To maintain the efficacy of the Firebox, it is crucial to renew the subscription to get security updates and additional support features. Ensuring the subscription is up-to-date is necessary for ongoing product support.
Chief Information Technology Officer / Head Emel at a government with 1-10 employees
Real User
Top 20
2024-08-22T06:36:37Z
Aug 22, 2024
The tool's most effective for managing threats revolves around the area of the reporting services it offers, which is cloud-based reporting, so we can get a lot of information from the services. I don't have much experience with other models, so I can't speak about WatchGuard Firebox's security. The good thing is that because it is easier to handle, and the company that supports us provides us with a lot of information, it is easier for us to operate the product. WatchGuard Firebox VPN features significantly enhance operations, making it easier during COVID-19, when many people work from home. There are very good features, I recall, whereby you can access office resources without requiring employees to come to the office. The tool did help us a lot during COVID-19. Our company has a data leakage prevention solution for our email. It is quite intuitive, but it's not WatchGuard Firebox. Whether I would recommend the product or not is something that depends since I work in a small company where the income is not too much. Other companies of similar sizes might find some similarities with our organization, so I can recommend WatchGuard Firebox to such users or businesses. Bigger or corporate users who have much more requirement settings or a large number of users should look for a different brand that can support the large numbers. I rate the overall tool an eight out of ten.
With WatchGuard Firebox, we have deployed IP as part of our security measures. Thanks to the additional layer of protection provided by the IPS, our clients and networks are more secure. Additionally, we benefit from a gateway antivirus and an intelligent antivirus that employs AI for enhanced protection. This intelligent antivirus scans all files and information flowing through the gateway. WatchGuard Firebox's threat detection and response capabilities are highly effective and fast. We've witnessed its efficiency firsthand during various events, such as DNS service attacks. It swiftly halts the attack and notifies you of the details promptly. The notification time usually doesn't take long, maybe around five minutes after the event. We have two shifts of engineers monitoring our NOC. They look at the devices, check alerts, and can take action based on the alerts received. We have one expert for tier one and another for tier two. You can have a powerhouse in a box with the best price on the market. WatchGuard Firebox offers the best price. We work with Cisco and other brands, but their firewall and UTM solution has the best price in the market. If you deploy a UTM, you deploy Firebox. For example, if you deploy another solution for EDR, you’re going to have two separate EDR solutions. You’re going to have a UTM disconnected from whatever you use from another brand. What ends up happening is that when you purchase all the security solutions from WatchGuard, you’re going to have all solutions combined in a single pane of glass. The learning curve and investment you make will be solid, with one solution that is easy to use, understandable, reasonably priced, and highly effective in security. Overall, I rate the solution a ten out of ten.
WatchGuard Firebox works well for network security, email protection, and phishing prevention. It is cost-efficient and offers features like EDR or XDR without being overly expensive. Overall, I would rate WatchGuard Firebox as a seven out of ten. It is a solid tool.
The solution has some specific rules that detect multiple traffic from the same IP address. It will generate a report and send it to the administration's account email address so that we can analyze it and give the correct feedback for us to take action. With the high competition in the market with AI, everything is done a lot faster, and all the companies are trying to lower the cost of their IT solutions. Companies that don't make the correct investments in their IT solutions face malware attacks and ransomware attacks. Every company needs security because any kind of disruption will be extremely costly for the company to get out of. The solution's VPN capabilities have greatly improved our remote work security. It was very easy to configure and use. It was a bit tricky to configure on the remote computer, but everything was okay. The solution's management interface eases the setup and ongoing maintenance of the solution. I did an update a couple of months ago, and it was very easy. I rate the solution's documentation a six out of ten. I would recommend WatchGuard Firebox to other users because it's a well-known company that has been in the market for quite some time. It might have some vulnerabilities, like every other product in the market. Once the vulnerability is detected, it quickly makes patches for the system. Overall, I rate the solution a nine out of ten.
The systems from WatchGuard are not properly working since I have seen that my company faces exploits in security when using WatchGuard Firebox. If you just plan to use WatchGuard Firebox in your office and not publicly, then it is okay to purchase it. With WatchGuard Firebox, you can manage your users and permissions while also taking care of the basic setup phase in your office. For systems open on the internet, you can use solutions bigger than WatchGuard Firebox that can provide you with more professional services. Since the tool's performance is not good, I rate the overall tool a two out of ten.
We don’t know much about what's happening in the traffic pattern. We will have the opportunity to configure everything. We can use the firewall for dynamic routing and various other tasks. However, despite its capabilities and offerings, there are still some limitations. WatchGuard doesn’t offer deep-level packet filtering or in-depth packet analysis for companies with numerous applications. WatchGuard is a good solution if you require a comprehensive analysis of your organization’s activities within your budget. Overall, I rate the solution a seven out of ten.
WatchGuard is not a widely known solution in my country. People here tend to use CheckPoint, Fortinet, and Palo Alto more. However, I believe WatchGuard is a good solution that more people should be aware of and consider. We are actively working to promote it in Angola. In fact, there might be more companies in our country that could benefit from using the WatchGuard solution. Overall, I would rate the solution an eight out of ten.
I give the solution a ten out of ten. The maintenance of a simple structure is easy. I recommend trying WatchGuard Firebox directly but keep in mind that the wireless devices can only be connected to the wireless network.
We use two people for the maintenance of the solution. I would recommend it and tell them to try it. It is a cost-effective, reliable solution. I rate WatchGuard Firebox a nine out of ten.
Ingénieur - Traitement des eaux /Mécanique de procédé at a pharma/biotech company with 5,001-10,000 employees
Real User
Top 20
2023-01-12T16:42:00Z
Jan 12, 2023
My company uses WatchGuard Firebox. There's a Watchguard router for the internet and three sites on WatchGuard. I'm using WatchGuard Firebox M440. The product is deployed on-site. I can recommend WatchGuard Firebox to anyone looking into implementing it, but I cannot advise on how to implement the product for your network or environment. My rating for WatchGuard Firebox is eight out of ten.
IT Network Administrator at a retailer with 501-1,000 employees
Real User
2022-12-14T08:28:08Z
Dec 14, 2022
I would recommend this product, but you need to make sure that you've got the technical capability to work with it because it can be quite complicated. Overall, I would rate this solution a seven out of 10, with one being poor and 10 being excellent.
Partner & Head of IT Strategy at a computer software company with 51-200 employees
Real User
2022-11-02T13:25:27Z
Nov 2, 2022
I would advise having a proper look at the features because there are a lot of different versions, scales, and limits on different Fireboxes. You have to decide in advance which one is good for you in terms of performance, future needs, and so on. You shouldn't have too many changes in your landscape. I would rate it an eight out of ten.
