WatchGuard Firebox Reviews

I'm deploying the WatchGuard Firebox for many of my clients, and they all stay satisfied with the product. The primary reason as a common request from most of the users is to protect the environment from the outside network attacks. It is popular because of its security layers dependencies and its great performance.

The proxy policy and packet filtering templates make it very clear while I am configuring the Firebox for customers. Also, the variety of actions that are designed per kind of packet payload are dependent on the protocol's payload.

The Firebox is developing most of my client's infrastructures, starting from internet access and its amazing protocol-oriented proxy policies. It also has a deep understanding of the packets, meanwhile the most powerful HTTPS inspection features.

It is supported by the VPN, either Branch office or mobile users.

In addition to its impressive extraordinary DNS security, it has an access portal, which is a feature for publishing web applications, cloud applications, or even publishing internal RDP and SSH. 

https://www.watchguard.com/wgrd-resource-center/2019-nss-labs-ngfw-group-test

The traffic management feature is very flexible and it let you manage varieties of our customer's needs as it is working per policy, for all policies, and per IP address. You can apply it also per application or application category, all in the same proxy policy.

The differences between backup and restore and the configuration file allow us to perform a migration from one box to another in a single click.

The security that is used for defending from the attacks is very good. As an example, for the HTTP packet, you will find botnet protection, Reputation Enabled Defense "RED" and DNSWatch "the DNS security", in addition to the AV gateway. They are all working together to protect internet access.

I would like to see the number of management consoles reduced. As it is now, Firebox can be configured using the web UI, WatchGuard System Manager, Dimension server, and from the cloud. This should be done without affecting the way we deal with the configuration file, as it's one of the strongest points in making its implementation smooth and easy.

I would like to see the devices made more flexible by adding modules to increase the ports that we can use. As it's started from T80, the last edition of tabletop appliances, it should also be applied to all M series appliances.

As I work as a services provider, I have used many different solutions. I find WatchGuard Firebox provides very good value. as you find in the following points "Not everything":-

1. Configuration migration between boxes.

2. More flexible while applying traffic management.

3. Best performance.

4. Security layers and its dependencies.

5. Protocol oriented.

6. Rapid deploy feature that it let you make a total configuration remotely for a box on its default factory mode.

7. total protection for inbound and outbound traffic by applying the policies with a deep understanding of the traffic. 

8. The DNS security and how it stops the malicious DNS requests on the scale of network security and its endpoint for mobile users to apply the same while they are outside the environment.

9. SD-WAN feature and how it deals with lines quality by its Jitter, loss, and latency.

10. The exception for sites, ports, and IPs, it has a huge variety and you can do it at many levels. Before the policies starting already in the default threat protection, Or in the global settings but after the policies starting to scan then you can avoid all of that per policy per protection type which is meaning that you can expect something from geolocation or WebBlocker or APT Blocker, etc...

11. there are some other features in the box Access Portal, Application Control, APT Blocker, Botnet Detection, Data Loss Prevention (DLP), Gateway AntiVirus, DNSWatch, Geolocation, IntelligentAV, Intrusion Prevention Service (IPS), Reputation Enabled Defense (RED), spamBlocker, Threat Detection and Response, and WebBlocker.

We use it as a firewall. It protects us from security threats and uses a VPN tunnel.

WatchGuard Firebox made it so that I can connect to my remote offices without having to set up every computer to connect to our headquarters. Now, the remote offices can all just login to their system and work as if they are here at our headquarters.

The throughput and performance are excellent. I have never had a problem with them.

The solution provides our business with layered security. It gives us the ability to prevent traffic from coming in on certain ports and the ability to navigate certain traffic to different locations, not letting it just come into my system and do whatever it wants to do.

The VPN and tunnel between the two different clients. 

The ability to route Internet traffic to certain computers or IP addresses based on ports, etc. It provides me with ease of use, allowing navigation without having to do too much networking. It is all in a user friendly location.

