WatchGuard Firebox Reviews

Security use cases for on-premises deployment involve safeguarding my customer's internet connections to ensure the safety of their digital assets.

I appreciate the intuitive design of the dashboard, which is both clear and self-explanatory. Additionally, the ongoing efforts to update the product and the valuable feedback received from technical support hold significant importance for me. Centralization is a crucial feature for me as it allows me to have all sites and customers accessible under a single click, not limited to just one.

I believe there is room for improvement in policies, with the potential to enhance the margins further.

I have been familiar with WatchGuard products for over fifteen years.

In terms of stability, I haven't encountered any significant issues, so I would rate it a solid ten out of ten.

It is very scalable, I would rate it eight out of ten. The majority of my clients are businesses with a maximum of up to twenty-five users.

If I encounter any challenges, I promptly create a support ticket with WatchGuard. Typically, within less than twelve hours, I receive a response from a technical expert addressing the issue. In general, problems are resolved in less than forty-eight hours. I am highly satisfied with this aspect.

I experimented with Fortinet and SonicWall years ago, and the experience was not particularly successful. Consequently, I transitioned to WatchGuard due to my longstanding involvement in the project spanning almost two decades. The interface has consistently seemed logically structured to me. In comparison to other solutions where I often find myself needing to look up and search again, the technical aspects may be similar, but the installation, control, updates, management, and monitoring processes are significantly more straightforward for me with WatchGuard than with its competitors.

The installation process was relatively straightforward for me.

The deployment time varies depending on the site and the assistance available. For clients without an on-premise systems administrator, which is usually me, the process is quicker. However, for clients with their own IT systems administrator, deployment tends to take a bit longer due to the explanations and training required. The duration can range from a few hours to half a day.

Over the years, the costs have increased, especially since I cater to very small businesses. While they comprehend the necessity of investing in network protection, these features have become relatively expensive. I would rate it six out of ten.

Overall, I would rate it eight out of ten.

The solution is used to protect, detect, and respond.

It is a lightweight product. The interface is very good.

The website must provide more information on the product. The tool must be promoted more.

I have been working with the product for almost one year.

The tool is stable. It is easy to maintain it.

Our customers are small, medium, and large organizations.

It is easy to deploy the product.

The price is comparable.

We recommend the solution to our customers. We are resellers. We provide technical support to our customers. Overall, I rate the solution a nine and a half out of ten.

I would describe primary use cases as a solid and cost-effective solution, especially when compared to other comparable solutions like Fortinet or different Cisco firewall suppliers and network security providers. However, I must say that it's not so intuitive to install, maintain, and configure. Nevertheless, it remains a solid and cost-effective solution.

We have seen it effectively stop some network security threats. It provides cost-effective protection and is easier to set up compared to other solutions. With other providers, it sometimes takes four to six or even eighteen weeks to deploy or receive the equipment. With WatchGuard, we have solutions that can be quickly deployed.

The most valuable feature, in my opinion, is the dimension logging platform and the network traffic filtering. The VPN feature is also very useful and valuable. Additionally, the remote site connection and VLANs are important.

One area of improvement is the deployment process; it is not intuitive.

The centralized administration and management, as well as the cloud-based interface, specifically the user interface (UI), menus, and module configurations. The administrative UI/UX could be significantly improved.

Compared to other solutions, I would say it's not a complete solution in certain settings. The centralized administration and XDR capabilities need improvement. One aspect that many firewall and network security manufacturers fail to understand or integrate well is the endpoint, XDR, or EDR solutions. For example, Cisco has its own endpoint solution, which is not very good, and other manufacturers like Check Point or Palo Alto have their own EDR solutions. The primary issue is that they haven't effectively integrated these solutions with other manufacturers to create a more comprehensive and cohesive offering. It's important to have a solution that integrates anti-malware and antivirus XDR features. In terms of mobile device management, that's a feature I haven't seen.

I've been using it with some of my clients for about three to five years, depending on different situations. One of them is not selling or reselling it, and another one is in settings where clients decided to switch from our supplier and buy WatchGuard.

We normally use Total Protection.

I would rate the stability of WatchGuard a nine out of ten. 

