Try our new research platform with insights from 80,000+ expert users
IT Support at a retailer with 1,001-5,000 employees
Real User
Provides an added network security layer and offers efficient DNS filtering features
Pros and Cons
  • "Firebox operates effectively in the background, blocking potential threats without a need for constant monitoring."
  • "The product's technical support services need improvement."

What is our primary use case?

We use the product for added security layers, allowing us to control and manage our network traffic effectively.

What is most valuable?

The product's most valuable feature is DNS filtering, which blocks users from accessing unwanted websites.

What needs improvement?

The product's technical support services need improvement. 

For how long have I used the solution?

We have been using WatchGuard Firebox for a few years.

Buyer's Guide
WatchGuard Firebox
October 2024
Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
824,067 professionals have used our research since 2012.

What do I think about the stability of the solution?

We never encountered stability issues. The system never went offline.

What do I think about the scalability of the solution?

I rate the platform’s stability an eight out of ten.

How are customer service and support?

The technical support team takes time to respond.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use a different solution previously. We switched to WatchGuard Firebox because it offered added security features. 

How was the initial setup?

While your supplier assisted with most of the setup, it still took some time to become accustomed to using the product effectively. The installation process spanned about two days, with the first day focused on physical installation and the second day dedicated to configurations. Beforehand, your provider inquired about your existing services, such as multiple Internet providers and virtual networks, to ensure seamless integration with the WatchGuard Firebox.

What about the implementation team?

We took help from a third-party consultant for product implementation. Additionally, there were four staff members from our organization involved in the process.

What's my experience with pricing, setup cost, and licensing?

As per my knowledge, the product is more affordable than alternatives like Barracuda, which was reported to be way more expensive. However, I wasn't involved in the detailed discussions about these aspects, so I can't provide more in-depth insights. I rate the pricing a seven out of ten.

Which other solutions did I evaluate?

Before choosing WatchGuard Firebox, we evaluated other options. Some of the alternatives we considered included Norton and Barracuda. However, Barracuda was ultimately deemed to be out of our price range. Norton was also considered but not chosen, partly due to pricing concerns. Ultimately, a partner highly recommended WatchGuard, which influenced our decision to select it as our security solution.

What other advice do I have?

In our environment, we've deployed the WatchGuard Firebox primarily to secure remote access for users. Previously, we relied on remote desktops, but due to security concerns, we transitioned everything to VPN connections facilitated by the Firebox.

Initially, the ease of management and configuration of the Firebox for administrators was around four. However, as we became more familiar with the technical details and how to use it, that rating increased to an eight.

Firebox operates effectively in the background, blocking potential threats without a need for constant monitoring. It allows us to focus on other tasks knowing that our network is protected. As for ROI, it's challenging to provide specific metrics without detailed analysis, but overall, the enhanced security by the Firebox justifies the investment.

I rate it a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
IT Director at Wise Ally Holdings Limited
Real User
Enables us to control what kind of applications each staff member and department is able to access, but UI is not user-friendly
Pros and Cons
  • "Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations."
  • "The UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings."

What is our primary use case?

The purpose is to enhance the application control and internet access control of our company in our office and factory.

How has it helped my organization?

Firebox provides our business with layered security. Before implementing the firewall, we didn't have any control over application access. Now, by using the Firebox, we can control each staff member and department and what kind of application they're able to access on the internet, especially with the popularity of cloud SaaS systems. It has really reduced the degree of risk in accessing those unauthorized, and potentially risky, destinations. WatchGuard provides a pre-built database that can protect against gambling domains, for example. But the accuracy of that database still needs to be improved because, in many cases, the categorization of the website is not exact.

It has also helped with productivity. It reduces the time our networking staff spends implementing things. It has saved about 20 percent of our time. We're also doing more control than before, so we have made some effort to configure the policies, which was something we'd never done before. Previously, we didn't have any control, so we didn't have to spend time configuring or troubleshooting application control policies.

What is most valuable?

There wasn't one particular valuable feature. What I like is that 

  • its pricing is competitive when compared with other brands, 
  • it has all-in-one features for intrusion detection
  • it has application control 
  • it has email control.

