WatchGuard Firebox Reviews

We primarily use WatchGuard Firebox like a typical firewall, to protect ourselves from outside and inside threats. 

I have the WatchGuard Firebox M270, deployed on-premise. 

WatchGuard Firebox improved our organization by acting as a firewall, with all the specific components of one. If you have an antiviral solution, you can see how many were blocked; from where they were blocked; what the statistics are on the areas that the attacks came from; and if there are attempts, or if they do get through the firewall, where they came from and where they went. You know exactly what to look for, to see if there is any kind of penetration inside your system, or if anything has been compromised, and you can take any measurements against these threats. 

All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited. 

There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well. 

Most of the features that I have right now are more than okay with me, but something like a better interface is always worth suggesting. Also, things like computer-based training on firewalls and specific solutions—especially in things that have been deployed on every new version—is usually something that we need to see in order to understand what, exactly, these people have created for us. 

I have been a WatchGuard user since 2004. 

This solution is stable. 

I am the only one who maintains the firewall—we don't have a team to handle it. 

This solution has been scalable to the level that my company wants. 

Behind the firewall, we have 60 users. On a daily basis, there are approximately 40 to 45 users in the office: they are people from the purchasing department, technical department, accounting department, operation department, etc. 

In general, their support is okay, and nothing fancy. We have had a few chats and a few cases on several things that I wanted to do by myself, but needed some guidance on. The speed is not the speed of light, but we are getting through to what we want to have within a day or so. 

I don't have any comparison to make with a solution that's on the same level as WatchGuard Firebox. We had some experience with all of the Cisco firewalls, but they didn't have the same level of security that we have with our existing firewall. Those were quite old, so I cannot really compare that old technology with something that is so new. 

The initial setup was quite straightforward because we are a small company. We have 50 people working at this company, so it's a rather small installation with no fancy or complex configuration. The deployment took an hour or so, but from that point on, there have been numerous hours of work to get up to the point we're at now with our firewall solution. 

It's quite easy to deploy because the initial installation doesn't involve many fancy things. Out of the box, it's quite clear that it has features that need to be blocked, and these features have already been blocked by default, to help anybody deploying this solution. It's like having 35%-40% of your configuration ready, so you only need to add another 25%-30% to reach approximately 70% of your full configuration, which takes no more than a couple of hours. The additional 30% are the small, exact things and the prediction correction, the things that are usually done on a firewall solution in the following hours, days, months, years by the users of the device. However, you can reach the level that you personally believe in, 100%, within a matter of days if you know exactly what you need to do. 

I implemented this solution all by myself, since I was lucky enough to have basic firewall knowledge. Our implementation strategy was to get to the level, as fast as possible, where I could meet the minimum requirements of the company, concerning its firewall policy. 

I have definitely seen a return on investment. To be exact, you cannot really value the return of investment on this kind of product because an IT product usually delivers services that cannot really be measured in money. Rather, it can be measure in things that we can do and things that we cannot do. So, money-wise, you cannot really measure it, but if I'm measuring it on things that I wanted to achieve with a device, there was a 100% return back. 

The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use.

I rate WatchGuard Firebox an eight out of ten. 

This is a solid device and it delivers what it says. It doesn't do fancy or extraordinary things, but it does delivery exactly what it's supposed to deliver. 

We have a web server on the optional network. Then, on the trusted side, we just run all our computers out through the Internet. We don't do anything too elaborate with it.

We do have some technicians and some design center salespeople who call in. This is best usage that we get out of the solution.

We don't host our website internally anymore. We used to host our website and it did help with that, getting everything set up. We have just recently removed that and gone to a third-party. But, that was something which was very useful, setting up our internal website and NATting IPs.

The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely.

We are able to limit where users can go, what they can do, and what they can access, so they are not wasting time doing things that they shouldn't be doing. It does help to save time, e.g., limiting Facebook. 

We are able to segment our FTP website off on the optional, setting up the rules specifically. There are certain outside IPS coming into our computers where we have different machines out there setup where technicians can remote in, etc. Being able to set those up to specific IPS, not just allowing full access, is probably our main use for setup.

The usability is good. I like it. I don't have any issues. Most everything that we have tried to set up for what we use it for is pretty straightforward and easy to use.

We have probably had it for the last 10 years. I have been here the entire time.