I would rate the scalability of WatchGuard a seven out of ten. 

There is an area of improvement in customer service and support. 

Neutral

The initial setup is straightforward, but there is room for improvement. It's generally straightforward, but there are areas that can be enhanced.

There is an ROI for some time. However, after the first year, it becomes less straightforward to see a return on investment when equipment needs to be changed or licenses need to be renewed.

The price is very good, but the follow-up on the sales channels, especially the local ones, is not so good. Some MSSPs or suppliers do a better job than the brand's direct channel administration.

My advice would be to rely on a reliable partner who understands your operations and has experience in deploying and scaling WatchGuard.

Overall, I would rate the solution an eight out of ten.

I've used it for network control, and it's been quite helpful.

We have used it to keep our network clean and only allow certain things to work. So, it's useful for network control.

The control software is currently only available for Windows, which can be a little annoying. However, it is painless to use. A future release that is more focused on Linux would be great. Also, it would be helpful if it provided more diagnostic information on the OS side. So, a Java application that works for every other OS would be helpful.

I have been using this solution for more than ten years. We are using the latest version. I have experience working with it.

It is a stable product. I would rate the stability a nine out of ten.

It is a scalable product. I would rate the scalability a nine out of ten. While there are currently around 50 users, the number of users may vary depending on how the software is used in our particular environment. It's possible that there could be more users in a different environment, but we wouldn't be using the software concurrently. Additionally, some users in our network are currently submitting requests and utilizing the software, which could create a challenge or bottleneck for the software due to the increased demand.

The initial setup was quite simple. We didn't face any bigger issues. For us, it was so simple that we had all we needed. I didn't have any big problems. You just need to decide what you want to have and which programs you want to work with, and then make those configurations work. 

It's easy to do once you learn the WatchGuard side, but there's also the other side where you need to test the TCP ports, IDB boards, and other things that the program needs to work with. Depending on what you want to work with, it usually takes a bit longer, but it needs to be easy to modify and allow/disallow things in every software you're using. 

If you have the subscription system in the license, it can be included in your hardware subscription. So we usually purchase a big license that includes it. But it's always possible to take smaller subscriptions and then add those. You can choose between subscription plans.

It's user-friendly. And if you are using a WatchGuard device and you want to test that side of the software, it's quite easy to get the license to test it. It's included when you purchase the WatchGuard device. Then there's the possibility to test the bigger software for a while and get the older things to happen. And, of course, if you need more, you can just call your support and ask if you can have a test license to try a little more.

Overall, the product is an eight out of ten because WatchGuard lacks diagnostic information on the OS side.

Our primary use case for this solution is a primary firewall.

The features I found most valuable are probably the built-in VPN functionality and the scalability because they can both be centrally managed. It is very easy to scale. It is also very granular, so you can be as restrictive or as non-restrictive as you like. This means you can be very precise with it.

The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming.

I have been using this solution for a year now.

I would rate the stability of this solution an eight out of 10, with one being unstable and 10 being very stable.

I would rate the scalability of this solution a 10, on a scale of one to 10, with one being not scalable at all and 10 being very scalable.

We currently have about 200 users.

From my experience with their customer service team, I would say that they seem quite knowledgeable and fairly quick to respond.

Previously, we used FortiGate. FortiGate is a much more mature product. I feel like FortiGate is a lot easier to work with. Firebox, you're able to achieve the same outcomes, but it can be a lot more complicated to do so.

The initial setup can be somewhat complex. I would rate it a six out of 10, with one being not complicated at all and 10 being very complex.

Our deployment was done through a third party.

I would rate their pricing plan a four, which means it's definitely on the cheaper scale.

I would recommend this product, but you need to make sure that you've got the technical capability to work with it because it can be quite complicated. Overall, I would rate this solution a seven out of 10, with one being poor and 10 being excellent.

WatchGuard Firebox is used as the core firewall. It's also used for routing purposes. As a software, it's also used as a VPN access for external clients.

How WatchGuard Firebox improved my organization is that it provided a deeper level of traffic management. It allowed the company to more effectively manage the network traffic, which led to higher efficiencies across the network. Though FortiGate does a much better job of managing traffic, WatchGuard Firebox does it more efficiently.