Also, the load balancing and failover features cost only 20 percent more than a single instance of Firebox. Those are the main reasons we chose it.

Because we use cloud applications like Office 365 and Salesforce, we don't want all our staff accessing the whole internet. We use the application control so that they are only able to access the company-authorized cloud applications.

Because we use the firewall to monitor the external traffic as well as the internal traffic, we bought a fairly large model, the M570. We turned on most of the features and the performance is comfortable. It can reach the throughput, the performance specified on the data sheet.

Also, because we bought two firewalls, which I know is not that many — not like in the retail industry where they have many firewalls in their retail stores — still, we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations.

What needs improvement?

The reporting features are not as flexible as I thought before I bought it. You can retrieve some simple statistics from the centralized reporting server. But let's say I want to look at the volume of internet access among our staff. There are no out-of-the-box reports or stats or any unit of measurement that show internet access for particular staff. There is no report that shows how long they're on or the volume of traffic, especially in a particular period. It's not necessary that it have very modern BI analytics, but at this point I'm a little bit disappointed with the reporting. One of the purposes of implementing the firewall was to do more application control and reduce the risk involved in employees accessing the internet. We want to measure and know how much time of our staff spends accessing and browsing and using internet resources.

For how long have I used the solution?

We bought WatchGuard Firebox last year and implemented it in our Hong Kong office and China-based factory. In the factory we have larger coverage and we use the M570. For our Hong Kong office we use the M370.

What do I think about the stability of the solution?

It's stable. So far, there have been no incidents.

What do I think about the scalability of the solution?

Our case is quite straightforward. We only use two nodes. We still need to expand to one or two more factory locations, as well as our office. We will scale out the same solution.

I do have previous experience in the retail industry. In that industry, where you need to implement many firewalls in multiple retail stores, I doubt the management tools of the Firebox would be able to scale out for that use case. But for our use case it's good.

How are customer service and technical support?

We haven't had any issues so we haven't contacted their technical support. It's been quite stable over the year since we implemented it.

Which solution did I use previously and why did I switch?

There was no application control in our old solution and we wanted to reduce the risk of being attacked from outside. So we looked for a UTM model and the cost-benefit of the WatchGuard Firebox was one of the best.

I did a little bit marketing research locally and listened to recommendations from some partners in Hong Kong.

How was the initial setup?

The initial setup was quite straightforward. It's a typical UTM.

Our implementation took about two months.

In terms of our deployment strategy, we implemented one of the firewalls. We replaced our old firewall, enabling only the internet access and left the major email traffic access. Then we defined the control by defining more specific application policies. Once it was successful, we used the same method to deploy the other firewall to our China side.

We have one person who maintains the Fireboxes, but it's really less than one because he does other administration and is not only dedicated to firewall administration. We have about 100 people in the Hong Kong office and on the factory side there are 400.

What about the implementation team?

We had one internal staff member and an external consultant from BARO International for the deployment. Our experience with BARO was good. They understood our requirements and were able to translate them into an actual solution and deploy it.

What was our ROI?

We have seen ROI using WatchGuard.

What's my experience with pricing, setup cost, and licensing?

We needed a firewall to control our internal network and the external access and we needed to implement load balancing and failover as well. Going with WatchGuard "increased" our budget.

WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device and the licensing scheme didn't charge double. They only charge for one license, unlike other brands whose method of hardware and software licensing would have doubled our cost. That was a major consideration.

Which other solutions did I evaluate?

We looked at Juniper, Check Point, and one more that was the most expensive.

The usability of the Firebox is good. But the UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings. When I used the Check Point a few years ago, the UI usually guided me on how to define a policy from the source to the target, and what the objects were, and how to group objects, and everything could be seen from a simple, table-based web UI. 

The interface of the Firebox is clumsier. The settings are like a tree structure, and you need to drill down to each node in order to get to the property. It serves the same purposes, but I won't memorize all the settings. A more user-friendly user interface would reduce the number of things I need to memorize and guide me in configuring policies. It's quite good, but is not the best I have seen.

The other brands provide more professional features for reporting, the application control, and the scalability. But the strong point of WatchGuard is their all-in-one features that are suitable for our size of company and our budget.