The product is very usable. I haven't had too many issues with it. It seems to always run and be easy to make changes to, as long as you know what you want to do. There is plenty of documentation online to how to do what you need to do.

It simplifies my job because I can make any changes all in one location. I can login at the user-friendly site versus trying to do it in a programming or networking level site.

There is always room to get better, which is why I gave the solution a nine out of 10.

The stability is great. I have only had one go out on me, and it was because of my issue. 

We have one IT person for deployment and maintenance.

It is very scalable. I don't see an issue with scaling. I could always add another system by buying a new box and adding the connection. It would be easy.

I would assume anybody connected to the Internet is using WatchGuard, because they are using their block sites, etc. Everybody in our company is using the Internet, which is around 60 to 70 people. However, the people who are really using it are the people that work at different remote locations and login either via the tunnel or VPN. That is roughly around 15 to 20 people who do data entry and processing.

We do not have plans to increase usage for a couple years.

The technical support was good. Last year, I had an issue with one of the Fireboxes going down. It was overheated, because my server room became overheated and this fried it. However, the technical support was excellent. They got me a Firebox out as soon as possible, which helped me resolve the problem, getting it back up and running. They were great.

I didn't do the setup.

The deployment took about a couple of days, because when we were initially setting it up, we didn't understand everything to do with IPs. Now that we've played with it over time, we understand what it's doing and how it's working. It is definitely easier and faster now, but the first time building it was at least a couple of days.

When we deploy the product to other locations, we usually just get a box. On it, we make a copy of another box, importing the information into the new box, then change the settings that need to connect to the IP address on the incoming box. After that, we just run out and change the ports over, then go. It's not hard at all.

We set it up ourselves.

The solution saves us about an hour a month.

Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing.

It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do.

We are not using the solution’s Cloud Visibility feature.

The primary use case is it is a firewall solution. One of the major selling points was that WatchGuard does adapt in real-time as new threats are discovered, and they push out fixes in real-time.

A lot of our servers have been migrated to the cloud, so it is really our primary solution right now.

One of the things that it has done is we have been able to start cutting down on extraneous web traffic. We make sure that our bandwidth is being used for business functions rather than for downloading or streaming media files.

It very much simplifies my job. Before we got the WatchGuard solution, I was doing everything on a per machine basis. All of the security, firewall, and port security had to be done on the front-end before anything could go out. This could take hours to days depending on the system being used, and then it would have to be in the IT department getting provisioned. Now, the provisioning goes more toward what types of software are needed. We have it completely unified across locations with a security standard through the WatchGuard systems due to the roles that we've set up for the organization. We just set the same roles in place, then we are able to ensure that everything is uniform across all locations.

Productivity, especially within the IT department, has increased due to the time that we used to spend on each machine can now be spent on the network level. This allows us to turn our attention to other tasks, such as creating in-house systems, so we can roll out changes faster and be more responsive to the needs of our business.

One of the most valuable features is the Geolocation. Because we aren't a multinational corporation, it allows me to look at things which might be suspicious to make sure that they are legitimate transactions rather than people sniffing around the network.

I have found the reporting and management to be pretty useful a lot of times. When the reporting did come up short, it was due to a configuration error on my part. Anytime that I've had to look up historical information, I found that everything I have needed has been there and it has allowed me to piece together what happened.

We do a lot of work with cloud-based and Internet-based vendors. A lot of times when we are on the phone with them, I find that it is a bit more technical than they are used to when we are trying to set up specific exceptions to the firewall. We ask for the ports that it's going to use or the block of addresses that they're going to be going from. A lot of times the only thing that they have for us is the web address that they want me to whitelist. Unless I'm missing that functionality, it seems like it is looking more for those technical data points, essentially. A lot of times, I'm running into a problem where there's a lack of give and take between WatchGuard and me. We get it figured out eventually, but it would just be nice if there was a way to say, "We just want to whitelist this address."

