WatchGuard Firebox Reviews

We are WatchGuard partners, and we also use it on our own. We are using it for general firewall purposes and vulnerability management. We are also using some of the additional security stacks such as intrusion detection and so on.

We are one version behind the latest version. We have it on-prem at the moment, but some of our customers have private cloud solutions.

I like intrusion detection the most.

I'm pretty happy with it, but vulnerability management could improve a little bit in comparison to other parts, such as Cisco and so on.

There could also be better reporting. For example, there should be more out-of-the-box management reports. These two improvements would be nice.

I have been using this solution for around 10 to 15 years.

It's stable.

It's scalable, but I haven't compared it with others.

There are five people who are using it from an administrative perspective, but everyone is using WatchGuard because of the VPN.

I haven't interacted with them myself, but my colleagues state that their support line is good.

Its setup is of medium complexity. It's not super easy. Everything is in its right place, but it's not as complicated as other vendors. It's in the middle.

The deployment duration varies. Depending on your needs, it could take a few hours.

It's in the medium range. Its price is pretty good considering the functions and add-ons that are used.

I would advise having a proper look at the features because there are a lot of different versions, scales, and limits on different Fireboxes. You have to decide in advance which one is good for you in terms of performance, future needs, and so on. You shouldn't have too many changes in your landscape. 

I would rate it an eight out of ten.

We use it to protect our web stations and service. 

We established a branch office VPN to our branch office. Since last month, we have added Mobile VPN tunnels to our headquarter.

We have the ability to use it for connecting to our terminal services, then to the Fireboxes, so we can create user-based policies, which are very important at this time. We can control who has access to management servers and machines that are not for general use by users.

We use a normal packet server. We are also using a proxy service and IPS, so all features are possible with these devices. We have seen many attacks from specific IP addresses that were all blocked. Most times, these were IPS traffic port scans. All this traffic is normally blocked from our side.

The solution simplifies my business. Normally, for administration, we are using Watchguard System Manager on Windows since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom.

With Firebox, the monitoring is good. On the Dimension servers, I can see where the IP addresses send and receive a lot of the traffic so I can analyze it. I am also able to see where attacks are coming from. It's good to see visually what policies are most in use and which traffic was blocked. Its easy to visualize policies. The dimension server shows which policy is used and the data flow through the firebox.

For our requirements, WatchGuard has very good features available in its software.

It is good for administrating devices. It is reliable and easy to use. Most of the time, the results are what I expected.

The performance of the device is good. The time to load web pages has not been slowed down too much. With additional security features, like APT and IPS, WatchGuard Fireboxes need a moment to check the traffic.

For reporting, we use the Dimension server from WatchGuard where we have many options to analyze traffic. It has a good look and feel on all websites that WatchGuard creates. All pages have the same system, so it's easy to use because the interface is uniform throughout the entire solution.

We are using some of the cloud visibility features. What we use on that cloud is DNSWatch, which checks the DNS records for that site. It is a good feature that stops attacks before they come into the network. For most of our clients, we also run DNSWatchGO, which is for external users, and does a good job with threat detection and response. It is a tool that works with a special client on our workstations. 

Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard.

I'm missing a tool by default, where you can find unused policies. This is possible when a) you adminstrate the firebox with dimension, or b) you connect it to Watchguard's cloud.

We have been using this solution for a long time (for more than a decade).

The stability is very good. I normally only do a reboot of a Firebox when I upgrade the boxes with new software, so they run sometimes two or three months without a reboot.

It is scalable to many environments. With all our locations, we found this solution works.

For the moment, we have around 80 users total at all our locations. The traffic at our headquarters per day is 300 gigabytes.

Our number of Fireboxes has been constant over the last few years, as we don't have new locations. We are a sports organization, so we are not expanding.

WatchGuard's support is very good. Over the years, there have been only one or two tickets that were not solved.

When you start as a new customer, you should start with a bit of support from your dealer so you have some training on the boxes and how to manage them.