What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great.

What could use some significant improvement in WatchGuard Firebox would be its interface and policy management.

An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it.

I've been using WatchGuard Firebox since 2016. I'm still using it.

WatchGuard Firebox is a very stable product with no issues whatsoever.

WatchGuard Firebox is a very scalable product. My company decided, after initial implementation, to move to a redundant core network, and it was able to implement a second device seamlessly to act as a passive follow.

All of my interactions with the technical support team of WatchGuard Firebox have been great, so far. The support team is very responsive and very knowledgeable. I haven't had an issue that the team hasn't been able to resolve. The team always responded within the SLAs.

On a scale of one to five, I'm rating the support for WatchGuard Firebox a five.

We used Palo Alto before WatchGuard Firebox, and the reason we switched was because of some failures in the Palo Alto firewall.

The initial setup for WatchGuard Firebox was very straightforward, though my company has a relatively complex network utilizing SD-WAN, MPLS, and BOVPN technologies. On a scale of one to five, where one is the worst and five is the best, I'm rating my setup experience a four. There's always room for improvement, but it was a fairly good process.

The deployment of the WatchGuard Firebox took eight hours to complete.

WatchGuard Firebox has been implemented as the core firewall for the organization. The reason my organization upgraded to the device and switched from a previous software was due to a hardware failure of the previous firewall.

We deployed WatchGuard Firebox internally, through my team.

In terms of ROI from WatchGuard Firebox, from a data perspective, I couldn't share only because my company doesn't have any metrics on ROI. However, I can say that the threat management and prevention features such as IPS and IDS caught several malicious files coming in through the firewall or WatchGuard Firebox, so I suppose that alone makes it worth its weight in gold.

We paid $4000 in AUD for WatchGuard Firebox per year. There were no additional costs.

I didn't evaluate other solutions, apart from Palo Alto, before using WatchGuard Firebox.

I'm using the latest version of WatchGuard Firebox.

My company has one thousand and five hundred users of WatchGuard Firebox in IT, Finance, and Graphic Design.

At this point, there's no plan to scale WatchGuard Firebox, but it's fairly well-configured to scale if required.

I do ninety-nine percent of the work in terms of maintaining the product. One person seems enough for the maintenance of the WatchGuard Firebox.

The only advice I would share to others looking to implement WatchGuard Firebox for business is to consult with a person experienced on the platform, specifically during your first implementation, just because there could be some unique issues that you may face that you won't find outside of the WatchGuard platform. Overall, I would recommend WatchGuard Firebox to others.

In general, I'd give WatchGuard Firebox eight out of ten because there's always room for improvement. No product will ever get a perfect ten. I ruled out nine as the rating and I gave WatchGuard Firebox an eight just because fundamentally, a firewall packet and policy management is at the forefront of what a firewall does, and not being able to modify the policy really bumps the product down a little bit in terms of rating, in my opinion.

I'm a customer of WatchGuard Firebox.

We primarily use WatchGuard Firebox like a typical firewall, to protect ourselves from outside and inside threats. 

I have the WatchGuard Firebox M270, deployed on-premise. 

WatchGuard Firebox improved our organization by acting as a firewall, with all the specific components of one. If you have an antiviral solution, you can see how many were blocked; from where they were blocked; what the statistics are on the areas that the attacks came from; and if there are attempts, or if they do get through the firewall, where they came from and where they went. You know exactly what to look for, to see if there is any kind of penetration inside your system, or if anything has been compromised, and you can take any measurements against these threats. 

All of the features have been valuable. There's nothing on my M270 that I'm not using. If you have remote access, you can see how many users are coming from the outside world to be connected to the systems, through the virus systems that we have behind the firewall, in order to gain access to their files and do their work. We can also see how long they stay online and whether these connections are closed forcefully or for any other reasons, such as a glitch or some kind of misbehavior, to see if internet traffic is optimized and if that particular traffic is under company policies, concerning which websites were visited. 

There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well. 

