WatchGuard Firebox Reviews

Our main use case for WatchGuard Firebox is to protect companies from Internet threats.

The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats. It is essential to renew licensing and subscriptions to safeguard against potential penetrations.

One area for improvement could be making the interface even more user-friendly.

I have been working with WatchGuard Firebox for a couple of years.

WatchGuard support is generally helpful and does a good job, although occasionally I may need to call for clarification on some technical matters.

Other products like Fortinet and Palo Alto have had security flaws, but WatchGuard Firebox fits within the budget of the client.

I also work with Cisco, and Cisco's CLI is highly customizable, though it requires more time to learn initially. Cisco's support is also quite good.

The main difference between Cisco and WatchGuard Firebox is the support structure. With Cisco, you can directly communicate with the manufacturer, while with WatchGuard Firebox, support is through local channels only, without the option to directly contact WatchGuard via email or open a ticket.

Managing WatchGuard Firebox is easy for experienced users. Initial setup and deployment typically take a couple of days, including preconfiguration before installation on-site to avoid potential issues.

The price of WatchGuard Firebox is generally lower than Cisco, making it easier to sell to customers. However, if the price were slightly lower than it is now, it would be even more appealing. Some customers underestimate the importance of the subscriptions included with the boxes, but with experience, I have seen how critical they are for protecting against hackers and data breaches.

WatchGuard Firebox works well for network security, email protection, and phishing prevention. It is cost-efficient and offers features like EDR or XDR without being overly expensive.

Overall, I would rate WatchGuard Firebox as a seven out of ten. It is a solid tool.

The solution is used to protect, detect, and respond.

It is a lightweight product. The interface is very good.

The website must provide more information on the product. The tool must be promoted more.

I have been working with the product for almost one year.

The tool is stable. It is easy to maintain it.

Our customers are small, medium, and large organizations.

It is easy to deploy the product.

The price is comparable.

We recommend the solution to our customers. We are resellers. We provide technical support to our customers. Overall, I rate the solution a nine and a half out of ten.

We use WatchGuard Firebox for the site's firewall and VPN solution. The WatchGuard supports remote gateway and mobile VPNs. WatchGuard Firebox serves as the primary firewall for the site.

The solution has many security features. We have an intrusion provision system and filtering and block filtering. These features have been enabled, and we have created services around them.

WatchGuard has several limitations, particularly concerning throughput and performance, and management, firmware updates, and customer support need improvement. The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. 

Moreover, the solution doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

WatchGuard cannot perform packet captures for multiple IPs simultaneously, restricting us from achieving them individually. Due to these limitations, we are considering migrating to Fortinet.

I have been using this solution since 2018.

The solution is stable, as I have been using a couple of devices without any restart since 2018, and there has been no downtime for these devices.

I rate the solution’s stability a nine out of ten.

I rate the solution’s scalability a seven out of ten.

The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. It doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

Neutral

I would rate my experience with the initial setup around six on a scale of one to ten, one being hard and ten being easy.

WatchGuard is better when compared to other firewalls. It is affordable for a midsized company.

WatchGuard is affordable, with features for individual customers, end-users, and midsized companies. However, big businesses with growth and an increasing workload have to migrate.

I rate the solution’s pricing a four on a scale of ten, one being lowest and ten being highest.

We don’t know much about what's happening in the traffic pattern. We will have the opportunity to configure everything. We can use the firewall for dynamic routing and various other tasks. However, despite its capabilities and offerings, there are still some limitations. WatchGuard doesn’t offer deep-level packet filtering or in-depth packet analysis for companies with numerous applications. WatchGuard is a good solution if you require a comprehensive analysis of your organization’s activities within your budget.

Overall, I rate the solution a seven out of ten.

We use the solution as an internet gateway. With its help, we can establish the connection between our company's HQ and branch.

The solution provided us with site connections and internet policies.

The solution's valuable feature is its pricing which is better than other competitors.

The performance of the solution's processor needs to be faster than other vendors. Also, it is time-consuming to configure it whenever multiple policies are involved. This area needs improvement as well.

I have been using the solution since 2012.

The solution is highly stable. I rate its stability a nine.

We have around 200-300 solution users in our organization. I rate its scalability a nine.

The solution's technical support is excellent.

Fortinet is faster to configure and access policies than WatchGuard.

The solution's initial setup process was simple, as I already have experience using it. It takes a month to complete. The process involves setting up the solution in a lab. Later, deploying it in a production environment once it meets all the configuration requirements.