Information Systems Administrator at a logistics company with 51-200 employees
Real User
2022-09-01T21:52:09Z
Sep 1, 2022
You can purchase the solution without support, but I would strongly recommend the support. The support is great. I rate WatchGuard Firebox an eight out of ten.
The program requires maintenance, including updates, patching, and subscriptions. My advice to someone considering this project would be to look into Palo Alto instead. I would rate this solution as a one out of ten.
My advice for anybody who is implementing WatchGuard Firebox is to follow the guidelines and best practices that are available on the WatchGuard help center. I would rate this solution a nine out of ten.
Assistant Manager at a tech services company with 501-1,000 employees
Real User
2021-12-27T19:34:00Z
Dec 27, 2021
I rate this solution a 10 out of 10. When choosing a product, make sure you understand your organizations requirements. Whatever the product you choose should ultimately match with your organization's number of users plus maintenance costs.
IT Audit Group Head at a tech services company with 1,001-5,000 employees
Real User
2021-04-02T12:38:13Z
Apr 2, 2021
My advice for people that wants to implement the solution is that it is very good, you get value for money, and you will be well protected. Additionally, you should make sure the implementation is done correctly and the configuration is well defined. I rate WatchGuard Firebox a nine out of ten.
I.T. Co-ordinator at National Lotteries Control Board
Real User
2021-01-24T19:01:00Z
Jan 24, 2021
Going with the Firebox is a no-brainer. It provides the necessary security, out-of-the-box, for your configuration of the policies. It's very easy to use and it also gives you a reporting dashboard that can be customized. It makes a lot of sense out of all the data. It's very easy to read. We use a 40-inch display in our office and have it connected to the Firebox so that we can see what's going on on the network. We can look at it and see how the traffic is going through it.
Owner at a construction company with 51-200 employees
Real User
2020-12-17T09:13:00Z
Dec 17, 2020
Use it. It's very unlikely that a perimeter device is going to be cracked unless you leave something really crazy open. Most consumers are going to have some sort of perimeter device involved with their internet delivery and they're going to have some sort of a reasonably clean plug, with some port forwarding for their outbound connections coming into their network. And then if they're geeks, they're going to set up a pfSense virtual machine or get a little ARM processor. I wanted to have a physical device at the network that I could just glare at. But you can set up a perimeter device with hardware, pfSense, or virtual pfSense, in the back of a 20-year-old computer. As long as you're careful about how you set up your routing, it's as effective as anything. In terms of its throughput, we barely use it. All we're really doing is using it as a perimeter device and gateway. It's just fine. It's a tiny little thing. It has two interfaces plus the WAN interface. It's fine for what I do. I trust it being maintained. And until I got to the point of wanting to use it for domain monitoring, and traffic shaping or IDS-type of stuff, it really didn't require any processing power. It's competent for that. It's a firewall so it provides my business with layered security. But it's got additional options, many of which you have to pay for. My device is too low-powered to efficiently host any of that stuff. I'd probably have to upgrade hardware in order to do the layered security types of things, and I would probably have to pay a fairly expensive subscription. For the cost, if I got to the point where I was going to make a change, I would probably go to an open source tool, and suffer through that too, but get it to the point where I could do pretty much anything I wanted with it. I should be in a situation where I have somebody else maintaining this stuff and not doing it myself. If that was the case, I would use a device just like this. But if I'm still playing around with the nuts and bolts of IT management in my company, then I'm probably going to revert to an open source tool again. Firebox is 10 out of 10 at what it does. In terms of usefulness and reducing frustration, at my level, it's a three. It's not targeted for me, but it's good at what it does. Overall I would rate it at eight. I don't have a bad thing to say about the hardware and the software, for what it is. It's just frustrating for my particular use case.
My advice would be to try this product. As for the throughput, at this point it is hard for us to evaluate it because we don’t have heavy traffic, or at least we do not experience the traffic throughput specified for this model. Our inbound and outbound traffic is 1 Gb and the M470 handles it very well, not even stressing its components. When it comes to the solution’s Cloud Visibility feature, they need to improve on the reporting. But in terms of the logs, it gives us very good visibility. Overall, I would rate the solution a strong eight out of 10.
President and Owner at Peak Communication Systems, Inc.
Reseller
2020-08-02T08:16:00Z
Aug 2, 2020
It is a great piece of hardware. The learning curve for this solution depends on your background. If you have some technology background, implementing it will probably be okay. They have a WatchGuard academy. If you have no background at all, I wouldn't suggest you do it. In comparison, when you get trained with Cisco, there are several different classes to go through and each class is several hours long. I would rate it as a nine or nine point five out of 10.
WatchGuard is not the best. We already knew that, but it comes with most of the features we need. Although it's not the most user-friendly, we sacrificed that to keep the core features to increase our control while maintaining our budget. Honestly, there are no particular features of the WatchGuard that impressed me to say, "I must choose a WatchGuard." But when I needed several things to come together, then I really had no choice. I would rate WatchGuard Firebox at seven out of 10. It's good, it's better than a six, but from the management point of view, it has not totally satisfied my expectations so it's below an eight or nine.
Network Administrator at Niedersächsischer Turner-Bund e.V.
Real User
2020-06-25T10:53:00Z
Jun 25, 2020
Administration of Fireboxes is only a small part of my job. I have been the network administrator since 1997. While the solution does make less work, I still need a little time to monitor all solutions. I would rate this solution as a nine (out of 10).
VP at a healthcare company with 1,001-5,000 employees
Real User
2020-05-05T06:08:00Z
May 5, 2020
It works for us. In terms of simplifying any aspects of my job, there's nothing I can specifically say because I've used WatchGuard for so long that I don't have anything to compare it against.
Director of Information Technology at a recreational facilities/services company with 201-500 employees
Real User
2020-05-03T06:36:00Z
May 3, 2020
Take a good hard look at it. The interface is pretty easy to work with. The devices are consistently good. It has a lot of features and the boxes are hard-working. They just work. I recommend WatchGuard to people when I'm at industry trade shows when anybody asks me. I think it does provide me with layered security, but I don't spend a lot of time looking into that. It's just part of my total solution package. The value that I get out of it is consistent management. It's a good product. Whatever kind of additional security they provide to me is just a bonus.
Network Admin at a manufacturing company with 51-200 employees
Real User
2020-04-28T08:50:00Z
Apr 28, 2020
I can't say whether Firebox has saved me time. It's a firewall and it does its job. So whether it be WatchGuard, SonicWall, or anybody else, if it does its job and I don't have to look at it, I'm happy. I haven't really looked at a lot of the reporting features. I mainly go in there, figure out where people are having troubles, and fix their problems.
