WatchGuard Firebox Reviews

We use this for our network, mainly for the configuration of rules, such as VPN connections, remote access connections, and application web filtering. I'm a security engineer and we are customers of WatchGuard.

This is a very flexible product without licensing limitations. They offer good classes through Gartner. 

Although this solution is better than others on the market, I'd like to see improvement in the visibility of network traffic. It feels that the web interface is missing some parts, particularly access and configuration. 

I've been using this solution for two years. 

The solution is stable. 

The solution is scalable.

We've never had to use the technical support. 

The initial setup is straightforward. 

I rate this solution eight out of 10. 

Our primary use cases for WatchGuard Firebox are routing and VPN, including the integrated firewall. We do not use the SSO system or any other router features.

WatchGuard Firebox was able to help our organization during the pandemic as we were obligated to work from home. We were working remotely, so the VPN feature of WatchGuard Firebox allowed remote work.

The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN.

The user interface for WatchGuard Firebox has room for improvement. Right now, it's a bit complex to work with and could be easier. I like Fortigate better because its user interface is nicer and easier to work with than WatchGuard Firebox, so improving the user interface would be great.

I've used WatchGuard Firebox for two to three years and still use it at work.

WatchGuard Firebox is a nine out of ten in terms of stability.

In terms of scalability, WatchGuard Firebox is an eight out of ten.

I didn't have to call the WatchGuard Firebox technical support team, but the support on the website is a six out of ten.

Neutral

The company used Fortinet before using WatchGuard Firebox, though I don't have information on which Fortinet product and why the company switched to WatchGuard Firebox.

I wasn't involved in the deployment of WatchGuard Firebox because I wasn't there when the company chose the product. I just learned to love it.

WatchGuard Firebox was great for remote working, but I have no information on its ROI.

I have no information on WatchGuard Firebox costs.

My company uses WatchGuard Firebox. There's a Watchguard router for the internet and three sites on WatchGuard.

I'm using WatchGuard Firebox M440.

The product is deployed on-site.

I can recommend WatchGuard Firebox to anyone looking into implementing it, but I cannot advise on how to implement the product for your network or environment.

My rating for WatchGuard Firebox is eight out of ten.

My primary use case is for my network security even when I am out of the office.

WatchGuard Firebox has improved our organization one hundred percent from before we started using it.

I have found the DNS Watch feature for intrusion and prevention response and APT Locker most valuable to me.

I would like to see more training become available for us. I would like to see the port conflicts improved.

I have been using WatchGuard Firebox for the past five years.

The stability is good.

There is excellent scalability and we are using it at full capacity.

The initial setup is quite complex and difficult, especially for first-time users. You need to go on the website and study it before you start using the policy manager. Once you start using the policy manager it becomes easier.

We used a third party and the deployment time takes less than ten minutes.

The return on investment is that it saves us a lot of time from intruders creating problems.

The licensing can be a one-time purchase unless you need the extra services for example twenty-four seven support.

I did try pfSense and FortiGate and decided WatchGuard Firebox was what I needed.

I would rate WatchGuard Firebox a nine on a scale of one to ten.

Actually, we do not use WatchGuard Firebox, we just sell and sometimes deploy and install it for the customer. We usually set up a few basic policies then give it to them to continue on.

The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser.

The other feature is the side to side VPN. We have a bank client and they use a WatchGuard device for their headquarters and other WatchGuard devices for their branches. Setting up those IP's and VPN's was quite easy because the relay was at the branch office where the VPN resides. So that was quite handy to set up.

In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing.

We have seen other products like Sophos, Checkpoint and Palo Alto that were much easier to set up their web built setting than it is with WatchGuard. So aside from all other features, including the VPN security policies, the only feature that is quite confusing is the web block feature.

They could make the web blocker much easier to set up.

In terms of scalability, they have models like the 5,000 series and 6,000 series. We have not reached that yet. We are only a small company and our customers are only small and medium businesses. So no enterprise companies yet. But I think if we need a bigger box, we would go with the 5,000 series.

Right now we're only at about 200 hundred users. Sometimes we are trying to push for the 300 series or 500 series, but not yet.

We require a staff of one or two for deployment and maintenance.

I think technical support is okay. When I log a case, they usually respond within a day. Then, if they need to do some things for the client, they are quite flexible and do it based on the client's schedule. So no problem with the support. They are good. So far all our issues we have raised, and we have large cases, have been resolved. So their tech support is quite good.

We switched because WatchGuard is cheaper. An old product that we previously sold was quite expensive, especially the security renewal after every year, but WatchGuard offered quite a competitive price and in a bundle that was much easier to understand. Cyberoam, for example, was quite complex to set up under licensing. Cyberoam was bought by Sophos. So we switched to WatchGuard for the price.

The main highlight is price. The client has quite a tight budget so we can offer much more with WatchGuard.

Setup was easy because the manual was there and it was quite easy to connect to a particular port. It's very understandable. Setup was very straightforward, nothing complex.

Deployment could take only a few minutes or up to an hour and we can already set up a few basic policies. But the thing that drags longer is teaching the client to use it and to set up their own security policies. Sometimes they don't have enough experience at setting up WatchGuard, it's still new to them. But maybe after a few hours of lectures from us they get it. We still continue to support them after initial set up, for example if if they want to set up a policy we can assist them with that.

