WatchGuard Threat Detection and Response offers easy-to-use features like centralized console, DNSWatchGo integration, and automated response. Users value its ransomware protection, dimension logging, network segmentation, and traffic filtering. The tool's analytics provide detailed insights on abnormalities. It supports endpoint protection against zero-day attacks with executable sandboxing and efficient update management. Installation, deployment, and policy configuration are straightforward, enhancing user experience. Additionally, VPN, remote site connection, and VLAN capabilities are appreciated.
- "The most valuable features include the ability to raise alarms when there are issues, easier configuration compared to other vendors, centralized update management, and keeping the product updated efficiently."
- "The tool provides automated responses."
- "The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
WatchGuard Threat Detection and Response requires enhancements in efficiency, pricing, and threat detection capabilities compared to options like Palo Alto. Improvements are needed in reporting, user interface, live monitoring, and Mac support. Integration with WatchGuard Firebox could be better. Deployment and centralized management are complicated, with limited threat assessment features. Visibility into user activity and more detailed vulnerability insights should be provided. EDR Core is basic in assessing threats, pricing is high, and intuitive threat elimination is needed.
- "The pricing of WatchGuard Threat Detection and Response could be improved."
- "The interface is not the best."
- "I'd like a few extra features, especially around threat severity assessment."