IT Director at a healthcare company with 51-200 employees
Real User
2020-04-08T06:36:00Z
Apr 8, 2020
My advice would be go for it. We've not had any problem with it. We've been very pleased, especially with the newer WatchGuard we've put in place. It's very responsive. It works great. It may have a little bit of a curve on learning it, but once you learn it, it's hard to say you'd want to go back to something else. It took me a little bit to get used to WatchGuard. I was familiar with SonicWall before I moved into this role. But now that I've used it for almost seven years, I've gotten to know it pretty well and it works great. Once you get used to what I would call the idiosyncrasies of WatchGuard, as opposed to the SonicWall, it's pretty easy to configure. Using the WatchGuard web UI also makes it a lot easier to configure. It provides us with somewhat layered security. It is the firewall between us and the outside world. With our subscription we do have the Gateway AV, so it does watch for things of that nature. We have certain policies in place that help with the layered part of it. But it's just one of many layers. We have other things in place to help, but it's definitely something I wouldn't want to do without.
Network Engineer at VANDERBURGH COUNTY WORK-RELEASE JOBS PROGRAM
Real User
2020-04-07T06:13:00Z
Apr 7, 2020
I would advise that you go with whatever you're more comfortable with. If you're more comfortable with Cisco, then go with Cisco. Firebox doesn't really save us time because whether you're going to configure a Cisco or you're going to configure a WatchGuard, you still have to configure something, no matter what it is. It is a little easier to configure WatchGuard though. It takes just one person in our organization to deploy and support it, and that's me. Overall, our environment has about 300 users.
Go ahead and implement it and don't think twice about it. We're not using the cloud visibility feature at this time. Maybe we will in the future. There are 75 users of our environment, in total. They range from mechanics to accountants to our COO and CEO. Everybody in the organization uses it.
Manager IT at a hospitality company with 501-1,000 employees
Real User
2020-03-30T07:58:00Z
Mar 30, 2020
Invest in some Professional Services. Although you can absolutely pull it out of the box and deploy it — and we've done that before — it's always good to have somebody that you can ask about best practices and run a few scenarios by them. We ended up purchasing four Professional Services from our local reseller. It was good. Although they didn't really provide any answers, they were there to say, "Oh no, you're doing the right thing." It was more reassurance than anything. But I would definitely recommend springing for some Professional Services. That will make the whole process go a lot easier. A small subset of my staff, maybe three or four people, is involved in deploying and maintaining the solution. They're all IT administrators.
I'd give it a 10 (out of 10). I haven't had any issues. The few issues that we have had, such as not knowing where to go, they have been answered quickly. I am going to give it a 10 because of its easy to use. If we have a question, it's easy to get an answer. Also, it's very simple. For most of everything that we do, we have been able to do them pretty easily. We are very happy. If we were to ever look at something else, I would look for something that has ease of use, simplicity, and ease of setup. That is what I like about this. Everything is pretty straightforward and easy to find. The interface being easy to use and find has been very helpful. We don't use a lot of the logs. Generally, we don't need to. If we do need to go look at something or pull something up, the information is there in HostWatch or the logs. I have been happy with it. We're not using the cloud.
Educate yourself. Read documentation and watch videos online. Since the administrators are going to use it, they should educate themselves on WatchGuard. Keep a cheap, old box for training. I train my administrators on an older box and I give them a network to train on. We have been attacked with ransomware in the past, and it was kind of disappointing because, when I talked to Cisco support they said that they recommended purchasing end-point protection with a ransomware interceptor, so we ended up getting Sophos. So alongside the WatchGuard, we have Sophos' ransomware interceptor and end-point protection. We use them, on top of the WatchGuard, as a secondary line of defense. It has been smooth sailing as far as the product itself is concerned. That's why we keep renewing it. We either renew it or we upgrade to the newest version if they have a special. We also use it for Hot Standby. It's been good.
IT Manager at a performing arts with 51-200 employees
Real User
2019-11-07T10:36:00Z
Nov 7, 2019
There are updates pretty regularly. There haven't been any big changes over the past few years. They've kept working, rather than taking steps backward or making things harder.
Enterprise Architect at a wellness & fitness company with 10,001+ employees
Real User
2019-10-03T07:51:00Z
Oct 3, 2019
It's used extensively. Do I plan to increase usage? If I can get better reporting, perhaps. But it's fully deployed and static at this point. I would rate WatchGuard a seven out of ten. A perfect ten would come from lower costs for small installations for the service licensing, and improved reporting. And maybe some better awareness of what it's capable of doing. It's hard to figure out what I could do. That's a big thing. It's hard to figure out what is possible. What am I not taking advantage of? I've tried to work with people on that, and that's the biggest thing.
IT Manager at WTS Media (Wholesale Tape & Supply)
Real User
2019-10-02T11:08:00Z
Oct 2, 2019
Make sure you buy the device that fits your environment. Don't try to do too much with too little. You can buy one of the edge devices, and you could technically run a large network on it, but it's not going to work as smoothly. Your firewall is your primary point of security from outside intrusion so you want to do it right. Be very meticulous about your configuration. Straight-up, walking-to-the-console usability of the solution is not very user-friendly. It's not very intuitive. However, compared to other firewalls, it's very user-friendly. So it's more user-friendly than most, but it's just not something anybody could walk up to and use. If I had to walk someone through it remotely, it wouldn't be very easy for them to do. Each upgrade of the device, and I've had about five of them — five main devices — has allowed an increase in bandwidth and performance. They tend to work fairly consistently, but as speeds have gotten faster, you've got to upgrade the device to keep up with it. They seem to be doing an adequate job at that. I have used the solution's Cloud Visibility feature. I wasn't really blown away. I thought, "Okay, that's neat." I haven't really dug into it deeply. I don't really think about it in the context of detecting and reacting to threats or other issues in our network. I like to be aware of threats, but threats in networking terms are always not practical. For a company like ours, we know there are going to be internet probes out there, and they're going to hit our network. The WatchGuard identifies them and locks them down. There's nothing I can do about it. It's more along the lines of, "For your information, there was an attempted attacked last night." What I'd rather have is internal threat assessment. I want to know: "This machine started doing something last night it wasn't supposed to do. It was sending out emails at two in the morning. It shouldn't be doing that." Since it's sitting here watching the network, I'm more concerned with internal threats, and people doing things they shouldn't be doing, than I'm worried about the external threats. I probably should be equally concerned about them but I've never found a really good solution on that. I have some customized things that I've done that try to send me alerts if certain behavior patterns are detected. I'm scanning through the logs, and if certain keywords pop up, then I'm alerted. That's been somewhat helpful, but most of the time I get more false positives than I get actual. We have web filtering, so I'm looking to see if anyone is going to pornographic or hacker or peer-to-peer sites. I get alerts from that and it logs those. But most of the time, I'll get hundreds of alerts on sites for a user, and I'll go over and find that the user was looking for fonts and one of the ads happened to be on a server that caused a trigger. It was a complete false positive but I don't know how to filter all that out. So the alert becomes useless. That may be an industry problem. I would rate WatchGuard at eight out ten. There is a need for improvements in the reporting. There needs to be more granular, built-in filtering in the reporting, so that you can drill it down to exactly the information you want. The second thing would be the cost-plan of renewals. They can have a security plan and they can have a renewal plan. But if you lapse and they charge a penalty on top of that, to me that's really unacceptable. I should be able to let a product lapse if I want to. It may not be a priority. It might be something I have in someone's home and then there's just a new feature I need to add. As I'm going down the road I should just be able to buy that when I want. To put in reinstatement fees is a big negative to me. Granted, they all do it, but they all shouldn't do it.