Initially, we took help from a third-party vendor to deploy the solution. Afterward, we did it in-house. It requires three to four network administrators for deployment and two network administrators for maintenance.

The solution is worth buying.

I rate the solution's pricing as an eight.

I rate the solution as an eight. It offers more variable license bundles and has high availability than the other products.

In Italy, small and medium-sized enterprises are prevalent, with fewer than 20 devices being used in most companies. As a result, we typically use entry-level routers such as the T25 or T45.

We sell security and management services for our clients' structures, which allows us to provide visibility into events and the flow of actions taken by both the users and our company. We are pleased to have this tool within the Firebox toolset, as it enables us to show customers what is happening during an incident, as well as to continually monitor the structure.

Management and visibility are the most valuable features.

Visibility with an app that could extract or connect the data without entering Firefox directly would be an improvement.

I am looking for tools that can improve mobile security because our Firebox router mainly focuses on physical perimeter security. While we can use VPN to connect laptops to the network, mobile phones, and tablets can only rely on wireless networks, which don't provide direct endpoint security. Therefore, I believe there is a need for additional measures to connect mobile devices securely to the Firebox router.

The price has room for improvement.

I have been using the solution for a couple of years.

The solution is generally stable, although we have encountered a few hardware issues that were promptly resolved by replacing the affected devices.

The support is great and specialized.

The initial setup is straightforward. Our deployment strategy is simple. We require a couple of people. First, we set up the structure and connect the Firebox, whether it's a new installation or a replacement for other devices. Next, we prepare the configuration, LAN, and rules. Then, we make a brief stop to switch the core device to the customer's structure. After that, we move to each endpoint and use VPN or other tools to complete the setup. The direct operation on the endpoint site takes less than an hour, and the preparing phase another two to four hours.

The implementation was completed in-house.

We are utilizing an MSP licensing model and are content with the minimal amount spent on the devices rather than committing to long-term licensing.

I give the solution a ten out of ten.

The maintenance of a simple structure is easy.

I recommend trying WatchGuard Firebox directly but keep in mind that the wireless devices can only be connected to the wireless network.

We primarily use WatchGuard Firebox like a typical firewall, to protect ourselves from outside and inside threats. 

I have the WatchGuard Firebox M270, deployed on-premise. 

WatchGuard Firebox improved our organization by acting as a firewall, with all the specific components of one. If you have an antiviral solution, you can see how many were blocked; from where they were blocked; what the statistics are on the areas that the attacks came from; and if there are attempts, or if they do get through the firewall, where they came from and where they went. You know exactly what to look for, to see if there is any kind of penetration inside your system, or if anything has been compromised, and you can take any measurements against these threats. 

All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited. 

There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well. 

Most of the features that I have right now are more than okay with me, but something like a better interface is always worth suggesting. Also, things like computer-based training on firewalls and specific solutions—especially in things that have been deployed on every new version—is usually something that we need to see in order to understand what, exactly, these people have created for us. 

I have been a WatchGuard user since 2004. 

This solution is stable. 

I am the only one who maintains the firewall—we don't have a team to handle it. 

This solution has been scalable to the level that my company wants. 

Behind the firewall, we have 60 users. On a daily basis, there are approximately 40 to 45 users in the office: they are people from the purchasing department, technical department, accounting department, operation department, etc. 

In general, their support is okay, and nothing fancy. We have had a few chats and a few cases on several things that I wanted to do by myself, but needed some guidance on. The speed is not the speed of light, but we are getting through to what we want to have within a day or so. 

I don't have any comparison to make with a solution that's on the same level as WatchGuard Firebox. We had some experience with all of the Cisco firewalls, but they didn't have the same level of security that we have with our existing firewall. Those were quite old, so I cannot really compare that old technology with something that is so new. 

The initial setup was quite straightforward because we are a small company. We have 50 people working at this company, so it's a rather small installation with no fancy or complex configuration. The deployment took an hour or so, but from that point on, there have been numerous hours of work to get up to the point we're at now with our firewall solution. 

It's quite easy to deploy because the initial installation doesn't involve many fancy things. Out of the box, it's quite clear that it has features that need to be blocked, and these features have already been blocked by default, to help anybody deploying this solution. It's like having 35%-40% of your configuration ready, so you only need to add another 25%-30% to reach approximately 70% of your full configuration, which takes no more than a couple of hours. The additional 30% are the small, exact things and the prediction correction, the things that are usually done on a firewall solution in the following hours, days, months, years by the users of the device. However, you can reach the level that you personally believe in, 100%, within a matter of days if you know exactly what you need to do. 