What other advice do I have?

WatchGuard is not the best. We already knew that, but it comes with most of the features we need. Although it's not the most user-friendly, we sacrificed that to keep the core features to increase our control while maintaining our budget. Honestly, there are no particular features of the WatchGuard that impressed me to say, "I must choose a WatchGuard." But when I needed several things to come together, then I really had no choice.

I would rate WatchGuard Firebox at seven out of 10. It's good, it's better than a six, but from the management point of view, it has not totally satisfied my expectations so it's below an eight or nine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
WatchGuard Firebox
October 2024
Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
824,067 professionals have used our research since 2012.
PeerSpot user
Technical & Pre-Sales Manager at GateLock
Real User
Easy and quick to set up with a helpful wizard, offers good protection, quick technical support
Pros and Cons
  • "This product offers great protection using the default settings."
  • "This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."

What is our primary use case?

We are a solution provider and WatchGuard is one of the product lines that we implement for our customers. I am the person in the company that is responsible for WatchGuard products.

We do not use this product in my organization. I'm enabling partners and providing training for them on how to use this technology and how to sell it.

I assist customers with implementing PoC installations in different environments.

My client that recently implemented WatchGuard Firebox is running an ERP that is used by clients that are in different countries from around the world. They are using Firebox to protect the ERP from outside threats. Essentially, they need to protect the perimeter because users come to the server from different environments.

This solution protects the cloud-based server from incoming and outgoing traffic. In this regard, it acts as a web application filter for the server.

What is most valuable?

This product offers great protection using the default settings.

What needs improvement?

The vendor needs to address customer concerns and develop more according to requests, instead of prioritizing based on the existing roadmap. This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests. This is especially true in cases where the feature is common among competitors.

In the future, I would like to see better integration with Active Directory. It should depend on the user's login. This is a feature in big demand and most competitors do not deal with it the right way. Making this change would make sense with customers.

For how long have I used the solution?

I began using WatchGuard Firebox approximately two years ago.

What do I think about the stability of the solution?

This is a very stable product.

What do I think about the scalability of the solution?

Scaling this solution requires a migration plan. For an on-premises deployment, there can be challenges related to extending the hardware appliances. A single box is not scalable itself. Rather, you need to migrate to a bigger appliance. But, there is an amazing feature for this called offline configuration.

The offline configuration capability lets you migrate settings from one box to another in minutes. After five minutes, everything will be migrated to the other Firebox and it will scale smoothly without any interruptions.

How are customer service and support?

Technical support for this product is perfect. If you open a ticket with them, even with the slowest SLA, they reply to you within four hours. You can also request that they open a remote session with you.

When it comes to feature requests, however, the vendor takes too long to reply.

Which solution did I use previously and why did I switch?

Quite some time ago, I had experience with Sophos products as a distributor in Egypt.

I also have experience with products by Fortinet. I have been evaluating Fortinet because they are one of our competitors.

How was the initial setup?

The initial setup is very easy and straightforward. They have a great wizard and it has a great default protection setting. Anyone that is setting it up for the first time, or has not even used a network security product, doesn't need an expert to configure it. The default protection for threats is great.

This is always deployed in a virtual environment, either on-premises or on the cloud. The deployment can be completed in six to ten minutes.

What about the implementation team?

I deploy this product for my customers.

The staff required for deployment and maintenance depends on the project capacity. For a small or medium-sized project, one person is enough. For the smoothest deployment, this should be an engineer or an experienced technician that is aware of network security.

What other advice do I have?

My advice for anybody who is implementing WatchGuard Firebox is to follow the guidelines and best practices that are available on the WatchGuard help center.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Manager at YAMAZEN, INC
Real User
GUI makes setup easy and provides us with graphical, real-time bandwidth usage
Pros and Cons
  • "The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice."
  • "We bought Firebox four or five years ago, and with the first version I had to reboot it every two or three months for no apparent reason. We upgraded last year to the M370 and it's been running, but it is rebooting from time to time. I don't know why."

What is our primary use case?

Our primary use case is for firewalls.

How has it helped my organization?