The stability is very good. We haven't had any issues with ports or anything else. Everything has been very good as far as the stability and issues.

The performance and throughput that the solution provides is good. We haven't had any issues as far as when we have connections and things going on. So, it's very good.

The stability is good as far as our use. I feel like we do have room. We have extra ports on it. We can set them up if we need to, but we don't need to use them. However, I feel we have room to expand and grow, if needed.

We have probably 75 users setup. Mostly, they are authenticating through to get out to the Internet. We do have some protections on it: virus stuff and different websites that users can and can't get to. We have groups setup for that. That is our main use from the inside with most of our users going out. Then, we have five or six users who remote into computers and other things.

There are not necessarily plans on expanding anything at the moment. We are pretty much set where we are. Usage is not too heavy, as it's mostly users getting in and out with us restricting what they can get to.

I have only had to call once or twice for anything in any of the time that we have had the solution. Most of the time, if I do have a question or something, I can hop onto the forum and there is an answer, then away we go. As far as my experience with the forum and just a few calls, it has been very good. We haven't had anything that has hung us up for a long time.

WatchGuard was pretty much our first solution like this. We did not use anything else before it.

The initial setup was straightforward. It walked through everything as far as the configuration. Everything that we needed was right there. So, I didn't have to search for anything. It was easy set up.

We went from a different version to this version. Even from that to this version, it was probably up and running within an hour.

I usually set it up.

We didn't consult anyone. We didn't really have an implementation strategy per se. We just set it up (like the old one), then went through and looked at some of the new features and things we might want to use.

I maintain it and and set up whatever needs to be set up. The other IT guys can come in and do stuff if I'm not here. Generally, it doesn't take too much time to get anything set up that we need.

It saves us a couple hours a week.

We don't have any other costs other than the licensing stuff.

We did look around at a few different things. We just kind of settled on WatchGuard. It seemed to have the features that we needed, so we went in that direction.

I'd give it a 10 (out of 10). I haven't had any issues. The few issues that we have had, such as not knowing where to go, they have been answered quickly. I am going to give it a 10 because of its easy to use. If we have a question, it's easy to get an answer. Also, it's very simple. For most of everything that we do, we have been able to do them pretty easily. We are very happy.

If we were to ever look at something else, I would look for something that has ease of use, simplicity, and ease of setup. That is what I like about this. Everything is pretty straightforward and easy to find. The interface being easy to use and find has been very helpful.

We don't use a lot of the logs. Generally, we don't need to. If we do need to go look at something or pull something up, the information is there in HostWatch or the logs. I have been happy with it.

We're not using the cloud.

We use it as a firewall. It protects us from security threats and uses a VPN tunnel.

WatchGuard Firebox made it so that I can connect to my remote offices without having to set up every computer to connect to our headquarters. Now, the remote offices can all just login to their system and work as if they are here at our headquarters.

The throughput and performance are excellent. I have never had a problem with them.

The solution provides our business with layered security. It gives us the ability to prevent traffic from coming in on certain ports and the ability to navigate certain traffic to different locations, not letting it just come into my system and do whatever it wants to do.

The VPN and tunnel between the two different clients. 

The ability to route Internet traffic to certain computers or IP addresses based on ports, etc. It provides me with ease of use, allowing navigation without having to do too much networking. It is all in a user friendly location.

The product is very usable. I haven't had too many issues with it. It seems to always run and be easy to make changes to, as long as you know what you want to do. There is plenty of documentation online to how to do what you need to do.

It simplifies my job because I can make any changes all in one location. I can login at the user-friendly site versus trying to do it in a programming or networking level site.

There is always room to get better, which is why I gave the solution a nine out of 10.

The stability is great. I have only had one go out on me, and it was because of my issue. 

We have one IT person for deployment and maintenance.

It is very scalable. I don't see an issue with scaling. I could always add another system by buying a new box and adding the connection. It would be easy.

I would assume anybody connected to the Internet is using WatchGuard, because they are using their block sites, etc. Everybody in our company is using the Internet, which is around 60 to 70 people. However, the people who are really using it are the people that work at different remote locations and login either via the tunnel or VPN. That is roughly around 15 to 20 people who do data entry and processing.

We do not have plans to increase usage for a couple years.