Leverage the website. They have a good knowledge base out there. If this was a green deployment, make sure that you understand how the policies work for VPN and matting. The throughput is adequate. It certainly handles what I pumped through it, which is about 150MB. I don't know how we would do on a big gigabit network, but for what I do, it works. I haven't seen any slow downs in throughput. I am not using the Cloud Visibility feature.
Network Administrator at ADVANCED SOFTWARE DESIGNS
Real User
2019-07-29T10:12:00Z
Jul 29, 2019
Rely on your vendor. For us, it's in use every day. it's 24/7. We're not using the solution's cloud visibility feature. That's something you have to pay for, and we haven't. I would love to, but there's a wireless piece and it's just too expensive. They have a wireless product that integrates perfectly with the WatchGuard appliance. But that's just not a reality for us because of the cost of those appliances. We would love to but just can't. In terms of users, we've got about 15 people worldwide. They do support, testing - all of them use remote access. And then we have our internal users as well. It keeps us safe internally and our remote users are able to work with a reliable connection. It's very reliable. I'm the only one who manages the firewall. If I need any help, there is a local vendor that helps me out as well. We're a small company but it's been great for us. I'm not that technical but I just know it works. WatchGuard is a ten out of ten for me, because of its reliability.
Prepress/Systems Manager at a printing company with 51-200 employees
Real User
2019-07-29T10:12:00Z
Jul 29, 2019
Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing. It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do. We are not using the solution’s Cloud Visibility feature.
Information Technology Specialist at a healthcare company with 51-200 employees
Real User
2019-07-28T07:35:00Z
Jul 28, 2019
Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us. There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use. With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there. We are not using the solution's cloud visibility feature. Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows. I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done.
IT Manager at a engineering company with 11-50 employees
Real User
2019-07-28T07:35:00Z
Jul 28, 2019
Do your research. It's not impossible. Do things in a logical order and make sure you understand what you're doing and how you're going to do it. Once you understand it and get everything working the way you want, it does get very easy to use and work with from there. Once you get over the learning curve of how all the pieces work together, it's very easy, very user-friendly, very easy to update, and very easy to make changes and document those changes - all that good stuff. I tend to buy the hardware platform that's like one level above where we think we absolutely have to be at a minimum, so the performance has been adequate or good. I've yet to hit an issue where I feel the device is slowing us down or causing any issues because of the performance of the device, itself. We're usually limited more by our actual bandwidth. It's been great as far as our network and needs go. In terms of the extent to which we're using the product, six months ago when I renewed the second three-year term, the subscriptions had changed quite a bit from when I had my first three-year term. Now, I have a whole list of new subscription services or modules or layers that I have not started implementing. I got a couple of the new ones implemented, to get some of the benefit, when I first got this new device. But there are a few more I want to implement. One of them, is packet inspection, which is difficult because that can really bog down your device. I'd like to have Dimension control to get better reporting. There are a couple of other ones that I have not implemented because they're new for me and I just haven't had the time to work on them. Threat Detection and Response is one I'm interested in which I haven't time to implement yet. It involves me setting up a client in each one of my endpoints and it keeps track of unusual activity there. That's probably where I want to go next. Maybe even the Access Portal could be useful for me, to have a place for vendors or customers go to access things inside our network. We've gotten more features for our money because there's a new security package which wasn't available when I first subscribed, and that included pretty much everything. I had paid separately for APT, Advanced Persistent Threat protection, on my old subscription. To get that now, it was cheaper to bundle it with their total threat package. That included a lot of things like DNSWatch, which I did set up to look for malicious DNS access requests throughout my network. It gave me intelligent antivirus. I believe there's some kind of DLP module, which is one I haven't spent any time on. Network Discovery is another one I haven't spent time on that I need to work on. All of those came as new features with the new hardware and with that new subscription. The Threat Detection Response is definitely something I didn't have access to before. For sure, in this second three-year term, we got a lot more value for the money with what WatchGuard offered us. I would give WatchGuard an eight out of ten. There's a little bit of room for improvement but I'm very happy with WatchGuard. I think it's a good fit for me. I won't often give a ten, just on principle, unless I feel they deserve a 12. That's when I give a ten. I've definitely said positive things about WatchGuard to other people in the industry, people I talk to or know. I'm a promoter of WatchGuard, to be honest. I haven't seen anything I like better, but I haven't had a lot of experience with other devices. I've said good things to people on a regular basis, especially about WatchGuard's education, the emails and videos and other stuff they put out to try and help people, even when it's not related to WatchGuard products.
The functionality of the unit is great. However, you have to be pretty knowledgeable on how to work with its interface. I don't any plans to increase usage. The product is always on and always being used.
If you can understand the way the firewall works, the logic of the firewall, it will serve you really well. It's a very stable, great product. I started with a T10. I ended up needing a more powerful version, so I bought the T30 about two years ago. I've been very happy with it. The usability is difficult but it's a complicated system. It's a professional solution. I wouldn't recommend it to my friends for their homes, but for business, I think it's a fantastic solution. I'm happy with the throughput on the T30. The T10 was definitely lacking. It was definitely slow. I would rate it a nine out of ten. The way to make it a ten would be to make it easier to use for a novice.
It's worth it, depending on your current network environment. If you are in the same situation we were in, it's really a no-brainer going from the MPLS network to self-managing it with simple broadband internet. It works great. To be honest, you'd be crazy not to do it. The advantages of WatchGuard over MPLS are that it's cheaper and you have more control because it's self-managed. The only con is that it does require a little bit of maintenance that you wouldn't otherwise have to do, but it's minimal. In terms of distributed locations, we have a firewall at all of our locations. Once we got it set up we'd visit a branch, install it, test it, and implement it. As for maintenance, it requires just one person, a network administrator. We manage it ourselves and there's not a whole lot to it.