We were using Websense before, for website filtering, and we had to configure the device to block and monitor. Then we would go to Cisco to configure the firewall ports and then we used antivirus software to protect that the gateway from viruses. So we were using three or four different security products. WatchGuard integrated into everything in one place, so it's much easier to configure.

It has simplified my job. Before WatchGuard, we needed one person inside and two people outside to set up our network. Now I can do it by myself.

The solution has saved us 30 minutes to an hour every day. In terms of productivity, before WatchGuard we had given up checking the logs because there was so much information. But now, with its graphical interface, it's much easier to get the information that I need: the violations and sever errors are easier to pull out.

What is most valuable?

The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice.

The product's usability is very good. We were using Cisco products before, and that was terrible. The difference is in integration. With Cisco we had to go into the command line to configure devices. With WatchGuard we can do everything from the GUI, so it's much easier to set up and to make sure everything is working the way we want.

The throughput of the solution is good. It's also very good at reporting. I can see things graphically so I don't have to read through all the log text files.

The solution provides our business with layered security. In terms of the attack vectors it secures, we have a firewall set up and it gives me reports. It also has an integrated web filtering solution. I can set up a website filter and it's all filtered in one place. I don't have to go to another solution.

What needs improvement?

I don't know if it's just my version, but the WiFi access point integration has just started. It's getting better but if there were more reporting of the devices that are connected to WiFi access points that would be great. Right now I can see the MAC address and bandwidth usage for each device but that's about it. If I could see which sites the devices are visiting and what kind of traffic is generated from each device, that would be great.

For how long have I used the solution?

We have been using Firebox for four or five years.

What do I think about the stability of the solution?

We bought Firebox four or five years ago, and with the first version I had to reboot it every two or three months for no apparent reason. We upgraded last year to the M370 and it's been running, but it is rebooting from time to time. I don't know why.

What do I think about the scalability of the solution?

Since everything is integrated, when there is really high user traffic, especially to the different locations, including email and everything coming in at one time, I see very high CPUs. It may not be as scalable as having three or four different devices running, one for each task.

The bandwidth is good but we only have a 15 meg fibre to this location and I see high CPU usage, so I wonder how far it can go up. It's working well for us but if you are trying to go to 200 or 300 meg of bandwidth you may need to get a bigger WatchGuard.

We don't have any plans to increase usage in the future. It has a hotspot client access which we're somewhat interested in, but we don't have many guests coming into our offices. That's the one area where we might spend some time.

How are customer service and technical support?

Technical support is really good. That's one of the best parts of this product. With Cisco, you have to transfer all over the place, but with WatchGuard there's a ticket system. When you open up a ticket, they are really responsive.

Their response time is within a few hours. If you just log a ticket through the website, you get a response back within one to two hours. But if you call up, they respond really fast. And it's a real tech guy responding back. You go through all your details and you get answers right away.

At times I have made an additional feature request and even I have forgotten that I requested it, but they keep following up. I have to say, "It's okay now, forget it."

Which solution did I use previously and why did I switch?

We were using Cisco Professional Services whenever we had to tweak our IP forms or QoS and those advanced types of changes. The outside consultants were costing us money. With WatchGuard we can do the setup by ourselves. We tried it and found we could do it.

How was the initial setup?

The initial setup was very straightforward. The graphic interface gives you bandwidth control, traffic control, and a graphics screen, unlike the Cisco products where you have to go into the command line. There, you are typing commands but it's really hard to tell if it's working or not. With WatchGuard, it gives you the response right back and you see results right away. So, it's much easier to configure.

Our deployment took about three days. To get it up and running it took about one hour. The rest of the time was to tweak our firewalls, open up this port, open up that site.

Regarding our implementation strategy, we have ten remote locations. We started with one branch as a test bed, set up a template there, and applied it to the corporate site here. When we applied it to the corporate site it took a little while, about three days. But once the corporate template was done, the other sites were quick. We set up the device, and it shipped it out and, in ten to 15 minutes, it was up and running.

What about the implementation team?

We purchased the solution from a local distributor, Jensen IT, and they had a support line. We called up two or three times. Our experience with them was very reasonable.

What was our ROI?