The technical support was good. Last year, I had an issue with one of the Fireboxes going down. It was overheated, because my server room became overheated and this fried it. However, the technical support was excellent. They got me a Firebox out as soon as possible, which helped me resolve the problem, getting it back up and running. They were great.

I didn't do the setup.

The deployment took about a couple of days, because when we were initially setting it up, we didn't understand everything to do with IPs. Now that we've played with it over time, we understand what it's doing and how it's working. It is definitely easier and faster now, but the first time building it was at least a couple of days.

When we deploy the product to other locations, we usually just get a box. On it, we make a copy of another box, importing the information into the new box, then change the settings that need to connect to the IP address on the incoming box. After that, we just run out and change the ports over, then go. It's not hard at all.

We set it up ourselves.

The solution saves us about an hour a month.

Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing.

It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do.

We are not using the solution’s Cloud Visibility feature.

The primary use case of the Firebox mainly revolves around bandwidth management, unnecessary web blocking, application control, and protection against brute force attacks. It is also implemented for load balancing, SD-WAN, and branch-to-branch connectivity from one location to another. We also use it for securing access through VPN and enforcing network security policies.

The WatchGuard Firebox has helped in securing our network by implementing a strong firewall with various features like VPN support, gateway antivirus, and application control. It has aided in preventing brute force attacks and managing our bandwidth effectively.

Some of the most valuable features of the Firebox include web blocking, application control, protection against brute force attacks, load balancing, SD-WAN, and VPN support. These features help us manage and secure our network efficiently.

One area for improvement is the limitation in the product portfolio compared to competitors like Fortinet, which offers a broader portfolio including Authentication, VPNs, FortiMail, Sandbox, and Email Security. WatchGuard's focus on UTM solutions may not meet the needs of all enterprise customers.

We have been using the WatchGuard Firebox for approximately five years.

The stability of the WatchGuard Firebox can vary depending on the customer network environment. The performance and latency may differ from customer to customer and infrastructure to infrastructure.

The scalability of the Firebox depends on the specific model and the number of concurrent users it can support. Different models offer different VPN capacities and can be tailored to fit the needs of various sizes of organizations.

Customer service and support are not explicitly mentioned in terms of rating, but overall feedback seems positive.

Positive

I have previously used various solutions including CyberRooms, Sophos, Fortinet, SonicWall, and other competitors. We largely switched to WatchGuard to integrate their UTM solutions and later their acquired endpoint security portfolios.

The initial setup of the WatchGuard Firebox is straightforward and time-saving. It is designed to be user-friendly even for those with basic IT knowledge, making it easy to deploy and manage.

Implementation can be done by internal IT teams. WatchGuard also provides support for implementation, ensuring that the configurations are appropriately pushed as per the model and requirements.

WatchGuard offers cost-effective solutions, especially beneficial for economically-constrained customers. Pricing and discounts are deal-dependent and vary based on customer requirements.

We evaluated multiple products, including Fortinet, SonicWall, Sophos, CyberRooms, and various others in the market.

To maintain the efficacy of the Firebox, it is crucial to renew the subscription to get security updates and additional support features. Ensuring the subscription is up-to-date is necessary for ongoing product support.

The solution controls who can connect to the Internet and who cannot and which protocols and services are allowed to pass through. It manages VPNs, including back-office VPNs. It also provides web-blocking features for users who want to restrict access to certain types of content.

Compared to competitors in the same segments, WatchGuard Firebox is an excellent firewall to implement.

WatchGuard Firebox offers DNS protection along with geofencing features. Additionally, the SSL VPN combined with multifactor authentication is excellent and a standout feature. 

The product is expensive. The pricing could be improved.

WatchGuard Firebox offers various models, each designed to meet different needs. While it's true that the models share many features, consolidating the lineup into fewer models could be beneficial. For example, they could have distinct models for small, medium, and large enterprises, each capable of scaling according to the number of users or throughput requirements. This approach would streamline their offerings, making it easier for customers to choose the right Firebox for their needs.

I have been using WatchGuard Firebox for 25 years.

The solution is very stable. I rate the solution’s stability a ten out of ten.

The solution’s scalability is good. 20 customers are using this solution.

I rate the solution’s scalability an eight out of ten.

WatchGuard support is highly effective. They maintain an excellent support and help desk service.