I wouldn't hesitate to implement this solution. Particularly if you're down to an IT staff of one, this is a really good solution. If you're that small and your IT staff is very limited, then you're probably lacking the onsite expertise to move to a more expensive solution anyway. I would strongly recommend it. We've got three people who sign in to WatchGuard, me and two others. Beyond that, everybody else is just an end-user. I'm the only full-time IT person we have on staff. We do have a vendor that we use for a lot of our engineering solutions and design. They spend about 12 hours a week on our network. As for increasing our usage of it, I don't know what all its capabilities are. I deal with problems all the time and I have to come up with solutions for them. I don't foresee any expanded use of WatchGuard. However, it may be that it can solve some of my problems much more simply than some of the other solutions I'm thinking about. But I don't really know how it could at this point, so I'm not seeing us using more of it than we are now. I would give WatchGuard a ten out of ten. It's simple, easily managed, and it has good tech support compared to other products out there. Because it is a full-functioning firewall, it does everything with full support. You're not buying a cheaper quality of firewall at all. It's full quality, fully functional and has good support.
They're good machines. They're fairly easy to configure and they're stable. We mostly use the M400 at corporate and at our branch offices we use T35s, T30s, and XTM25s. In terms of additional usage, I'm looking at the management console and, possibly, the drag-and-drop VPNs. I would rate it at nine out of ten. The documentation makes it a little hard to find what I need sometimes.
Sr. Systems Administrator at a individual & family service with 201-500 employees
Real User
2019-05-26T06:53:00Z
May 26, 2019
I would definitely recommend using WatchGuard. I would also recommend taking one of the courses that goes through all the features of the device and the way it is organized. Every firewall vendor looks at things differently. If you don't understand the way WatchGuard is structured, you may make a strategic mistake in setting it up and you'll have to tear some of it down and redo which is true of any firewall. Leanr and use the tools Watchguard provides. I used to do everything in WatchGuard through their Web UI but I now use the System Manager software because it is very valuable. It provides a lot of features that I had not realized I was missing. The System Manager Server is able to store previous versions of the configuration, and to force people to enter comments regarding what they changed when they save one. Being able to compare the configurations side-by-side, and have it tell you the differences are great tools that you should know about if you're going to start implementing a WatchGuard.
I.T. Manager at a construction company with 201-500 employees
Real User
2019-05-26T06:53:00Z
May 26, 2019
Give Firebox a good, strong look. Give it a test run and I'm sure you'll be happy with it. We've always had it. Our opinion of it is that it flat-out works and we're very satisfied with it. I'm sure there are better ones out there for somebody who has more time to manage it. But if you're looking for something so that you don't need a dedicated staff to manage it, I'd say this is a pretty good one. I give it a nine out of ten.
It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality. I would rate this solution a ten out of ten.
Technical Support at a tech vendor with 11-50 employees
Real User
2019-05-16T16:17:00Z
May 16, 2019
Based on the reactions from people who I have implemented this solution for, some of them find it difficult to use before they get used to the interface. At the same time, if they later move to another product then they say that WatchGuard is simpler. I keep hearing that WatchGuard is quite marginal because it is not listed as a leader in the Gartner Magic Quadrant. It is listed under Visionary. For a firewall product, I do think that it's a leader. It doesn't cost a lot compared to Cisco, Palo Alto, or others. I think that WatchGuard is good enough. I would rate this product eight and a half out of ten.
If you have a small IT staff and want an easy-to-set-up solution, I would one hundred percent recommend WatchGuard. If you have a very serious, big IT department and a big business, you might want to test out the throughput and the stability. In each of our ten remote offices, we have about ten to 15 people using it. At our corporate office we have 70 to 80 people. We require two people for deployment and one person for maintenance of the solution, including me, the IT manager and, our systems administrator. I would rate the solution at nine out of the. It's just missing that stability point.
COO/CTO at a pharma/biotech company with 11-50 employees
Real User
2018-10-04T17:27:00Z
Oct 4, 2018
When considering a solution like this: > not only putting data security at the top of my list > user convenience as the second consideration. If there's anything extra that I have my users do, I have to really look seriously at those trade-offs.
WatchGuard Firebox is a versatile security solution primarily used for security purposes such as firewalling, VPN, and protecting networks from outside and inside threats. It is also used for routing, multi-factor authentication, vulnerability management, and segregating industrial networks from corporate networks.
The product is praised for scalability, stability, user-friendliness, reasonable pricing, and good technical support. Some users use it for web filtering and hosting web...
To maintain the efficacy of the Firebox, it is crucial to renew the subscription to get security updates and additional support features. Ensuring the subscription is up-to-date is necessary for ongoing product support.
The tool's most effective for managing threats revolves around the area of the reporting services it offers, which is cloud-based reporting, so we can get a lot of information from the services. I don't have much experience with other models, so I can't speak about WatchGuard Firebox's security. The good thing is that because it is easier to handle, and the company that supports us provides us with a lot of information, it is easier for us to operate the product. WatchGuard Firebox VPN features significantly enhance operations, making it easier during COVID-19, when many people work from home. There are very good features, I recall, whereby you can access office resources without requiring employees to come to the office. The tool did help us a lot during COVID-19. Our company has a data leakage prevention solution for our email. It is quite intuitive, but it's not WatchGuard Firebox. Whether I would recommend the product or not is something that depends since I work in a small company where the income is not too much. Other companies of similar sizes might find some similarities with our organization, so I can recommend WatchGuard Firebox to such users or businesses. Bigger or corporate users who have much more requirement settings or a large number of users should look for a different brand that can support the large numbers. I rate the overall tool an eight out of ten.
With WatchGuard Firebox, we have deployed IP as part of our security measures. Thanks to the additional layer of protection provided by the IPS, our clients and networks are more secure. Additionally, we benefit from a gateway antivirus and an intelligent antivirus that employs AI for enhanced protection. This intelligent antivirus scans all files and information flowing through the gateway. WatchGuard Firebox's threat detection and response capabilities are highly effective and fast. We've witnessed its efficiency firsthand during various events, such as DNS service attacks. It swiftly halts the attack and notifies you of the details promptly. The notification time usually doesn't take long, maybe around five minutes after the event. We have two shifts of engineers monitoring our NOC. They look at the devices, check alerts, and can take action based on the alerts received. We have one expert for tier one and another for tier two. You can have a powerhouse in a box with the best price on the market. WatchGuard Firebox offers the best price. We work with Cisco and other brands, but their firewall and UTM solution has the best price in the market. If you deploy a UTM, you deploy Firebox. For example, if you deploy another solution for EDR, you’re going to have two separate EDR solutions. You’re going to have a UTM disconnected from whatever you use from another brand. What ends up happening is that when you purchase all the security solutions from WatchGuard, you’re going to have all solutions combined in a single pane of glass. The learning curve and investment you make will be solid, with one solution that is easy to use, understandable, reasonably priced, and highly effective in security. Overall, I rate the solution a ten out of ten.
