I would like to improve WatchGuard Threat Detection and Response, but I don't manage it directly. The main problem that WatchGuard Threat Detection and Response has is that they use several tools to do the same tasks, and they are sometimes very complicated to use and very slow. For example, we had Palo Alto deployed 10 years ago, and there were many things that were better managed by Palo Alto than the tools we currently have in WatchGuard Threat Detection and Response. The main concern is about managing tools and having a unified management model for managing the firewalls and response. They have many web interfaces that do many things, but they don't have one tool that does all the things that a firewall should do.
Consultant at a tech services company with 51-200 employees
Reseller
Top 10
2025-05-13T15:05:21Z
May 13, 2025
I would like to see the WatchGuard Firebox improved because I work with an experimental presales engineer directly, and we have some presentations regarding the SASE project under the XDR solution, so we know the good projects now.The WatchGuard Firebox has certain features, but the challenge is that we have some clients who don't have a network or are only mobile users, which leads us to think the future is in SASE products, not in the WatchGuard Firebox.The mobile coverage should be included with the WatchGuard Firebox, but in some cases, there is no WatchGuard Firebox because the client has no network or all users are in different locations.
The only problem I have with Firebox is the grouping issue. When implementing a rule using a group of IPs, it is not possible to do that directly. I have to manually add all the IPs, and this is where I think WatchGuard should improve.
The basic problem is that for every firewall in India, there is a need for a one-year or two-year subscription. That is the main issue for all users. Particularly in India, the cost for renewal after three years is 75% of the hardware cost, which is a significant problem.
The pricing of WatchGuard Threat Detection and Response could be improved. It's not the cheapest option available. That said, it often meets our needs effectively. There are areas for improvement in making the product more economical. In the future, I would like to see enhancements in eliminating threats more intuitively, allowing easier identification of issues.
Since WatchGuard acquired Panda, there may be synergies in consolidating both solutions under a single name to reduce customer confusion. Additionally, WatchGuard must address the issue of commercial licenses available at very low prices online, creating conflicts and challenges during sales to end users.
It is a basic tool tool, and it does very well for what it is supposed to do. It does simple checks against signatures. I think it is very much what it needs to be, and it is a basic tool that you just use. There were a little bit of problems with the tool's updates, making it an area where improvements are needed. Sometimes, the firewalls did not get updated in the databases.
IT at a manufacturing company with 201-500 employees
Real User
2020-12-15T09:31:18Z
Dec 15, 2020
This isn't very popular in China. It doesn't offer the best protection and it's incompatible with a lot of China's websites. It makes a lot of mistakes when it is detecting items as it's not recognizing items correctly. It has the functional WebBlocker and the server is not local. Sometimes the performance is bad we'll get pop-ups saying "the server is not available". I'm not sure if users outside of China have such an issue, or if it's just due to the fact that we have a unique web experience in the country. The solution just doesn't fit well here. The performance could be a bit better.
Owner / CEO at Midwest Technology Specialists LLC.
Real User
2020-07-09T06:27:06Z
Jul 9, 2020
The solution isn't what I would consider feature-rich. Due to the fact that the high volume of traffic that is currently encrypted, I find that the antivirus is less effective every year. That's not just WatchGuard, however. It's the biggest area in need of improvement right now is as a whole in the industry. It has the same weaknesses other firewalls have, and that's its inability to dissect encrypted traffic. It is capable of doing it, however, it requires some specialty configuration that often interferes with Azure, Amazon cloud services, or things of that nature. It would be useful if we could be able to get a report as to why the solution is doing one action but stopping another. You can configure it as part of the firewall to decrypt that traffic, effectively making it a middle man, however, in doing so, you often disrupt Microsoft Office 365 and Amazon Web Services. The capability is there. It is just not considered a recommended best practice. While the ability to determine threats in non-encrypted traffic is a good part of a solution, it is not an adequate standalone. It does not have an endpoint component. The feature I'm most interested in is additional endpoint protection, however, they recently purchased Panda. That would go in line with the EDR product. As a managed service provider, I'm always looking to simplify and clean my stack, so I can provide my customers with the best possible service with the least complexity. It's nice to know that they're actively working towards that already. Also, I should note that most of the features I want are currently already in beta.