Positive

Once, I had to connect with a Cisco device on the remote side, which also went smoothly. It was between a customer and a third-party firm conducting business with my customer. They needed to establish a connection to their Cisco Firewall, and the implementation process was as smooth as setting up the back-end VPN.

The initial setup is straightforward. A simple installation for a small business takes about four to six hours. One IT guy is enough for the deployment.

I rate the product’s pricing an eight out of ten, where one is cheap, and ten is expensive.

The solution is transparent and easy to set up and maintain. 

WatchGuard Firebox has always been very effective for many customers who use Firebox to connect their remote sites. Additionally, many customers log in to a Firebox using the WatchGuard Mobile VPN with multi-factor authentication. This setup has proven to be very stable, high quality, and easy to configure.

Customers find WatchGuard Firebox to be an expensive solution, but some of them recognize its necessity. However, some customers initially fail to see the need for a firewall. Yet, when it comes time for renewal, after a year or three, they begin to understand its importance, often aided by a chart explaining its benefits. Just like a car requiring periodic servicing, a firewall also necessitates attention.

I recommend WatchGuard Firebox to others because it's a very good product. Firstly, it boasts numerous nice features. It's straightforward to implement, maintain, and understand. One particularly appealing feature is the real-time traffic monitoring.

Overall, I rate the solution a nine out of ten.

We use the product for added security layers, allowing us to control and manage our network traffic effectively.

The product's most valuable feature is DNS filtering, which blocks users from accessing unwanted websites.

The product's technical support services need improvement. 

We have been using WatchGuard Firebox for a few years.

We never encountered stability issues. The system never went offline.

I rate the platform’s stability an eight out of ten.

The technical support team takes time to respond.

Positive

We did use a different solution previously. We switched to WatchGuard Firebox because it offered added security features. 

While your supplier assisted with most of the setup, it still took some time to become accustomed to using the product effectively. The installation process spanned about two days, with the first day focused on physical installation and the second day dedicated to configurations. Beforehand, your provider inquired about your existing services, such as multiple Internet providers and virtual networks, to ensure seamless integration with the WatchGuard Firebox.

We took help from a third-party consultant for product implementation. Additionally, there were four staff members from our organization involved in the process.

As per my knowledge, the product is more affordable than alternatives like Barracuda, which was reported to be way more expensive. However, I wasn't involved in the detailed discussions about these aspects, so I can't provide more in-depth insights. I rate the pricing a seven out of ten.

Before choosing WatchGuard Firebox, we evaluated other options. Some of the alternatives we considered included Norton and Barracuda. However, Barracuda was ultimately deemed to be out of our price range. Norton was also considered but not chosen, partly due to pricing concerns. Ultimately, a partner highly recommended WatchGuard, which influenced our decision to select it as our security solution.

In our environment, we've deployed the WatchGuard Firebox primarily to secure remote access for users. Previously, we relied on remote desktops, but due to security concerns, we transitioned everything to VPN connections facilitated by the Firebox.

Initially, the ease of management and configuration of the Firebox for administrators was around four. However, as we became more familiar with the technical details and how to use it, that rating increased to an eight.

Firebox operates effectively in the background, blocking potential threats without a need for constant monitoring. It allows us to focus on other tasks knowing that our network is protected. As for ROI, it's challenging to provide specific metrics without detailed analysis, but overall, the enhanced security by the Firebox justifies the investment.

I rate it a nine out of ten.

The primary use case is it is a firewall solution. One of the major selling points was that WatchGuard does adapt in real-time as new threats are discovered, and they push out fixes in real-time.

A lot of our servers have been migrated to the cloud, so it is really our primary solution right now.

One of the things that it has done is we have been able to start cutting down on extraneous web traffic. We make sure that our bandwidth is being used for business functions rather than for downloading or streaming media files.

It very much simplifies my job. Before we got the WatchGuard solution, I was doing everything on a per machine basis. All of the security, firewall, and port security had to be done on the front-end before anything could go out. This could take hours to days depending on the system being used, and then it would have to be in the IT department getting provisioned. Now, the provisioning goes more toward what types of software are needed. We have it completely unified across locations with a security standard through the WatchGuard systems due to the roles that we've set up for the organization. We just set the same roles in place, then we are able to ensure that everything is uniform across all locations.