It is a very stable solution. 

Once we had it set up the way we wanted, it seemed to be running extremely well.

For deployment and management, it's just me along with the reselling group (POA).

We have not reached any scalability issues, so far. We have used it in clinics as small as a few practitioners and ones that have more than 30 providers. We have never experienced any issues with the product slowing down or failing in any way.

There are five different users, I'm the main power user of it, and I essentially set up the rule sets and work to ensure that the system is delivering what is needed. The other users are more of administrative users who are viewing the web traffic within their own departments.

So far, I haven't needed to go to the solution's technical support.

We were just using on system firewalls. We were getting to the point where we needed to consider a network-based solution of a physical firewall. WatchGuard came highly recommended from our consultants when we partnered with POA.

At first, I did the guided set up where I chose the rules of what to block and what not to block. That was fairly simple. There are a few things that I had to go in and change. That took me a little bit of time to figure out. Overall, it was pretty simple. 

When logging in and registering it, I did run into an issue where I had to spend about an hour reading to try and figure out why I couldn't activate it. I contacted my reseller and they helped me with it.

The deployment took about two and a half hours.

Implementation strategy was more about my bosses wanting to get in, then set it up afterward. It was more about let's get it in place, get it working, and then we'll lock things down as we need to.

We have hubs in multiple locations. Our strategy for implementing these was once the first one was installed in our main location, then we had the role set up the way we wanted it for the entire organization. We used that to order additional Fireboxes and took them to our other locations. Those were preloaded with the same role sets and put online.

We used Pacific Office Automation. We had a very good experience with them. With the few bumps in the road that we had following the setup, we called them. We let them know what was going on and they helped us resolve the issues quickly.

It saves a lot of time. On a weekly basis, without having to do a per machine basis, it probably saves me about three and a half to four hours a week.

I think we might be subscribed to one or two of the premium features.

We were evaluating a Cisco solution as well. 

Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us.

There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use.

With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there.

We are not using the solution's cloud visibility feature.

Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows.

I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done.

We use them for perimeter security and also to manage virtual LANs.

The main benefit for us is the ability to manage the VLANs. It allows us to monitor types of traffic and to actually review and determine what traffic we want to allow and deny. It also allows us to modify the categories of restrictions that need to be applied.

It has also simplified some of the processes that we have. For example, we were having some issues in identifying where most of our bandwidth was being used up, which devices and which users, and what they were using the bandwidth to do. Were they watching videos or were they looking at some other bandwidth-intensive site or application? We have been able to determine user behavior on the network.

We are quite happy with the Firebox. It really helps us with the ease of managing firewalls at other locations. It has really helped us save time by not having to go to other locations. We have devices at two smaller offices, where we don't have IT staff. It has allowed us to remotely manage and update the firewalls at those locations. It's saving us at least four hours a week.

I don't think it has helped improve productivity in terms of efficiency, but it has enabled us to improve the security of the network. We don't have to worry as much about where the users are going. And if a user was blocked, it will let us know why they were blocked, what category of trip was being blocked, or what policy it was blocked under. Even if our staff is going to a legitimate site, but the site is under a wrong category, it allows us to put that site on our exemption list to allow it.

It has also really helped us with our management and to monitor internet usage. Our department is just three people and it has made it very easy for us to manage.

• Two of the functionalities we use most are the traffic monitoring and the full panel dashboard. Those are two things that are very useful for us.
• It's very easy to use. The interface does not present a challenge for the user. It is a great device for small businesses with up to 500 users. It allows easy management of all devices from one central device and updates are very easy as well.
• The performance is also very good. The throughput is excellent. I've not had any issues with that so far.
• The reporting and management features are excellent. They're easy to navigate and very intuitive, and reports are easy to read.
• In addition, it provides us with layered security. It allows us to determine what types of access, to which networks, we want to allow or deny.
• We also like the site-to-site VPN that allows us to connect to and securely access devices at other locations.