From a pure cost standpoint, we cut our fees in half by moving to WatchGuard. And in terms of time, we are spending one-third or even one-fifth of the time we were spending on Cisco devices. Those are substantial savings.

What's my experience with pricing, setup cost, and licensing?

The price is so small that I don't pay attention to it anymore. I think we pay a few thousand dollars for two to three years, so about $100 per month. That's for all of our users.

There is an additional cost if we want to go with a deeper licensing model, but we just pay for antivirus, IPS, and main product support.

Which other solutions did I evaluate?

At the time we made the switch to WatchGuard we were also using two or three different solutions to manage security and our internet connection. We were using Symantec Gateway for antivirus protection, Websense for web filtering, Symantec IPS reporting, and Cisco.

The integration of all of those with our system was cumbersome and there were maintenance fees and license fees being paid to four or five companies. All licensing terms were different and it was really cumbersome to manage. With WatchGuard, everything is really in one place.

However, for one of our new locations we started using Meraki, which has cloud capabilities so I can remotely manage the setup of the firewall for remote offices. For ease-of-setup, Meraki is a little bit easier. If you want an easy solution in terms of setup, Meraki might be a better solution. But there is a lack of depth of setup on the Meraki, while WatchGuard is a real firewall solution. In the new office, we only have a five people, so the WatchGuard features may be a little bit too much that size of office.

Firebox has a very small model for personal use, a home-use product, but we did not test it out. That might be a good fit, but the value for a very small office may be a little bit of overkill.

What other advice do I have?

If you have a small IT staff and want an easy-to-set-up solution, I would one hundred percent recommend WatchGuard. If you have a very serious, big IT department and a big business, you might want to test out the throughput and the stability.

In each of our ten remote offices, we have about ten to 15 people using it. At our corporate office we have 70 to 80 people. We require two people for deployment and one person for maintenance of the solution, including me, the IT manager and, our systems administrator.

I would rate the solution at nine out of the. It's just missing that stability point.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Director at RMON ITSEC LTD
Real User
Top 20
Offers bundled applications and subscriptions for comprehensive protection against various threats
Pros and Cons
  • "The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats."
  • "One area for improvement could be making the interface even more user-friendly."

What is our primary use case?

Our main use case for WatchGuard Firebox is to protect companies from Internet threats.

What is most valuable?

The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats. It is essential to renew licensing and subscriptions to safeguard against potential penetrations.

What needs improvement?

One area for improvement could be making the interface even more user-friendly.

For how long have I used the solution?

I have been working with WatchGuard Firebox for a couple of years.

How are customer service and support?

WatchGuard support is generally helpful and does a good job, although occasionally I may need to call for clarification on some technical matters.

Which solution did I use previously and why did I switch?

Other products like Fortinet and Palo Alto have had security flaws, but WatchGuard Firebox fits within the budget of the client.

I also work with Cisco, and Cisco's CLI is highly customizable, though it requires more time to learn initially. Cisco's support is also quite good.

The main difference between Cisco and WatchGuard Firebox is the support structure. With Cisco, you can directly communicate with the manufacturer, while with WatchGuard Firebox, support is through local channels only, without the option to directly contact WatchGuard via email or open a ticket.

How was the initial setup?

Managing WatchGuard Firebox is easy for experienced users. Initial setup and deployment typically take a couple of days, including preconfiguration before installation on-site to avoid potential issues.

What's my experience with pricing, setup cost, and licensing?

The price of WatchGuard Firebox is generally lower than Cisco, making it easier to sell to customers. However, if the price were slightly lower than it is now, it would be even more appealing. Some customers underestimate the importance of the subscriptions included with the boxes, but with experience, I have seen how critical they are for protecting against hackers and data breaches.

What other advice do I have?

WatchGuard Firebox works well for network security, email protection, and phishing prevention. It is cost-efficient and offers features like EDR or XDR without being overly expensive.

Overall, I would rate WatchGuard Firebox as a seven out of ten. It is a solid tool.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
PeerSpot user
Lead IT Systems Engineer/Solutions Architect at Queensland Aboriginal and Islander Health Council
Real User
Functional, with features that work well, has good reporting and dashboard capabilities, and manages traffic more efficiently
Pros and Cons
  • "What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
  • "What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."