Productivity, especially within the IT department, has increased due to the time that we used to spend on each machine can now be spent on the network level. This allows us to turn our attention to other tasks, such as creating in-house systems, so we can roll out changes faster and be more responsive to the needs of our business.

One of the most valuable features is the Geolocation. Because we aren't a multinational corporation, it allows me to look at things which might be suspicious to make sure that they are legitimate transactions rather than people sniffing around the network.

I have found the reporting and management to be pretty useful a lot of times. When the reporting did come up short, it was due to a configuration error on my part. Anytime that I've had to look up historical information, I found that everything I have needed has been there and it has allowed me to piece together what happened.

We do a lot of work with cloud-based and Internet-based vendors. A lot of times when we are on the phone with them, I find that it is a bit more technical than they are used to when we are trying to set up specific exceptions to the firewall. We ask for the ports that it's going to use or the block of addresses that they're going to be going from. A lot of times the only thing that they have for us is the web address that they want me to whitelist. Unless I'm missing that functionality, it seems like it is looking more for those technical data points, essentially. A lot of times, I'm running into a problem where there's a lack of give and take between WatchGuard and me. We get it figured out eventually, but it would just be nice if there was a way to say, "We just want to whitelist this address."

It is a very stable solution. 

Once we had it set up the way we wanted, it seemed to be running extremely well.

For deployment and management, it's just me along with the reselling group (POA).

We have not reached any scalability issues, so far. We have used it in clinics as small as a few practitioners and ones that have more than 30 providers. We have never experienced any issues with the product slowing down or failing in any way.

There are five different users, I'm the main power user of it, and I essentially set up the rule sets and work to ensure that the system is delivering what is needed. The other users are more of administrative users who are viewing the web traffic within their own departments.

So far, I haven't needed to go to the solution's technical support.

We were just using on system firewalls. We were getting to the point where we needed to consider a network-based solution of a physical firewall. WatchGuard came highly recommended from our consultants when we partnered with POA.

At first, I did the guided set up where I chose the rules of what to block and what not to block. That was fairly simple. There are a few things that I had to go in and change. That took me a little bit of time to figure out. Overall, it was pretty simple. 

When logging in and registering it, I did run into an issue where I had to spend about an hour reading to try and figure out why I couldn't activate it. I contacted my reseller and they helped me with it.

The deployment took about two and a half hours.

Implementation strategy was more about my bosses wanting to get in, then set it up afterward. It was more about let's get it in place, get it working, and then we'll lock things down as we need to.

We have hubs in multiple locations. Our strategy for implementing these was once the first one was installed in our main location, then we had the role set up the way we wanted it for the entire organization. We used that to order additional Fireboxes and took them to our other locations. Those were preloaded with the same role sets and put online.

We used Pacific Office Automation. We had a very good experience with them. With the few bumps in the road that we had following the setup, we called them. We let them know what was going on and they helped us resolve the issues quickly.

It saves a lot of time. On a weekly basis, without having to do a per machine basis, it probably saves me about three and a half to four hours a week.

I think we might be subscribed to one or two of the premium features.

We were evaluating a Cisco solution as well. 

Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us.

There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use.

With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there.

We are not using the solution's cloud visibility feature.

Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows.

I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done.

We use the solution as an internet gateway. With its help, we can establish the connection between our company's HQ and branch.

The solution provided us with site connections and internet policies.

The solution's valuable feature is its pricing which is better than other competitors.

The performance of the solution's processor needs to be faster than other vendors. Also, it is time-consuming to configure it whenever multiple policies are involved. This area needs improvement as well.

I have been using the solution since 2012.

The solution is highly stable. I rate its stability a nine.

We have around 200-300 solution users in our organization. I rate its scalability a nine.

The solution's technical support is excellent.

Fortinet is faster to configure and access policies than WatchGuard.

The solution's initial setup process was simple, as I already have experience using it. It takes a month to complete. The process involves setting up the solution in a lab. Later, deploying it in a production environment once it meets all the configuration requirements.

Initially, we took help from a third-party vendor to deploy the solution. Afterward, we did it in-house. It requires three to four network administrators for deployment and two network administrators for maintenance.

The solution is worth buying.

I rate the solution's pricing as an eight.

I rate the solution as an eight. It offers more variable license bundles and has high availability than the other products.