I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not.

We have used WatchGuard Firebox for seven years.

The Firebox is very stable. We have not had a failure over the seven years we've used them.

In terms of scalability, we would need to add another device to the M300 that we have right now. I know there are models of Firebox that you can actually add hardware to, to get them scaled up and for additional portals. But the one that we have, in terms of subscription, is very scalable in terms of features, and it integrates with WatchGuard's central interface where it can update our firmware as the updates come out.

What we want to do is put in some more redundancy in our network access. We want to have a second Firebox at each location. We have two ISPs at each location, so instead of both ISPs going to one Firebox, we want to split the ISPs between the two Fireboxes and have load balancing through the internet on firewalls.

We have 100 employees at our head office, and we have 10 employees at our sub-offices. In terms of devices, we probably have about 150 devices, including printers and computers at our head office, and about 12 devices at each of our sub-offices.

We used the technical support once, when we had some issues with employees trying to access legitimate sites. That is when we learned about setting exemptions for certain sites. A company might be a travel site, for instance, but due to the amount of advertising they do, it might be flagged as an advertising site. To resolve that issue, when it's a legitimate site that does a lot of advertising, you can go to support for help in figuring that out, and also for help in putting necessary exemptions in place. 

The support was very professional. They were very patient, and they explained the issues and the solutions fully.

I don't have a lot of experience with other firewalls. There was a Cisco Certified office that I was exposed to before we moved to the WatchGuard Firebox. It felt like the WatchGuard was a lot easier to use, and easier to set up than the Certified Office device.

The primary reason that we went with Firebox was its cost. It is very economical and it provided us with all the security functions that we were looking for at the time. And the throughput was more than what we required, so it was a very cost-effective device to deploy on our network.

The initial setup of Firebox was straightforward. It was not complex.

For our deployment we configured all three access points at one location, our head office, and tested them in that one environment. Then, at the various offices, it was just a matter of changing the IP address. We had one technician go to one office and another technician go to the other office to install the Fireboxes and connect them to the network. As they were plugged in, they connected and it provided the service that we wanted from day one. We didn't have to do too many reconfigurations. The policies that come with it out-of-the-box provide adequate network protection, and we just had to put in special policies to allow various types of traffic, either both ways or one way, to various ports on the firewall. We didn't have many problems in getting them up and running at each office.

Deployment took one day at each location. Overall, we were able to prepare the Fireboxes and test them in less than a week. We prepared everything at one location, did the testing on the second day, and on the third and fourth days we went to the other two office locations to install them.

With the Firebox solutions we have had a lot more accessibility, in the network, to our third-party vendors and suppliers. Prior to that, we did not have a direct connection to those companies, but with the Firebox we were able to configure a DMZ, and that allowed us to apply the granular restrictions that we really wanted. It allowed us to reduce the number of devices that we have on one desk, at certain workstations. Instead of having the supplier's computer and our computer, we were able to use just one computer, and connect to the supplier.

Going with the Firebox is a no-brainer. It provides the necessary security, out-of-the-box, for your configuration of the policies. It's very easy to use and it also gives you a reporting dashboard that can be customized. It makes a lot of sense out of all the data. It's very easy to read. We use a 40-inch display in our office and have it connected to the Firebox so that we can see what's going on on the network. We can look at it and see how the traffic is going through it.

We are using WatchGuard Firebox for defense of our internal infrastructure.

I wouldn't say that Firebox has improved the way our organization functions, but rather that it protects our organization.

The solution identifies attacks on our services and, as a result, directs our attention precisely to the cause of the problem. As we are not actively watching the traffic ourselves and we completely rely on Firebox to alert us instead, the solution saves us about 30 hours per week.

The most valuable features are WatchGuard’s antivirus, traffic protection, and ease of configuration. I also appreciate their traffic analytics. 