I have seen a return on investment, especially for the client. They have less problems in the bandwidth because the users are not going to unnecessary sites. So productivity should be better. Clients would not be tempted to browse unnecessary sites, games, download movies, because there is a firewall with restrictions in the policies. So therefore, the users would be performing at their best.

The box costs 180,000. One third of the price of the box goes to the yearly renewal fee, around 50 or 60, for the basic. There is the advanced feature which is half of the box, but the basic is quite enough for most of our brand, which is why we have not used the TDR yet.

And the response comes free for the advanced features and advanced licensing.

The advice I would give to anyone considering WatchGuard Firebox is that it is a good product, despite what they say about it not being in the Gartner quadrant leaders. It performs well. It's fast. The only downside would be the web filtering side of things. If the client wants a good web filtering device, they have to go to another vendor, but just for Firewall IP and VPN, I think WatchGuard will be good.

I'm not saying that the web filtering for WatchGuard is really bad, just confusing. Some clients don't want to do something that's confusing for them, they prefer something easy, but if they can live with a little confusion, then it's okay. But it is good to have a good partner, someone like us, in case the client has a problem setting up their policies, especially in the web filtering, we can help.

Speaking on behalf of the client, I think they are okay with the solution. They are still continuing to use it past a year already, and they continue to renew. They are satisfied with its performance and what it is capable of doing.

On a scale of one to ten, I'll give WatchGuard Firebox an eight.

This device is for Unified Threat Management (UTM). Our primary uses for this solution are as a firewall, antivirus, anti-spyware, web-blocker, and APT blocker.

I can say that it has been defending our organization. There are from ten to one hundred attacks per day to our IT forum and our email server.

The most valuable feature for small and medium businesses is the support for various protocol proxies. Without any subscription, they can realize an IDS/IPS solution.

It would be wonderful if the WatchGuard team develops nice products for threat intelligence. They have a subscription service called DNSWatch, but this needs to be improved.

This product is very stable.

There is no problem with the scalability. If I need a more powerful appliance then I can buy it, but I can also use less powerful devices. Overall, scalability is ok with this solution.

We have about fifty people using this solution. There are two IT specialists, and all of the rest are salespeople, office support, etc.

The technical support is very good. I know only of one company whose tech support is better than WatchGuard's.

I have experience with Check Point UTM, and I find that this application has approximately the same functionality, but it is cheaper.

The initial setup is very easy. It is not complex.

For a small organization that has between fifty and one hundred users, the deployment can be done in perhaps fifteen minutes to three hours. Our deployment took approximately one hour.

Only one person is required for maintenance.

We handled the deployment ourselves.

I can see ROI within several months.

The cheapest configuration, for maybe five people, is approximately $500.

There are several other license steps that vary based on the number of security services that are included in the subscription.

We had considered several other solutions such as pfSense, MikroTik, and Fortinet. However, we became a WatchGuard distributor for the territory of the Russian Federation, so we are using only WatchGuard solutions.

It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality.

I would rate this solution a ten out of ten.

This was an upgrade from WatchGuard XTM 505. We have and are using many different WatchGuards between locations for (among other things) VPN between firewalls. We are using this Watchguard as an endpoint firewall at an office location.

• Efficient to setup, run, and maintain. Saving man hours and cost in the process.
• The client is easy to use and stable.
• Simple to backup settings.  
• Simple to move settings between WatchGuard boxes.
• The GUI is easy and intuitive.

Ease of setup. All WatchGuards are pretty much the same to setup and manage.
We experienced that WatchGuard is easy to setup regarding VPN compared to other firewalls of other brands.

Client-based administrative tool. Cloud-based central administration of all devices from one point would be nice (although there is always an added risk regarding this).

No.

No.

The few times we have contacted Watchguard. They reply promptly without delays.

We previously used Juniper and SonicWall.

Switched at the time because we had IT personnel working for us with WatchGuard expertise and preference.

The setup was straightforward with a simple GUI-based administrative tool.

Used in-house experience.

Not measured.

Very competitive pricing regarding throughput compared to other alternatives.

We evaluated between WatchGuard and what we already had at the time.

The Juniper that we had at the time, which was fine, was complete overkill for our needs, but when realised it was already sunk cost.

I mainly use Firebox for SSL, VPN, internet proxy, site-to-site tunnels, and intrusion protection.

Firebox's best feature is the access portal.

Firebox would be improved with integration for endpoint protection solutions.

I've been using Firebox for three years.

Firebox is generally stable, with only some glitches here and there, and its performance is okay.

Firebox is scalable.

WatchGuard's technical support is okay, but they could do more to push knowledge so the customer could solve their own problems.

Neutral

The initial setup was straightforward.

We used an in-house team.

Firebox is priced reasonably.

I would give Firebox a rating of seven out of ten.

I'm a system administrator and we have a partnership with WatchGuard. 

The solution has a useful traffic monitor. You can check if the packet in the unit works and analyze the proof quickly. It's very easy to use and provides good security. 

We've found that sometimes the solution is not easy to understand and we need to bring in some specialist assistance. 

I've been using this solution for two years. 

The solution is very stable.

We haven't needed to scale so I can't comment on that. 

The support is good but we've had some difficult situations because not everyone in support is good when it comes to specific problems such as VoIP. 

We previously used Cisco but there came a time when we needed to move to a more updated product. 

The solution is difficult to implement without a specialist, especially the first time. It requires an IT technician. It's become easier for us to deploy ourselves now that we've had some experience.

Licensing costs are very reasonable and paid annually. If you need additional options they can be bought separately.