Before using WatchGuard, we had a Linux server with iptables. We switched to Firebox because it is much easier to administrate. It has real boxes with a graphical interface, instead of command line administration.

It is relatively easy to set up a new box. In my experience, you have a basic rule set. When you start with a new box, you can quickly make it work, but you always need to specify the services that you need on the boxes. You need some time to create the right policies and services on the box. This is the process for all Fireboxes that you buy.

When you have a small branch office with a small number of policies, you can make them active in production in one or two hours. With complex requirements at your headquarters where you have several networks with servers, web servers, and mail servers which can be accessed from the outside, the configuration will need more time because the number of policies is much higher.

The implenetation was done by the vendor. For us the solution was ok. At this point my knowledge about firewall was not on the level I have today.

It saves me three or four a month worth of time because it stops malware. I don't need spend time removing malware from the client.

I think the larger firewall packages are much better because a normal firewall is not enough for these times. You need IPS, APT, and all the security features of a firewall that you can buy.

We evaluated some other solutions.

Administration of Fireboxes is only a small part of my job. I have been the network administrator since 1997. While the solution does make less work, I still need a little time to monitor all solutions. 

I would rate this solution as a nine (out of 10).

We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.

It helps keep unwanted traffic from coming in, or traffic from going out that we don't want to see out there. If we have unwanted traffic coming in, traffic that we don't need as a facility, then we would be opening ourselves up to security problems and vulnerabilities. It helps because malicious attacks coming in are things I don't have to worry about. So far the WatchGuard has done a good job at blocking all that.

In terms of simplifying my job, the simplest device is one that you can put in place and not have to worry about it. That's the WatchGuard. It's there, it's working. I don't have problems with it so it's "out of sight, out of mind."

It also saves me time, by doing what it's supposed to do. I don't have to mitigate problems that it allowed through. I couldn't tell you how much time it has saved me. It really would depend on what kind of problems I might experience.

The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out.

In terms of the throughput and performance, we don't have a problem or any bottleneck there. We downgraded the size of our appliance because we're a small facility, and what we had before was actually too big. The one we are now going with seems to be doing a great job.

The management feature is pretty nice.

I'm not really impressed with the reporting side of it. It may be something I just haven't figured out very well, but it's hard to filter down on reporting of the actual valuable information that you would want. There is a lot of information out there so you have to have some kind of tool capture it and then filter through it. So far, I haven't found the reporting side of the WatchGuard to be that user-friendly. I would definitely like to see better reporting tools from WatchGuard. That would be a very high priority for me.

Also, setting up the site-to-site VPN is pretty easy with the WatchGuard, but the client VPN setup is not very friendly. If you have a client-to-device VPN that you need to set up for a mobile user there are different protocols that they will accept but none of them are a plug-and-play type of option.

The organization has had WatchGuard, different versions, for 12 years. I've used WatchGuard, myself, for about seven years. We got the Firebox approximately three years ago.

The stability is great. I've not had any problems. In three years, we've had to restart the device maybe twice. We've had to restart it more than to clear out any cache, because you don't want anything building up in cache memory. But we've only had two problems where we needed to restart the device. And it actually restarts really fast. It doesn't have much downtime at all.

It's used extensively. This is the only firewall we have in the facility, between the hospital, nursing home, and home health. It handles all the traffic that comes from all three campuses here. I don't see us expanding enough to worry about getting another device. This one seems to be doing exactly what it needs to do.

I've only had to use their technical support twice in quite a few years, so it would be hard for me to rate. But they were responsive when I did have a problem. I haven't had any problems with support at all.

I moved here in 2013 and the company was using the WatchGuard at that point.

With this newest device, the initial setup was pretty straightforward. We were able to copy the configuration from the old device. That's a good thing about it: the configuration file is able to transfer from an old device to a newer device and just continue going. It takes a long time to build up different traffic policies, and to make exceptions for different websites. If you had to do that every time you got a new device, that would be a problem. Luckily, with this, you're able to save your configuration file and transfer it to the new device.