After conducting several tests I found the antivirus is working very well. Additionally, they have a very interesting feature, DNS WatchGuard, which is checking DNS requests for phishing, among other things, and it has caught a lot of unwanted attempts and attacks.

Regarding the management features, the interface is user-friendly, and the instructions are well documented. There is a fast learning curve and everything is intuitive and understandable.

It also provides us with layered security. Firebox protects our traffic, as we have numerous Web Services that are external and which are a priority for us to defend. We don't use the rest as much.

I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure. Having said that, reporting features were not very important for us when selecting a solution. What was important were other types of functionality that WatchGuard Firebox was able to meet.

In addition to the reporting features, I would suggest they work on an SSL VPN gateway.

We have been working with WatchGuard Firebox for about one year. Initially we got an M200 model and then switched to an M470 in a cluster.

In terms of the stability, everything is perfect. We haven’t experienced any issues.

The solution scales intuitively and quickly with any internet, meaning the solution’s protocols support any internet configuration. The connectivity scales in any location.

We could scale it to several companies with up to 100 employees and up to 1 Gb of traffic.

I would rate WatchGuard's tech support at the highest mark of five out of five. I was very pleased with them. We were working with them on the software licensing and opened some tickets related to technical issues. In both cases, they resolved the issues promptly and without unnecessary back-and-forth, unlike when working with the support teams of other vendors.

Before Firebox we used a Sophos firewall. We switched because the WatchGuard firewall offers a broad set of features and parameters that were lacking in the Sophos firewall. Additionally, the WatchGuard solution was cheaper.

WatchGuard has a comprehensive antivirus system included in the firewall and that was important for us. Sophos’ antivirus features were weak, in comparison.

The initial setup was medium in terms of the difficulty of some aspects, such as initially understanding the logic of their security policies. It took several hours to acquaint myself and to fully understand things. The whole deployment took about three days.

We initially had an implementation strategy, but it was adapted according to the recommendations and specifications of WatchGuard.

In terms of the technical aspects, I am the only who works with this solution in our organization.

Initially, we purchased the Firebox just for us but, as of today, we have deployed it to two or three other companies. The client sent us project specs with necessary internet configurations for each device, as well as the physical locations. We replicated their infrastructure in our test environment, configured each device according to their specs, and shipped the device to them. The client then connected the device with a cable to the ports outlined in our instructions and everything worked the first time.

During the deployment we worked closely with WatchGuard’s tech support team and they were very speedy in their responses to us.

The price of the solution corresponds to the quality and the feature set offered. There are no additional costs to the standard licensing fees.

Before selecting WatchGuard Firebox, we evaluated the Cisco FirePOWER firewall and, in comparison, Firebox is much easier to use.

Also, WatchGuard’s solution, in terms of the cost-per-value ratio, is very balanced.

My advice would be to try this product.

As for the throughput, at this point it is hard for us to evaluate it because we don’t have heavy traffic, or at least we do not experience the traffic throughput specified for this model. Our inbound and outbound traffic is 1 Gb and the M470 handles it very well, not even stressing its components.

When it comes to the solution’s Cloud Visibility feature, they need to improve on the reporting. But in terms of the logs, it gives us very good visibility.

Overall, I would rate the solution a strong eight out of 10.

We have a web server on the optional network. Then, on the trusted side, we just run all our computers out through the Internet. We don't do anything too elaborate with it.

We do have some technicians and some design center salespeople who call in. This is best usage that we get out of the solution.

We don't host our website internally anymore. We used to host our website and it did help with that, getting everything set up. We have just recently removed that and gone to a third-party. But, that was something which was very useful, setting up our internal website and NATting IPs.

The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely.

We are able to limit where users can go, what they can do, and what they can access, so they are not wasting time doing things that they shouldn't be doing. It does help to save time, e.g., limiting Facebook. 