Most of the features that I have right now are more than okay with me, but something like a better interface is always worth suggesting. Also, things like computer-based training on firewalls and specific solutions—especially in things that have been deployed on every new version—is usually something that we need to see in order to understand what, exactly, these people have created for us. 

I have been a WatchGuard user since 2004. 

This solution is stable. 

I am the only one who maintains the firewall—we don't have a team to handle it. 

This solution has been scalable to the level that my company wants. 

Behind the firewall, we have 60 users. On a daily basis, there are approximately 40 to 45 users in the office: they are people from the purchasing department, technical department, accounting department, operation department, etc. 

In general, their support is okay, and nothing fancy. We have had a few chats and a few cases on several things that I wanted to do by myself, but needed some guidance on. The speed is not the speed of light, but we are getting through to what we want to have within a day or so. 

I don't have any comparison to make with a solution that's on the same level as WatchGuard Firebox. We had some experience with all of the Cisco firewalls, but they didn't have the same level of security that we have with our existing firewall. Those were quite old, so I cannot really compare that old technology with something that is so new. 

The initial setup was quite straightforward because we are a small company. We have 50 people working at this company, so it's a rather small installation with no fancy or complex configuration. The deployment took an hour or so, but from that point on, there have been numerous hours of work to get up to the point we're at now with our firewall solution. 

It's quite easy to deploy because the initial installation doesn't involve many fancy things. Out of the box, it's quite clear that it has features that need to be blocked, and these features have already been blocked by default, to help anybody deploying this solution. It's like having 35%-40% of your configuration ready, so you only need to add another 25%-30% to reach approximately 70% of your full configuration, which takes no more than a couple of hours. The additional 30% are the small, exact things and the prediction correction, the things that are usually done on a firewall solution in the following hours, days, months, years by the users of the device. However, you can reach the level that you personally believe in, 100%, within a matter of days if you know exactly what you need to do. 

I implemented this solution all by myself, since I was lucky enough to have basic firewall knowledge. Our implementation strategy was to get to the level, as fast as possible, where I could meet the minimum requirements of the company, concerning its firewall policy. 

I have definitely seen a return on investment. To be exact, you cannot really value the return of investment on this kind of product because an IT product usually delivers services that cannot really be measured in money. Rather, it can be measure in things that we can do and things that we cannot do. So, money-wise, you cannot really measure it, but if I'm measuring it on things that I wanted to achieve with a device, there was a 100% return back. 

The licensing contract we have is on a three-year basis. There aren't any costs in addition to the standard licensing fees—usually, every three years, we just purchase or renew the same license and we are okay. Every six years, we completely change the firewall, but that's the usual schema. So after three years, we just renew the licenses for another three years, and then after that particular period of time, we just purchase another firewall equivalent to the ones that we currently use.

I rate WatchGuard Firebox an eight out of ten. 

This is a solid device and it delivers what it says. It doesn't do fancy or extraordinary things, but it does delivery exactly what it's supposed to deliver. 

We run education organizations. We have students and staff working on campus. We wanted to be protected within the campus as well as outside the campus.

I am using WatchGuard Firebox XTM 850, and I have its latest version.

In terms of users within the campus, the policy-based usage helps us where we allow something during the daytime, something after school hours, and something during the night. In terms of outside the campus, it helps us in monitoring our mail services. All our deployments are protected from external users.

Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable.

The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in. 

I have been using WatchGuard solutions for the last ten years.

It is very stable.

It is scalable. We have about 1,200 users at this point in time, but the number of devices exceeds 2,200. There are multiple devices per person in today's world. A staff member is using three or four devices, and students are using at least two, which makes it 2,500 or 3,000 devices.

Their technical support is very good. You get a response within 15 minutes to an hour at the max.

We had Cisco ASA Firewall. It was a very simple firewall.

Its initial setup is very straightforward. It took 30 minutes.

A consultant from WatchGuard was there. He showed it once, and our people could do it easily. They have deployed it again and again. It is pretty simple. 

You just need one person for its deployment and maintenance. Security personnel is the one who manages it.

They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years.

We evaluated SonicWall, Palo Alto, and Cisco, but this was the best.

I would rate this solution a nine out of ten.