WatchGuard Firebox works well for network security, email protection, and phishing prevention. It is cost-efficient and offers features like EDR or XDR without being overly expensive. Overall, I would rate WatchGuard Firebox as a seven out of ten. It is a solid tool.
The solution has some specific rules that detect multiple traffic from the same IP address. It will generate a report and send it to the administration's account email address so that we can analyze it and give the correct feedback for us to take action. With the high competition in the market with AI, everything is done a lot faster, and all the companies are trying to lower the cost of their IT solutions. Companies that don't make the correct investments in their IT solutions face malware attacks and ransomware attacks. Every company needs security because any kind of disruption will be extremely costly for the company to get out of. The solution's VPN capabilities have greatly improved our remote work security. It was very easy to configure and use. It was a bit tricky to configure on the remote computer, but everything was okay. The solution's management interface eases the setup and ongoing maintenance of the solution. I did an update a couple of months ago, and it was very easy. I rate the solution's documentation a six out of ten. I would recommend WatchGuard Firebox to other users because it's a well-known company that has been in the market for quite some time. It might have some vulnerabilities, like every other product in the market. Once the vulnerability is detected, it quickly makes patches for the system. Overall, I rate the solution a nine out of ten.
Overall, I would rate it eight out of ten.
The systems from WatchGuard are not properly working since I have seen that my company faces exploits in security when using WatchGuard Firebox. If you just plan to use WatchGuard Firebox in your office and not publicly, then it is okay to purchase it. With WatchGuard Firebox, you can manage your users and permissions while also taking care of the basic setup phase in your office. For systems open on the internet, you can use solutions bigger than WatchGuard Firebox that can provide you with more professional services. Since the tool's performance is not good, I rate the overall tool a two out of ten.
We don’t know much about what's happening in the traffic pattern. We will have the opportunity to configure everything. We can use the firewall for dynamic routing and various other tasks. However, despite its capabilities and offerings, there are still some limitations. WatchGuard doesn’t offer deep-level packet filtering or in-depth packet analysis for companies with numerous applications. WatchGuard is a good solution if you require a comprehensive analysis of your organization’s activities within your budget. Overall, I rate the solution a seven out of ten.
WatchGuard is not a widely known solution in my country. People here tend to use CheckPoint, Fortinet, and Palo Alto more. However, I believe WatchGuard is a good solution that more people should be aware of and consider. We are actively working to promote it in Angola. In fact, there might be more companies in our country that could benefit from using the WatchGuard solution. Overall, I would rate the solution an eight out of ten.
I rate the solution as an eight. It offers more variable license bundles and has high availability than the other products.
I rate this solution eight out of 10.
I give the solution a ten out of ten. The maintenance of a simple structure is easy. I recommend trying WatchGuard Firebox directly but keep in mind that the wireless devices can only be connected to the wireless network.
We use two people for the maintenance of the solution. I would recommend it and tell them to try it. It is a cost-effective, reliable solution. I rate WatchGuard Firebox a nine out of ten.
My company uses WatchGuard Firebox. There's a Watchguard router for the internet and three sites on WatchGuard. I'm using WatchGuard Firebox M440. The product is deployed on-site. I can recommend WatchGuard Firebox to anyone looking into implementing it, but I cannot advise on how to implement the product for your network or environment. My rating for WatchGuard Firebox is eight out of ten.
I would recommend this product, but you need to make sure that you've got the technical capability to work with it because it can be quite complicated. Overall, I would rate this solution a seven out of 10, with one being poor and 10 being excellent.
I would rate WatchGuard Firebox a nine on a scale of one to ten.
I would advise having a proper look at the features because there are a lot of different versions, scales, and limits on different Fireboxes. You have to decide in advance which one is good for you in terms of performance, future needs, and so on. You shouldn't have too many changes in your landscape. I would rate it an eight out of ten.
You can purchase the solution without support, but I would strongly recommend the support. The support is great. I rate WatchGuard Firebox an eight out of ten.
I would give Firebox a rating of seven out of ten.
The program requires maintenance, including updates, patching, and subscriptions. My advice to someone considering this project would be to look into Palo Alto instead. I would rate this solution as a one out of ten.
I rate WatchGuard Firebox an eight out of ten.
I would give this solution a rating of eight out of ten.
My advice for anybody who is implementing WatchGuard Firebox is to follow the guidelines and best practices that are available on the WatchGuard help center. I would rate this solution a nine out of ten.
I rate this solution a 10 out of 10. When choosing a product, make sure you understand your organizations requirements. Whatever the product you choose should ultimately match with your organization's number of users plus maintenance costs.
I rate WatchGuard Firebox an eight out of ten.
I would rate this solution a nine out of ten.
We are resellers. I'd rate the solution at a ten out of ten. It's a pretty fantastic solution overall.
My advice for people that wants to implement the solution is that it is very good, you get value for money, and you will be well protected. Additionally, you should make sure the implementation is done correctly and the configuration is well defined. I rate WatchGuard Firebox a nine out of ten.
Going with the Firebox is a no-brainer. It provides the necessary security, out-of-the-box, for your configuration of the policies. It's very easy to use and it also gives you a reporting dashboard that can be customized. It makes a lot of sense out of all the data. It's very easy to read. We use a 40-inch display in our office and have it connected to the Firebox so that we can see what's going on on the network. We can look at it and see how the traffic is going through it.
Use it. It's very unlikely that a perimeter device is going to be cracked unless you leave something really crazy open. Most consumers are going to have some sort of perimeter device involved with their internet delivery and they're going to have some sort of a reasonably clean plug, with some port forwarding for their outbound connections coming into their network. And then if they're geeks, they're going to set up a pfSense virtual machine or get a little ARM processor. I wanted to have a physical device at the network that I could just glare at. But you can set up a perimeter device with hardware, pfSense, or virtual pfSense, in the back of a 20-year-old computer. As long as you're careful about how you set up your routing, it's as effective as anything. In terms of its throughput, we barely use it. All we're really doing is using it as a perimeter device and gateway. It's just fine. It's a tiny little thing. It has two interfaces plus the WAN interface. It's fine for what I do. I trust it being maintained. And until I got to the point of wanting to use it for domain monitoring, and traffic shaping or IDS-type of stuff, it really didn't require any processing power. It's competent for that. It's a firewall so it provides my business with layered security. But it's got additional options, many of which you have to pay for. My device is too low-powered to efficiently host any of that stuff. I'd probably have to upgrade hardware in order to do the layered security types of things, and I would probably have to pay a fairly expensive subscription. For the cost, if I got to the point where I was going to make a change, I would probably go to an open source tool, and suffer through that too, but get it to the point where I could do pretty much anything I wanted with it. I should be in a situation where I have somebody else maintaining this stuff and not doing it myself. If that was the case, I would use a device just like this. But if I'm still playing around with the nuts and bolts of IT management in my company, then I'm probably going to revert to an open source tool again. Firebox is 10 out of 10 at what it does. In terms of usefulness and reducing frustration, at my level, it's a three. It's not targeted for me, but it's good at what it does. Overall I would rate it at eight. I don't have a bad thing to say about the hardware and the software, for what it is. It's just frustrating for my particular use case.