We are able to segment our FTP website off on the optional, setting up the rules specifically. There are certain outside IPS coming into our computers where we have different machines out there setup where technicians can remote in, etc. Being able to set those up to specific IPS, not just allowing full access, is probably our main use for setup.

The usability is good. I like it. I don't have any issues. Most everything that we have tried to set up for what we use it for is pretty straightforward and easy to use.

We have probably had it for the last 10 years. I have been here the entire time.

The stability is very good. We haven't had any issues with ports or anything else. Everything has been very good as far as the stability and issues.

The performance and throughput that the solution provides is good. We haven't had any issues as far as when we have connections and things going on. So, it's very good.

The stability is good as far as our use. I feel like we do have room. We have extra ports on it. We can set them up if we need to, but we don't need to use them. However, I feel we have room to expand and grow, if needed.

We have probably 75 users setup. Mostly, they are authenticating through to get out to the Internet. We do have some protections on it: virus stuff and different websites that users can and can't get to. We have groups setup for that. That is our main use from the inside with most of our users going out. Then, we have five or six users who remote into computers and other things.

There are not necessarily plans on expanding anything at the moment. We are pretty much set where we are. Usage is not too heavy, as it's mostly users getting in and out with us restricting what they can get to.

I have only had to call once or twice for anything in any of the time that we have had the solution. Most of the time, if I do have a question or something, I can hop onto the forum and there is an answer, then away we go. As far as my experience with the forum and just a few calls, it has been very good. We haven't had anything that has hung us up for a long time.

WatchGuard was pretty much our first solution like this. We did not use anything else before it.

The initial setup was straightforward. It walked through everything as far as the configuration. Everything that we needed was right there. So, I didn't have to search for anything. It was easy set up.

We went from a different version to this version. Even from that to this version, it was probably up and running within an hour.

I usually set it up.

We didn't consult anyone. We didn't really have an implementation strategy per se. We just set it up (like the old one), then went through and looked at some of the new features and things we might want to use.

I maintain it and and set up whatever needs to be set up. The other IT guys can come in and do stuff if I'm not here. Generally, it doesn't take too much time to get anything set up that we need.

It saves us a couple hours a week.

We don't have any other costs other than the licensing stuff.

We did look around at a few different things. We just kind of settled on WatchGuard. It seemed to have the features that we needed, so we went in that direction.

I'd give it a 10 (out of 10). I haven't had any issues. The few issues that we have had, such as not knowing where to go, they have been answered quickly. I am going to give it a 10 because of its easy to use. If we have a question, it's easy to get an answer. Also, it's very simple. For most of everything that we do, we have been able to do them pretty easily. We are very happy.

If we were to ever look at something else, I would look for something that has ease of use, simplicity, and ease of setup. That is what I like about this. Everything is pretty straightforward and easy to find. The interface being easy to use and find has been very helpful.

We don't use a lot of the logs. Generally, we don't need to. If we do need to go look at something or pull something up, the information is there in HostWatch or the logs. I have been happy with it.

We're not using the cloud.

I use it as my firewall. 

We are using it to filter our email.

It roadblocks most everything, as far as viruses and stuff like that, from getting into my network and does a good job of that.

If there is any conflict, the reporting feature will kick out all types of information, which is great.

The most valuable feature is if I need to control spam. I can control everything with it, anything coming in or out of my network. The controllability is phenomenal.

You can control how you want things to go in and out of it. So, it is great for that.

The software in it could be a bit more friendly for an amateur user. I look at it and don't understand what half the stuff is. Looking at the interface, it is all mumbo-jumbo to me. It's not a simple interface. You have to be an IT guy to understand it. It is not for your average person to use, then walk away from it. It is much more entailed. It could be a bit more user-friendly, but my IT guy knows what he's doing with it. I just let him do most everything.

They need to make it so you have a step-by-step guide which goes through and sets it all up for you. However, they don't have that. You have to know what you're doing with it.