The deployment of this new device took 30 minutes, at most. There are only three people in our IT department, but the deployment only required me to be involved. The other two guys are network technicians. All three of us can go in and modify policies or do whatever we need to do, but it generally doesn't take much maintenance.

I got on the phone with WatchGuard to make sure that everything would transfer over and they assured me that it would. And as far as the switching over to the new device goes, most of the planning required was just letting users know that the internet was going to go down for just a little while. We planned it for a period of slow usage here at the hospital where we could bring it all down, copy the config file, move it to the new device, put it in place, and swap the connections over. It came right up. We had to import the new key and got it activated. But other than that, everything worked.

ROI on this type of solution is a hard number to quantify. We've not had a problem so that in itself is a return on investment. If you don't have an issue how do you calculate what your return of investment would be? How do you quantify the peace of mind? But we've not had to spend a lot of time troubleshooting.

The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand. 

And with this appliance you also get a certain number of VPN tunnels. With this one, it's something like 500, not that we would even use that many. Whereas with SonicWall, at the time we were using it, it came with 10 and then anything over that had to be purchased.

Money-wise, it's a one-and-done with the WatchGuard. With SonicWall, there were a few things that you had to pay extra for to get. 

The subscription services with the WatchGuard are pretty nice.

I used the SonicWall at another hospital in southwest Arkansas. 

WatchGuard has come quite a way, as far as the Fireware Web UI goes. The GUI application has become better, making it easier to navigate through setting up policies and setting up VPN tunnels, etc. SonicWall had been there quite a while longer than WatchGuard, in terms of being user-friendly. But I can't complain about the WatchGuard now. When I first moved here, it was very cumbersome to navigate through, but with the Web UI it's really improved.

They do have a client that you can connect to the WatchGuard if you want to use that client. It's still kind of clunky for navigating and I very seldom use it anymore. They call it the WatchGuard System Manager. It's not quite as friendly as the Web UI. It's usable, it's just not really friendly. But the Web UI is very well done.

My advice would be go for it. We've not had any problem with it. We've been very pleased, especially with the newer WatchGuard we've put in place. It's very responsive. It works great. It may have a little bit of a curve on learning it, but once you learn it, it's hard to say you'd want to go back to something else.

It took me a little bit to get used to WatchGuard. I was familiar with SonicWall before I moved into this role. But now that I've used it for almost seven years, I've gotten to know it pretty well and it works great. Once you get used to what I would call the idiosyncrasies of WatchGuard, as opposed to the SonicWall, it's pretty easy to configure. Using the WatchGuard web UI also makes it a lot easier to configure.

It provides us with somewhat layered security. It is the firewall between us and the outside world. With our subscription we do have the Gateway AV, so it does watch for things of that nature. We have certain policies in place that help with the layered part of it. But it's just one of many layers. We have other things in place to help, but it's definitely something I wouldn't want to do without.

My company uses WatchGuard Firebox for the data centers that work in our office. My company has websites and web applications, because of which we use WatchGuard Firebox for system security.

In WatchGuard Firebox, the antivirus and malware detection systems are areas with shortcomings that require improvement since they are the most important elements of a cybersecurity tool.

In the future releases of WatchGuard Firebox, I want to see more frequent updates.

I have been using WatchGuard Firebox for two years. I am an end-user of WatchGuard Firebox.

Stability-wise, I rate the solution a one out of ten.

It is not a very scalable solution. Scalability-wise, I rate the solution a three out of ten. The scalability structure of the product does not work properly. There are some downtimes in the solution for which we don't get any notifications. In our company, we don't worry whenever there is an upgrade for the solution.

In my company, we are full-time users of WatchGuard Firebox, and we have applications that are not just used inside our office but publicly on the internet. My company faces many cyberattacks from Russia and China, which is really bad.

My company does not plan to increase the use of the solution.

When trying to contact the product's technical support team, it turns out to be a slow process.

I rate the technical support a three out of ten.

Negative

I rate the initial setup phase of the tool a seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on an on-premises model.

