentication, vulnerability management, and segregating industrial networks from corporate networks.  The product is praised for scalability, stability, user-friendliness, reasonable pricing, and good technical support. Some users use it for web filtering and hosting web...
Download WatchGuard Firebox ReportRead more