WatchGuard Firebox Reviews

I'm a system administrator and we have a partnership with WatchGuard. 

The solution has a useful traffic monitor. You can check if the packet in the unit works and analyze the proof quickly. It's very easy to use and provides good security. 

We've found that sometimes the solution is not easy to understand and we need to bring in some specialist assistance. 

I've been using this solution for two years. 

The solution is very stable.

We haven't needed to scale so I can't comment on that. 

The support is good but we've had some difficult situations because not everyone in support is good when it comes to specific problems such as VoIP. 

We previously used Cisco but there came a time when we needed to move to a more updated product. 

The solution is difficult to implement without a specialist, especially the first time. It requires an IT technician. It's become easier for us to deploy ourselves now that we've had some experience.

Licensing costs are very reasonable and paid annually. If you need additional options they can be bought separately. 

I mainly use Firebox for SSL, VPN, internet proxy, site-to-site tunnels, and intrusion protection.

Firebox's best feature is the access portal.

Firebox would be improved with integration for endpoint protection solutions.

I've been using Firebox for three years.

Firebox is generally stable, with only some glitches here and there, and its performance is okay.

Firebox is scalable.

WatchGuard's technical support is okay, but they could do more to push knowledge so the customer could solve their own problems.

Neutral

The initial setup was straightforward.

We used an in-house team.

Firebox is priced reasonably.

I would give Firebox a rating of seven out of ten.

I use WatchGuard Threat Detection and Response to protect our clients from ransomware, spam, and other threats. We want to make sure all their applications are secure.

I have been using WatchGuard Threat Detection and Response for approximately two years.

WatchGuard Threat Detection and Response is a reliable solution.

I have found WatchGuard Threat Detection and Response to be scalable.

We have approximately 30 people using this solution.

If we are not able to find answers to our questions about the solution from documents we can contact the support online through a portal on the application we have. They are able to help us when we have issues.

I was using a different solution previously to WatchGuard Threat Detection and Response.

The installation of WatchGuard Threat Detection and Response is straightforward. It did not take a lot of time, approximately 10 minutes.

There is a license required to use the solution and we pay annually. The price could be reduced because it is a bit expensive.

I would recommend this solution to others.

I rate WatchGuard Threat Detection and Response an eight out of ten.

We use Watchguard as a firewall and a VPN.

WatchGuard has improved our security.

The most valuable features are the VPN and web blocker security.

An area for improvement is that when we use a web administration link, there is no security.

I've been using WatchGuard for the past five years.

Watchguard is stable.

This solution is scalable.

The technical support is very fast - when we raise an incident, we get a solution in no time.

I previously used FortiGate.

The installation was straightforward and took between one and two hours. I would rate our experience with the initial setup as four out of five.

I installed this solution by myself.

We're currently renewing our license on a three-year basis. The licensing costs are comparatively lower than other providers, and I would rate the pricing as five out of five.

I would give this solution a rating of eight out of ten.

Actually, we do not use WatchGuard Firebox, we just sell and sometimes deploy and install it for the customer. We usually set up a few basic policies then give it to them to continue on.

The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser.

The other feature is the side to side VPN. We have a bank client and they use a WatchGuard device for their headquarters and other WatchGuard devices for their branches. Setting up those IP's and VPN's was quite easy because the relay was at the branch office where the VPN resides. So that was quite handy to set up.

In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing.

We have seen other products like Sophos, Checkpoint and Palo Alto that were much easier to set up their web built setting than it is with WatchGuard. So aside from all other features, including the VPN security policies, the only feature that is quite confusing is the web block feature.

They could make the web blocker much easier to set up.

In terms of scalability, they have models like the 5,000 series and 6,000 series. We have not reached that yet. We are only a small company and our customers are only small and medium businesses. So no enterprise companies yet. But I think if we need a bigger box, we would go with the 5,000 series.

Right now we're only at about 200 hundred users. Sometimes we are trying to push for the 300 series or 500 series, but not yet.

We require a staff of one or two for deployment and maintenance.

I think technical support is okay. When I log a case, they usually respond within a day. Then, if they need to do some things for the client, they are quite flexible and do it based on the client's schedule. So no problem with the support. They are good. So far all our issues we have raised, and we have large cases, have been resolved. So their tech support is quite good.

We switched because WatchGuard is cheaper. An old product that we previously sold was quite expensive, especially the security renewal after every year, but WatchGuard offered quite a competitive price and in a bundle that was much easier to understand. Cyberoam, for example, was quite complex to set up under licensing. Cyberoam was bought by Sophos. So we switched to WatchGuard for the price.

The main highlight is price. The client has quite a tight budget so we can offer much more with WatchGuard.

Setup was easy because the manual was there and it was quite easy to connect to a particular port. It's very understandable. Setup was very straightforward, nothing complex.

Deployment could take only a few minutes or up to an hour and we can already set up a few basic policies. But the thing that drags longer is teaching the client to use it and to set up their own security policies. Sometimes they don't have enough experience at setting up WatchGuard, it's still new to them. But maybe after a few hours of lectures from us they get it. We still continue to support them after initial set up, for example if if they want to set up a policy we can assist them with that.

I have seen a return on investment, especially for the client. They have less problems in the bandwidth because the users are not going to unnecessary sites. So productivity should be better. Clients would not be tempted to browse unnecessary sites, games, download movies, because there is a firewall with restrictions in the policies. So therefore, the users would be performing at their best.

The box costs 180,000. One third of the price of the box goes to the yearly renewal fee, around 50 or 60, for the basic. There is the advanced feature which is half of the box, but the basic is quite enough for most of our brand, which is why we have not used the TDR yet.