The solution's deployment process takes just a few hours to be completed.

For the deployment process, you first connect to a serial cable. WatchGuard has management software that you need to install on a computer to manage the firewall software. You need to connect the firewall serial cables to your computers. In my company, we manage just one software for upgrades and deployments.

One person is enough to take care of the product's deployment process.

WatchGuard Firebox is a cheap solution.

The systems from WatchGuard are not properly working since I have seen that my company faces exploits in security when using WatchGuard Firebox.

If you just plan to use WatchGuard Firebox in your office and not publicly, then it is okay to purchase it. With WatchGuard Firebox, you can manage your users and permissions while also taking care of the basic setup phase in your office. For systems open on the internet, you can use solutions bigger than WatchGuard Firebox that can provide you with more professional services.

Since the tool's performance is not good, I rate the overall tool a two out of ten.

We run education organizations. We have students and staff working on campus. We wanted to be protected within the campus as well as outside the campus.

I am using WatchGuard Firebox XTM 850, and I have its latest version.

In terms of users within the campus, the policy-based usage helps us where we allow something during the daytime, something after school hours, and something during the night. In terms of outside the campus, it helps us in monitoring our mail services. All our deployments are protected from external users.

Policy VPN, site-to-site VPN, traffic monitoring, anti-spam filters, and all other advanced features are valuable.

The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in. 

I have been using WatchGuard solutions for the last ten years.

It is very stable.

It is scalable. We have about 1,200 users at this point in time, but the number of devices exceeds 2,200. There are multiple devices per person in today's world. A staff member is using three or four devices, and students are using at least two, which makes it 2,500 or 3,000 devices.

Their technical support is very good. You get a response within 15 minutes to an hour at the max.

We had Cisco ASA Firewall. It was a very simple firewall.

Its initial setup is very straightforward. It took 30 minutes.

A consultant from WatchGuard was there. He showed it once, and our people could do it easily. They have deployed it again and again. It is pretty simple. 

You just need one person for its deployment and maintenance. Security personnel is the one who manages it.

They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years.

We evaluated SonicWall, Palo Alto, and Cisco, but this was the best.

I would rate this solution a nine out of ten.

Our primary use case is VPN connectivity between 50 locations and our headquarters.

It saves us a lot of money over MPLS connections, about $125,000 per year.

WatchGuard provides us with one of our layers of security. The HTTPS proxy is where a lot of things get trapped.

The most valuable are the VPN and proxy features. We have all the sites we have to connect and that's how we do it.

I've been using it for so long so I'm pretty used to it. But I think it's fairly simple to use and understand. It helps if you're an IT expert. There isn't much of a learning curve if someone has an understanding of connectivity and firewalling. If they don't, there is certainly a learning curve.

The throughput is excellent. It's only limited to our bandwidth. We haven't had any trouble with throughput. The throughput of the firewall, in all cases, seems to be better than the bandwidth available. It's not the bottleneck.

I don't use the reporting features a whole lot, but Dimension is pretty good.

It's very hard to get information from their website, for exactly what I need to do. Sometimes I end up having to open a lot of support tickets. It's either too detailed or not. I never have good luck with their online tools. It's a navigational issue which makes it hard to find what I'm looking for and it's just so broad.

In addition, I have had a ticket in for an awful long time regarding a bug that they should address. If you're using a firewall as a DHCP server, it doesn't keep a good record of the leases. I opened a ticket on this about two years ago, and every couple of months I get an email back that it's still under engineering review.

They're very stable. I've had one firewall fail at 50 locations in the last ten years.

Scalability for me would mean, as we add more branch locations, the firewall here can support all of those VPN connections, and I'm not even scratching the service of what it can hit. It's very scalable.

Tech support has been good. It's gotten a lot better the past few years; it's very much improved. Twelve years ago it was the worst. Now, it's very good. They get back to me in a day if it's nothing critical. And I don't ever really have to escalate. They're pretty resourceful and understand their product.

Previously, I built a Linux box.