My advice would be to try this product. As for the throughput, at this point it is hard for us to evaluate it because we don’t have heavy traffic, or at least we do not experience the traffic throughput specified for this model. Our inbound and outbound traffic is 1 Gb and the M470 handles it very well, not even stressing its components. When it comes to the solution’s Cloud Visibility feature, they need to improve on the reporting. But in terms of the logs, it gives us very good visibility. Overall, I would rate the solution a strong eight out of 10.
It is a great piece of hardware. The learning curve for this solution depends on your background. If you have some technology background, implementing it will probably be okay. They have a WatchGuard academy. If you have no background at all, I wouldn't suggest you do it. In comparison, when you get trained with Cisco, there are several different classes to go through and each class is several hours long. I would rate it as a nine or nine point five out of 10.
WatchGuard is not the best. We already knew that, but it comes with most of the features we need. Although it's not the most user-friendly, we sacrificed that to keep the core features to increase our control while maintaining our budget. Honestly, there are no particular features of the WatchGuard that impressed me to say, "I must choose a WatchGuard." But when I needed several things to come together, then I really had no choice. I would rate WatchGuard Firebox at seven out of 10. It's good, it's better than a six, but from the management point of view, it has not totally satisfied my expectations so it's below an eight or nine.
I would rate WatchGuard Firebox a ten out of ten.
Administration of Fireboxes is only a small part of my job. I have been the network administrator since 1997. While the solution does make less work, I still need a little time to monitor all solutions. I would rate this solution as a nine (out of 10).
It works for us. In terms of simplifying any aspects of my job, there's nothing I can specifically say because I've used WatchGuard for so long that I don't have anything to compare it against.
Take a good hard look at it. The interface is pretty easy to work with. The devices are consistently good. It has a lot of features and the boxes are hard-working. They just work. I recommend WatchGuard to people when I'm at industry trade shows when anybody asks me. I think it does provide me with layered security, but I don't spend a lot of time looking into that. It's just part of my total solution package. The value that I get out of it is consistent management. It's a good product. Whatever kind of additional security they provide to me is just a bonus.
I can't say whether Firebox has saved me time. It's a firewall and it does its job. So whether it be WatchGuard, SonicWall, or anybody else, if it does its job and I don't have to look at it, I'm happy. I haven't really looked at a lot of the reporting features. I mainly go in there, figure out where people are having troubles, and fix their problems.
My advice would be go for it. We've not had any problem with it. We've been very pleased, especially with the newer WatchGuard we've put in place. It's very responsive. It works great. It may have a little bit of a curve on learning it, but once you learn it, it's hard to say you'd want to go back to something else. It took me a little bit to get used to WatchGuard. I was familiar with SonicWall before I moved into this role. But now that I've used it for almost seven years, I've gotten to know it pretty well and it works great. Once you get used to what I would call the idiosyncrasies of WatchGuard, as opposed to the SonicWall, it's pretty easy to configure. Using the WatchGuard web UI also makes it a lot easier to configure. It provides us with somewhat layered security. It is the firewall between us and the outside world. With our subscription we do have the Gateway AV, so it does watch for things of that nature. We have certain policies in place that help with the layered part of it. But it's just one of many layers. We have other things in place to help, but it's definitely something I wouldn't want to do without.
I would advise that you go with whatever you're more comfortable with. If you're more comfortable with Cisco, then go with Cisco. Firebox doesn't really save us time because whether you're going to configure a Cisco or you're going to configure a WatchGuard, you still have to configure something, no matter what it is. It is a little easier to configure WatchGuard though. It takes just one person in our organization to deploy and support it, and that's me. Overall, our environment has about 300 users.
Go ahead and implement it and don't think twice about it. We're not using the cloud visibility feature at this time. Maybe we will in the future. There are 75 users of our environment, in total. They range from mechanics to accountants to our COO and CEO. Everybody in the organization uses it.
Invest in some Professional Services. Although you can absolutely pull it out of the box and deploy it — and we've done that before — it's always good to have somebody that you can ask about best practices and run a few scenarios by them. We ended up purchasing four Professional Services from our local reseller. It was good. Although they didn't really provide any answers, they were there to say, "Oh no, you're doing the right thing." It was more reassurance than anything. But I would definitely recommend springing for some Professional Services. That will make the whole process go a lot easier. A small subset of my staff, maybe three or four people, is involved in deploying and maintaining the solution. They're all IT administrators.
I'd give it a 10 (out of 10). I haven't had any issues. The few issues that we have had, such as not knowing where to go, they have been answered quickly. I am going to give it a 10 because of its easy to use. If we have a question, it's easy to get an answer. Also, it's very simple. For most of everything that we do, we have been able to do them pretty easily. We are very happy. If we were to ever look at something else, I would look for something that has ease of use, simplicity, and ease of setup. That is what I like about this. Everything is pretty straightforward and easy to find. The interface being easy to use and find has been very helpful. We don't use a lot of the logs. Generally, we don't need to. If we do need to go look at something or pull something up, the information is there in HostWatch or the logs. I have been happy with it. We're not using the cloud.
Educate yourself. Read documentation and watch videos online. Since the administrators are going to use it, they should educate themselves on WatchGuard. Keep a cheap, old box for training. I train my administrators on an older box and I give them a network to train on. We have been attacked with ransomware in the past, and it was kind of disappointing because, when I talked to Cisco support they said that they recommended purchasing end-point protection with a ransomware interceptor, so we ended up getting Sophos. So alongside the WatchGuard, we have Sophos' ransomware interceptor and end-point protection. We use them, on top of the WatchGuard, as a secondary line of defense. It has been smooth sailing as far as the product itself is concerned. That's why we keep renewing it. We either renew it or we upgrade to the newest version if they have a special. We also use it for Hot Standby. It's been good.
It's just me who is responsible for deployment and maintenance of the solution.
There are updates pretty regularly. There haven't been any big changes over the past few years. They've kept working, rather than taking steps backward or making things harder.