It seems to be stable.

There are always updates for it. So, they are always improving it. We are always putting updates into it all the time. They do a good job of trying to keep up on everything.

I just have a consultant who comes in every so often to do deployment and maintenance.

I haven't seen any restrictions as far as the scalability is concerned, so it seems to be just fine.

All of our users are just office workers. 

Our IT guy talks highly of the technical support, saying that they are pretty knowledgeable. He never complains about them. 

I've had WatchGuard ever since I put my network together. All I've used is WatchGuard.

They were discontinuing support for the last one that I had. Therefore, I had to upgrade to the M200.

The initial setup is complicated. Unless you know what you're doing with it, you can make mistakes, which are really difficult to recoup from. You have to know what you are doing with it. Otherwise, you'll screw it all up.

It only took our IT guy probably an hour to set it all up, but he knows what he's doing with it. He works with them everyday.

I just used an integrator for the deployment, who was good. I have worked with him for years.

There is an additional cost for support on top of licensing. When I bought my new unit, I received additional time added to my support. 

I just went by what my IT guy recommended, so I didn't really evaluate any others because he's very knowledgeable on all of these type of things. I just went off of his recommendation.

The functionality of the unit is great. However, you have to be pretty knowledgeable on how to work with its interface.

I don't any plans to increase usage. The product is always on and always being used.

Intellectual Property protection for our and our clients' data.  We strategize for deployments of new products into Federal and State healthcare formularies.

I discovered the WatchGuard T-70 could still keep the data near the 1 gigahertz data speed, without compromise on the security perimeters being active simultaneously.  I got that information through my subscription with IT Central Station.  The WatchGuard T70 does not come with WiFi capabilities, offering flexibility for what WiFi devices you prefer.

Default set-ups found on the WatchGuard site and via YouTube are very helpful - the screen for set-up and adding additional features are lists with checkboxes.  Understand what you click before you do so.

The set-up and additional feature screens are old in design and very granular.  You have to know what you are doing.

Stable - However, you need to add APC/UPC battery back-ups to avoid power outages/surges that will mitigate your time for trouble-shooting post-power outage.

Yes, I had a positive experience with tech support.

I previously used FortiGate. I moved from the FortiGate brand on account of when you turn on all of the FortiGate capabilities (80-C & 90-D), the protection is active but your data speeds drop significantly.  We had a Verizon FiOS fiber optic true gigabit subscription.  I noticed data rate drops as our 3rd party support team also noticed.  Upon system review, the function of the reduced data speeds was the Fortigate capacity.  We were literally locking up where we couldn't communicate. So, I went with the WatchGuard XTM T-70.

Go to the WatchGuard site:

>enter the model and serial number of your device

>That loads the site automatically with the provisioning apps, firmware updates and other system checks relevant for that device

> The set-up is nearly automatic

> Once the firmware is updated, the device reboots

> Drill into the site for additional steps and additional software you can activate - you have to know what they are talking about to understand which checkboxes to click and why.

> You can reference the YouTube "JSCM" for extra support and background helps that go beyond the WatchGuard site. 

No vendor team and no "in-house" beside myself.  We are a company of under 30 people, I am an IT dept/System Engineering staff of 1.

I have far less ( 50-75%) less admin time trying to figure out why our system is so slow.  That's gone.  The admin screens are informative, especially the Dimension application, reducing your search time for the information you need to assess what your users and network are doing.

If you are experienced, I can recommend the T70 set-up with minimal support and reference.  Since I am relatively new as a systems engineer/IT design, I have had to reference a lot of online sources and hire an expert familiar with the WatchGuard line of products to help shorten my learning curve and get the system up and running quickly.

Yes - SonicWall, Baracuda and Dell.

When considering a solution like this:

> not only putting data security at the top of my list

> user convenience as the second consideration.

If there's anything extra that I have my users do, I have to really look seriously at those trade-offs.