The initial setup is very straightforward. I've done it so many times that I could do it in my sleep. It's pretty simple to run through the GUI and get a quick setup. It's like if you asked me, is it hard to drive a car? I've been driving a car so long I don't know any other options. It takes me maybe an hour to set one up and get it ready to send out. At that point, it's fully configured. It's just plug-and-play when it gets to the location.

I, or one of my IT guys, will often have to be onsite. We'll send one out to a branch, then we'll have to walk the warehouse manager through how to plug things in. Deploying it to distributed locations consists of plugging it into the modem and plugging it into the network, assuming I programmed it correctly.

Deploying it requires just one person. We have three people in the IT group maintaining the entire network, but it's mostly me. It takes me about five hours a week.

ROI is very abstract for a security tool. As far as being able to create VPN tunnels versus having it managed by another vendor, as I said, it saves us about $125,000 a year, maybe a little more. Even comparing it so an SDYN solution from an outside vendor, it's a lot less expensive.

We only license our corporate one and the one we have at our DR site, we don't worry about the branches. It doesn't pay for us to license the ones at the branches. What they charge for what they call basic maintenance is extremely high for those little fireboxes. So we don't bother with them.

They're good machines. They're fairly easy to configure and they're stable.

We mostly use the M400 at corporate and at our branch offices we use T35s, T30s, and XTM25s. In terms of additional usage, I'm looking at the management console and, possibly, the drag-and-drop VPNs.

I would rate it at nine out of ten. The documentation makes it a little hard to find what I need sometimes.

Our primary use cases for WatchGuard Firebox are routing and VPN, including the integrated firewall. We do not use the SSO system or any other router features.

WatchGuard Firebox was able to help our organization during the pandemic as we were obligated to work from home. We were working remotely, so the VPN feature of WatchGuard Firebox allowed remote work.

The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN.

The user interface for WatchGuard Firebox has room for improvement. Right now, it's a bit complex to work with and could be easier. I like Fortigate better because its user interface is nicer and easier to work with than WatchGuard Firebox, so improving the user interface would be great.

I've used WatchGuard Firebox for two to three years and still use it at work.

WatchGuard Firebox is a nine out of ten in terms of stability.

In terms of scalability, WatchGuard Firebox is an eight out of ten.

I didn't have to call the WatchGuard Firebox technical support team, but the support on the website is a six out of ten.

Neutral

The company used Fortinet before using WatchGuard Firebox, though I don't have information on which Fortinet product and why the company switched to WatchGuard Firebox.

I wasn't involved in the deployment of WatchGuard Firebox because I wasn't there when the company chose the product. I just learned to love it.

WatchGuard Firebox was great for remote working, but I have no information on its ROI.

I have no information on WatchGuard Firebox costs.

My company uses WatchGuard Firebox. There's a Watchguard router for the internet and three sites on WatchGuard.

I'm using WatchGuard Firebox M440.

The product is deployed on-site.

I can recommend WatchGuard Firebox to anyone looking into implementing it, but I cannot advise on how to implement the product for your network or environment.

My rating for WatchGuard Firebox is eight out of ten.

My primary use case is for my network security even when I am out of the office.

WatchGuard Firebox has improved our organization one hundred percent from before we started using it.

I have found the DNS Watch feature for intrusion and prevention response and APT Locker most valuable to me.

I would like to see more training become available for us. I would like to see the port conflicts improved.

I have been using WatchGuard Firebox for the past five years.

The stability is good.

There is excellent scalability and we are using it at full capacity.

The initial setup is quite complex and difficult, especially for first-time users. You need to go on the website and study it before you start using the policy manager. Once you start using the policy manager it becomes easier.

We used a third party and the deployment time takes less than ten minutes.

The return on investment is that it saves us a lot of time from intruders creating problems.

The licensing can be a one-time purchase unless you need the extra services for example twenty-four seven support.

I did try pfSense and FortiGate and decided WatchGuard Firebox was what I needed.

I would rate WatchGuard Firebox a nine on a scale of one to ten.