WatchGuard Firebox is a high-performance firewall known for its ease of setup, offering robust security with layered protection and centralized management capabilities.WatchGuard Firebox stands out for its intuitive management and high throughput, addressing security needs with features like VPN, web filtering, and threat detection. Its centralized control and reporting abilities, along with Active Directory integration, make it popular among varied organizations. Its user-friendly interface...
I would like to improve WatchGuard Threat Detection and Response, but I don't manage it directly. The main problem that WatchGuard Threat Detection and Response has is that they use several tools to do the same tasks, and they are sometimes very complicated to use and very slow. For example, we had Palo Alto deployed 10 years ago, and there were many things that were better managed by Palo Alto than the tools we currently have in WatchGuard Threat Detection and Response. The main concern is about managing tools and having a unified management model for managing the firewalls and response. They have many web interfaces that do many things, but they don't have one tool that does all the things that a firewall should do.
I would like to see the WatchGuard Firebox improved because I work with an experimental presales engineer directly, and we have some presentations regarding the SASE project under the XDR solution, so we know the good projects now.The WatchGuard Firebox has certain features, but the challenge is that we have some clients who don't have a network or are only mobile users, which leads us to think the future is in SASE products, not in the WatchGuard Firebox.The mobile coverage should be included with the WatchGuard Firebox, but in some cases, there is no WatchGuard Firebox because the client has no network or all users are in different locations.
The only problem I have with Firebox is the grouping issue. When implementing a rule using a group of IPs, it is not possible to do that directly. I have to manually add all the IPs, and this is where I think WatchGuard should improve.
The basic problem is that for every firewall in India, there is a need for a one-year or two-year subscription. That is the main issue for all users. Particularly in India, the cost for renewal after three years is 75% of the hardware cost, which is a significant problem.
The pricing of WatchGuard Threat Detection and Response could be improved. It's not the cheapest option available. That said, it often meets our needs effectively. There are areas for improvement in making the product more economical. In the future, I would like to see enhancements in eliminating threats more intuitively, allowing easier identification of issues.
Since WatchGuard acquired Panda, there may be synergies in consolidating both solutions under a single name to reduce customer confusion. Additionally, WatchGuard must address the issue of commercial licenses available at very low prices online, creating conflicts and challenges during sales to end users.
It is a basic tool tool, and it does very well for what it is supposed to do. It does simple checks against signatures. I think it is very much what it needs to be, and it is a basic tool that you just use. There were a little bit of problems with the tool's updates, making it an area where improvements are needed. Sometimes, the firewalls did not get updated in the databases.
This isn't very popular in China. It doesn't offer the best protection and it's incompatible with a lot of China's websites. It makes a lot of mistakes when it is detecting items as it's not recognizing items correctly. It has the functional WebBlocker and the server is not local. Sometimes the performance is bad we'll get pop-ups saying "the server is not available". I'm not sure if users outside of China have such an issue, or if it's just due to the fact that we have a unique web experience in the country. The solution just doesn't fit well here. The performance could be a bit better.
The solution isn't what I would consider feature-rich. Due to the fact that the high volume of traffic that is currently encrypted, I find that the antivirus is less effective every year. That's not just WatchGuard, however. It's the biggest area in need of improvement right now is as a whole in the industry. It has the same weaknesses other firewalls have, and that's its inability to dissect encrypted traffic. It is capable of doing it, however, it requires some specialty configuration that often interferes with Azure, Amazon cloud services, or things of that nature. It would be useful if we could be able to get a report as to why the solution is doing one action but stopping another. You can configure it as part of the firewall to decrypt that traffic, effectively making it a middle man, however, in doing so, you often disrupt Microsoft Office 365 and Amazon Web Services. The capability is there. It is just not considered a recommended best practice. While the ability to determine threats in non-encrypted traffic is a good part of a solution, it is not an adequate standalone. It does not have an endpoint component. The feature I'm most interested in is additional endpoint protection, however, they recently purchased Panda. That would go in line with the EDR product. As a managed service provider, I'm always looking to simplify and clean my stack, so I can provide my customers with the best possible service with the least complexity. It's nice to know that they're actively working towards that already. Also, I should note that most of the features I want are currently already in beta.
I would recommend the solution. It's a good and stable product. Nothing is too difficult.