And the response comes free for the advanced features and advanced licensing.

The advice I would give to anyone considering WatchGuard Firebox is that it is a good product, despite what they say about it not being in the Gartner quadrant leaders. It performs well. It's fast. The only downside would be the web filtering side of things. If the client wants a good web filtering device, they have to go to another vendor, but just for Firewall IP and VPN, I think WatchGuard will be good.

I'm not saying that the web filtering for WatchGuard is really bad, just confusing. Some clients don't want to do something that's confusing for them, they prefer something easy, but if they can live with a little confusion, then it's okay. But it is good to have a good partner, someone like us, in case the client has a problem setting up their policies, especially in the web filtering, we can help.

Speaking on behalf of the client, I think they are okay with the solution. They are still continuing to use it past a year already, and they continue to renew. They are satisfied with its performance and what it is capable of doing.

On a scale of one to ten, I'll give WatchGuard Firebox an eight.

I use WatchGuard Intrusion Prevention Service for all our properties for network security.

The most important feature of this solution is the SLAs.

Multi properties could be added to the solution in the future to make it better.

I have been using WatchGuard Intrusion Prevention Service for approximately three years.

The solution is stable.

WatchGuard Intrusion Prevention Service is scalable.

The support could improve. I had to deal with support to give me new hardware and it took four weeks.

I have used Fortinet solutions and they are the best.

The implementation is very complex, you install the application for WatchGuard.

The price of the solution is not expensive, it is less than FortiGate.

I would recommend this solution to others.

I rate WatchGuard Intrusion Prevention Service a five out of ten.

The big issue with data-loss protection is the end-to-end encryption between the user and whatever site they're connecting to. And that diminishes the effectiveness of the data loss protection because it can't inspect all of the data contents. Formatting is still reliant on numbers, letters, and sequences recognizable as credit cards, driver's license birthdays, etc. There's a lot of other sensitive material that could be at a client site, for example, that doesn't have a known methodology. It can be challenging to set it up to recognize instances of information unique to an environment. Unfortunately, it's even the case with a company like Microsoft. I would compare it to the data loss protection within Office 365 and say that it has the same inherent problems that you see with any encrypted email.

WatchGuard Data Loss Prevention catches so little. When I've implemented it, it just can't look at the traffic in a thorough enough manner to capture as much as it should. And I find that I'm disenchanted with all data loss protection solutions I've tested and looked at. WatchGuard certainly is not any better or worse than the others. It's just not a technology I have much faith in. 

You can get awfully granular in the setup, but it reminds me of antivirus software. True antivirus software catches very little. It's rare that antivirus software identifies a true virus. Everything's becoming more complicated, so now you need to look at detection and correlated threat response systems that are more effective than traditional antivirus. Data loss protection, I'm afraid, is kind of in that space.

We've used Watchguard Data Loss Prevention off and on for several years depending on the client's needs.  

Overall, I have utilized WatchGuard solutions for at least 20 years. I have been with them as they switched from private to public ownership and back again. So I've been a pretty faithful user for an excessive amount of time.

I find that their tech support is excellent. And as a reseller, my relationship with my point of contact is also strong. WatchGuard does a good job of maintaining that. So even if you are not getting the best response from support, you have a method to escalate it. I have so few incidents where I need to reach out to support. My most recent incident was handled very quickly, but with my experience, I don't have to call them often. At most, I maybe contact them once or twice a year. I have a lot of WatchGuard devices in service with my clientele.

It's a very simple setup.

I've never licensed it as a separate solution. It's always included in the licensing that would be appropriate for a medical facility, so I've never purchased DLP as an add-on to their basic licensing. I wouldn't say that I can give you a straight answer. It's never even come up in conversation to license it as a standalone solution.

I would rate WatchGuard five out of 10, but all of the data loss protection solutions I've looked at would be in that five range. I haven't found one that I would put much faith in.

Honestly, I think that data loss protection is just part of a whole configuration. Let's say you need granular control, reporting, and things of that nature. In that case, you need to do an extensive job configuring the firewall. It's probably insufficient to run the quick setup wizard and say that's good enough. So if you're looking to implement a feature like data loss protection, you probably need to have a relatively advanced technical person doing that configuration. So it's not difficult. But conceptually, to be effective, you need to have an excellent understanding of firewalls and firewall methodology.

We provide the solution to our customers. It's primarily used for security.

The reporting aspect of the solution is what is most valuable to us.

The solution is very easy to configure.

The product has been very easy to use.

We've found the stability to be very good.

The scalability is excellent.

The pricing of the product is reasonable.

We've been in touch with technical support and found them to be very helpful.

There are many fantastic features.

Often, customers don't end up using a lot of the features.

They should move more towards integration with other OEMs such as web application firewalls, et cetera. There should be better integration and a way to configure multiple vendors into the same data center in order to offer more flexibility. 

We've been working with the solution for about seven to eight years at this point. It's been a while. 

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's quite reliable in terms of performance.

We've found the scalability to be very good. There are no limitations. If a company needs to expand it, they can.

We've contacted technical support in the past. We've found them to be very good. They are helpful and responsive. I would say that we are quite satisfied with the level of support we've received.

The pricing of the product is pretty good. I would describe it as fair. It's not overly expensive.

One of our customers wanted us to compare this solution against Azure Firewall to see which would be better. We're still looking into that.

We are resellers.

I'd rate the solution at a ten out of ten. It's a pretty fantastic solution overall.