What is our primary use case?

WatchGuard Firebox is used as the core firewall. It's also used for routing purposes. As a software, it's also used as a VPN access for external clients.

How has it helped my organization?

How WatchGuard Firebox improved my organization is that it provided a deeper level of traffic management. It allowed the company to more effectively manage the network traffic, which led to higher efficiencies across the network. Though FortiGate does a much better job of managing traffic, WatchGuard Firebox does it more efficiently.

What is most valuable?

What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great.

What needs improvement?

What could use some significant improvement in WatchGuard Firebox would be its interface and policy management.

An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it.

For how long have I used the solution?

I've been using WatchGuard Firebox since 2016. I'm still using it.

What do I think about the stability of the solution?

WatchGuard Firebox is a very stable product with no issues whatsoever.

What do I think about the scalability of the solution?

WatchGuard Firebox is a very scalable product. My company decided, after initial implementation, to move to a redundant core network, and it was able to implement a second device seamlessly to act as a passive follow.

How are customer service and support?

All of my interactions with the technical support team of WatchGuard Firebox have been great, so far. The support team is very responsive and very knowledgeable. I haven't had an issue that the team hasn't been able to resolve. The team always responded within the SLAs.

On a scale of one to five, I'm rating the support for WatchGuard Firebox a five.

Which solution did I use previously and why did I switch?

We used Palo Alto before WatchGuard Firebox, and the reason we switched was because of some failures in the Palo Alto firewall.

How was the initial setup?

The initial setup for WatchGuard Firebox was very straightforward, though my company has a relatively complex network utilizing SD-WAN, MPLS, and BOVPN technologies. On a scale of one to five, where one is the worst and five is the best, I'm rating my setup experience a four. There's always room for improvement, but it was a fairly good process.

The deployment of the WatchGuard Firebox took eight hours to complete.

WatchGuard Firebox has been implemented as the core firewall for the organization. The reason my organization upgraded to the device and switched from a previous software was due to a hardware failure of the previous firewall.

What about the implementation team?

We deployed WatchGuard Firebox internally, through my team.

What was our ROI?

In terms of ROI from WatchGuard Firebox, from a data perspective, I couldn't share only because my company doesn't have any metrics on ROI. However, I can say that the threat management and prevention features such as IPS and IDS caught several malicious files coming in through the firewall or WatchGuard Firebox, so I suppose that alone makes it worth its weight in gold.

What's my experience with pricing, setup cost, and licensing?

We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs.

Which other solutions did I evaluate?

I didn't evaluate other solutions, apart from Palo Alto, before using WatchGuard Firebox.

What other advice do I have?

I'm using the latest version of WatchGuard Firebox.

My company has one thousand and five hundred users of WatchGuard Firebox in IT, Finance, and Graphic Design.

At this point, there's no plan to scale WatchGuard Firebox, but it's fairly well-configured to scale if required.

I do ninety-nine percent of the work in terms of maintaining the product. One person seems enough for the maintenance of the WatchGuard Firebox.

The only advice I would share to others looking to implement WatchGuard Firebox for business is to consult with a person experienced on the platform, specifically during your first implementation, just because there could be some unique issues that you may face that you won't find outside of the WatchGuard platform. Overall, I would recommend WatchGuard Firebox to others.

In general, I'd give WatchGuard Firebox eight out of ten because there's always room for improvement. No product will ever get a perfect ten. I ruled out nine as the rating and I gave WatchGuard Firebox an eight just because fundamentally, a firewall packet and policy management is at the forefront of what a firewall does, and not being able to modify the policy really bumps the product down a little bit in terms of rating, in my opinion.

I'm a customer of WatchGuard Firebox.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2245134 - PeerSpot reviewer
IT Manager at a financial services firm with 1,001-5,000 employees
Real User
Top 10Leaderboard
An affordable solution for the site's firewall and VPN solution but lacks customer service
Pros and Cons
  • "The solution has many security features. We have an intrusion provision system and filtering and block filtering."
  • "The level of support from WatchGuard is not as good."

What is our primary use case?