I implemented this solution all by myself, since I was lucky enough to have basic firewall knowledge. Our implementation strategy was to get to the level, as fast as possible, where I could meet the minimum requirements of the company, concerning its firewall policy. 

I have definitely seen a return on investment. To be exact, you cannot really value the return of investment on this kind of product because an IT product usually delivers services that cannot really be measured in money. Rather, it can be measure in things that we can do and things that we cannot do. So, money-wise, you cannot really measure it, but if I'm measuring it on things that I wanted to achieve with a device, there was a 100% return back. 

The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use.

I rate WatchGuard Firebox an eight out of ten. 

This is a solid device and it delivers what it says. It doesn't do fancy or extraordinary things, but it does delivery exactly what it's supposed to deliver. 

Our client deploys WatchGuard Firebox and helps to establish VPN connection between multiple files. 

I find this solution very easy to manage. The web manager and Firebox key features are particularly impressive for cloud applications. That's why I often recommend this solution to our clients. It has good threat management capabilities and works against different types of threats.       

I think one area for improvement in this solution would be enhancing communication with tools like Active Directory. This would make the tool easier to integrate and effective for users.

I have been using WatchGuard Firebox for the past eight years.

The solution has been stable without any noticeable bugs.

I find WatchGuard Firebox to have medium scalability, serving around ten medium-sized clients with approximately five hundred users each. 

I find the service support to be slow at times, especially in terms of response and case resolution. 

Neutral

I would rate the initial setup as ten out of ten, since it is very easy.

The deployment process is quite fast, usually taking just one day. To deploy the solution, we follow the steps outlined in the deployment guide, which are straightforward and easy to follow.

WatchGuard Firebox is typically deployed on-premises in our client's organizations.

I would rate the pricing at seven out of ten. As for the licensing costs, we typically have yearly licenses for our clients, but there are no additional costs beyond the standard licensing fees.

I always recommend using WatchGuard Firebox in our projects because it's straightforward to manage and deploy.

I would rate this product an eight out of ten. 

I would describe primary use cases as a solid and cost-effective solution, especially when compared to other comparable solutions like Fortinet or different Cisco firewall suppliers and network security providers. However, I must say that it's not so intuitive to install, maintain, and configure. Nevertheless, it remains a solid and cost-effective solution.

We have seen it effectively stop some network security threats. It provides cost-effective protection and is easier to set up compared to other solutions. With other providers, it sometimes takes four to six or even eighteen weeks to deploy or receive the equipment. With WatchGuard, we have solutions that can be quickly deployed.

The most valuable feature, in my opinion, is the dimension logging platform and the network traffic filtering. The VPN feature is also very useful and valuable. Additionally, the remote site connection and VLANs are important.

One area of improvement is the deployment process; it is not intuitive.

The centralized administration and management, as well as the cloud-based interface, specifically the user interface (UI), menus, and module configurations. The administrative UI/UX could be significantly improved.

Compared to other solutions, I would say it's not a complete solution in certain settings. The centralized administration and XDR capabilities need improvement. One aspect that many firewall and network security manufacturers fail to understand or integrate well is the endpoint, XDR, or EDR solutions. For example, Cisco has its own endpoint solution, which is not very good, and other manufacturers like Check Point or Palo Alto have their own EDR solutions. The primary issue is that they haven't effectively integrated these solutions with other manufacturers to create a more comprehensive and cohesive offering. It's important to have a solution that integrates anti-malware and antivirus XDR features. In terms of mobile device management, that's a feature I haven't seen.

I've been using it with some of my clients for about three to five years, depending on different situations. One of them is not selling or reselling it, and another one is in settings where clients decided to switch from our supplier and buy WatchGuard.

We normally use Total Protection.

I would rate the stability of WatchGuard a nine out of ten. 

I would rate the scalability of WatchGuard a seven out of ten. 

There is an area of improvement in customer service and support. 

Neutral

The initial setup is straightforward, but there is room for improvement. It's generally straightforward, but there are areas that can be enhanced.

There is an ROI for some time. However, after the first year, it becomes less straightforward to see a return on investment when equipment needs to be changed or licenses need to be renewed.

The price is very good, but the follow-up on the sales channels, especially the local ones, is not so good. Some MSSPs or suppliers do a better job than the brand's direct channel administration.

My advice would be to rely on a reliable partner who understands your operations and has experience in deploying and scaling WatchGuard.

Overall, I would rate the solution an eight out of ten.