We use WatchGuard Firebox for the site's firewall and VPN solution. The WatchGuard supports remote gateway and mobile VPNs. WatchGuard Firebox serves as the primary firewall for the site.

What is most valuable?

The solution has many security features. We have an intrusion provision system and filtering and block filtering. These features have been enabled, and we have created services around them.

What needs improvement?

WatchGuard has several limitations, particularly concerning throughput and performance, and management, firmware updates, and customer support need improvement. The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. 

Moreover, the solution doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

WatchGuard cannot perform packet captures for multiple IPs simultaneously, restricting us from achieving them individually. Due to these limitations, we are considering migrating to Fortinet.

For how long have I used the solution?

I have been using this solution since 2018.

What do I think about the stability of the solution?

The solution is stable, as I have been using a couple of devices without any restart since 2018, and there has been no downtime for these devices.

I rate the solution’s stability a nine out of ten.

What do I think about the scalability of the solution?

I rate the solution’s scalability a seven out of ten.

How are customer service and support?

The level of support from WatchGuard is not as good as what we get from Cisco and other vendors. The response time is high even in times of priority issues. It doesn’t have deep filtering. This limitation affects packet analysis, traffic analysis, and traffic monitoring, particularly regarding troubleshooting. On the other hand, Fortinet Firewall offers a deep level of troubleshooting and packet filtering. This allows us to obtain detailed information in scenarios like drops or disruptions to understand where the issue occurred, whether with the customer or on our end.

How would you rate customer service and support?

Neutral

How was the initial setup?

I would rate my experience with the initial setup around six on a scale of one to ten, one being hard and ten being easy.

What's my experience with pricing, setup cost, and licensing?

WatchGuard is better when compared to other firewalls. It is affordable for a midsized company.

WatchGuard is affordable, with features for individual customers, end-users, and midsized companies. However, big businesses with growth and an increasing workload have to migrate.

I rate the solution’s pricing a four on a scale of ten, one being lowest and ten being highest.

What other advice do I have?

We don’t know much about what's happening in the traffic pattern. We will have the opportunity to configure everything. We can use the firewall for dynamic routing and various other tasks. However, despite its capabilities and offerings, there are still some limitations. WatchGuard doesn’t offer deep-level packet filtering or in-depth packet analysis for companies with numerous applications. WatchGuard is a good solution if you require a comprehensive analysis of your organization’s activities within your budget.

Overall, I rate the solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Administrator at PT Lautan Luas Tbk
Real User
Top 20
Provides good stability and high availability of devices
Pros and Cons
  • "It is a scalable solution."
  • "The performance of the solution's processor needs to be faster."

What is our primary use case?

We use the solution as an internet gateway. With its help, we can establish the connection between our company's HQ and branch.

How has it helped my organization?

The solution provided us with site connections and internet policies.

What is most valuable?

The solution's valuable feature is its pricing which is better than other competitors.

What needs improvement?

The performance of the solution's processor needs to be faster than other vendors. Also, it is time-consuming to configure it whenever multiple policies are involved. This area needs improvement as well.

For how long have I used the solution?

I have been using the solution since 2012.

What do I think about the stability of the solution?

The solution is highly stable. I rate its stability a nine.

What do I think about the scalability of the solution?

We have around 200-300 solution users in our organization. I rate its scalability a nine.

How are customer service and support?

The solution's technical support is excellent.

Which solution did I use previously and why did I switch?

Fortinet is faster to configure and access policies than WatchGuard.

How was the initial setup?

The solution's initial setup process was simple, as I already have experience using it. It takes a month to complete. The process involves setting up the solution in a lab. Later, deploying it in a production environment once it meets all the configuration requirements.

What about the implementation team?

Initially, we took help from a third-party vendor to deploy the solution. Afterward, we did it in-house. It requires three to four network administrators for deployment and two network administrators for maintenance.

What was our ROI?

The solution is worth buying.

What's my experience with pricing, setup cost, and licensing?

I rate the solution's pricing as an eight.

What other advice do I have?

I rate the solution as an eight. It offers more variable license bundles and has high availability than the other products.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free WatchGuard Firebox Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free WatchGuard Firebox Report and get advice and tips from experienced pros sharing their opinions.