It's used extensively. Do I plan to increase usage? If I can get better reporting, perhaps. But it's fully deployed and static at this point. I would rate WatchGuard a seven out of ten. A perfect ten would come from lower costs for small installations for the service licensing, and improved reporting. And maybe some better awareness of what it's capable of doing. It's hard to figure out what I could do. That's a big thing. It's hard to figure out what is possible. What am I not taking advantage of? I've tried to work with people on that, and that's the biggest thing.
Make sure you buy the device that fits your environment. Don't try to do too much with too little. You can buy one of the edge devices, and you could technically run a large network on it, but it's not going to work as smoothly. Your firewall is your primary point of security from outside intrusion so you want to do it right. Be very meticulous about your configuration. Straight-up, walking-to-the-console usability of the solution is not very user-friendly. It's not very intuitive. However, compared to other firewalls, it's very user-friendly. So it's more user-friendly than most, but it's just not something anybody could walk up to and use. If I had to walk someone through it remotely, it wouldn't be very easy for them to do. Each upgrade of the device, and I've had about five of them — five main devices — has allowed an increase in bandwidth and performance. They tend to work fairly consistently, but as speeds have gotten faster, you've got to upgrade the device to keep up with it. They seem to be doing an adequate job at that. I have used the solution's Cloud Visibility feature. I wasn't really blown away. I thought, "Okay, that's neat." I haven't really dug into it deeply. I don't really think about it in the context of detecting and reacting to threats or other issues in our network. I like to be aware of threats, but threats in networking terms are always not practical. For a company like ours, we know there are going to be internet probes out there, and they're going to hit our network. The WatchGuard identifies them and locks them down. There's nothing I can do about it. It's more along the lines of, "For your information, there was an attempted attacked last night." What I'd rather have is internal threat assessment. I want to know: "This machine started doing something last night it wasn't supposed to do. It was sending out emails at two in the morning. It shouldn't be doing that." Since it's sitting here watching the network, I'm more concerned with internal threats, and people doing things they shouldn't be doing, than I'm worried about the external threats. I probably should be equally concerned about them but I've never found a really good solution on that. I have some customized things that I've done that try to send me alerts if certain behavior patterns are detected. I'm scanning through the logs, and if certain keywords pop up, then I'm alerted. That's been somewhat helpful, but most of the time I get more false positives than I get actual. We have web filtering, so I'm looking to see if anyone is going to pornographic or hacker or peer-to-peer sites. I get alerts from that and it logs those. But most of the time, I'll get hundreds of alerts on sites for a user, and I'll go over and find that the user was looking for fonts and one of the ads happened to be on a server that caused a trigger. It was a complete false positive but I don't know how to filter all that out. So the alert becomes useless. That may be an industry problem. I would rate WatchGuard at eight out ten. There is a need for improvements in the reporting. There needs to be more granular, built-in filtering in the reporting, so that you can drill it down to exactly the information you want. The second thing would be the cost-plan of renewals. They can have a security plan and they can have a renewal plan. But if you lapse and they charge a penalty on top of that, to me that's really unacceptable. I should be able to let a product lapse if I want to. It may not be a priority. It might be something I have in someone's home and then there's just a new feature I need to add. As I'm going down the road I should just be able to buy that when I want. To put in reinstatement fees is a big negative to me. Granted, they all do it, but they all shouldn't do it.
Leverage the website. They have a good knowledge base out there. If this was a green deployment, make sure that you understand how the policies work for VPN and matting. The throughput is adequate. It certainly handles what I pumped through it, which is about 150MB. I don't know how we would do on a big gigabit network, but for what I do, it works. I haven't seen any slow downs in throughput. I am not using the Cloud Visibility feature.
Rely on your vendor. For us, it's in use every day. it's 24/7. We're not using the solution's cloud visibility feature. That's something you have to pay for, and we haven't. I would love to, but there's a wireless piece and it's just too expensive. They have a wireless product that integrates perfectly with the WatchGuard appliance. But that's just not a reality for us because of the cost of those appliances. We would love to but just can't. In terms of users, we've got about 15 people worldwide. They do support, testing - all of them use remote access. And then we have our internal users as well. It keeps us safe internally and our remote users are able to work with a reliable connection. It's very reliable. I'm the only one who manages the firewall. If I need any help, there is a local vendor that helps me out as well. We're a small company but it's been great for us. I'm not that technical but I just know it works. WatchGuard is a ten out of ten for me, because of its reliability.
Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing. It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do. We are not using the solution’s Cloud Visibility feature.
Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us. There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use. With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there. We are not using the solution's cloud visibility feature. Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows. I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done.
Do your research. It's not impossible. Do things in a logical order and make sure you understand what you're doing and how you're going to do it. Once you understand it and get everything working the way you want, it does get very easy to use and work with from there. Once you get over the learning curve of how all the pieces work together, it's very easy, very user-friendly, very easy to update, and very easy to make changes and document those changes - all that good stuff. I tend to buy the hardware platform that's like one level above where we think we absolutely have to be at a minimum, so the performance has been adequate or good. I've yet to hit an issue where I feel the device is slowing us down or causing any issues because of the performance of the device, itself. We're usually limited more by our actual bandwidth. It's been great as far as our network and needs go. In terms of the extent to which we're using the product, six months ago when I renewed the second three-year term, the subscriptions had changed quite a bit from when I had my first three-year term. Now, I have a whole list of new subscription services or modules or layers that I have not started implementing. I got a couple of the new ones implemented, to get some of the benefit, when I first got this new device. But there are a few more I want to implement. One of them, is packet inspection, which is difficult because that can really bog down your device. I'd like to have Dimension control to get better reporting. There are a couple of other ones that I have not implemented because they're new for me and I just haven't had the time to work on them. Threat Detection and Response is one I'm interested in which I haven't time to implement yet. It involves me setting up a client in each one of my endpoints and it keeps track of unusual activity there. That's probably where I want to go next. Maybe even the Access Portal could be useful for me, to have a place for vendors or customers go to access things inside our network. We've gotten more features for our money because there's a new security package which wasn't available when I first subscribed, and that included pretty much everything. I had paid separately for APT, Advanced Persistent Threat protection, on my old subscription. To get that now, it was cheaper to bundle it with their total threat package. That included a lot of things like DNSWatch, which I did set up to look for malicious DNS access requests throughout my network. It gave me intelligent antivirus. I believe there's some kind of DLP module, which is one I haven't spent any time on. Network Discovery is another one I haven't spent time on that I need to work on. All of those came as new features with the new hardware and with that new subscription. The Threat Detection Response is definitely something I didn't have access to before. For sure, in this second three-year term, we got a lot more value for the money with what WatchGuard offered us. I would give WatchGuard an eight out of ten. There's a little bit of room for improvement but I'm very happy with WatchGuard. I think it's a good fit for me. I won't often give a ten, just on principle, unless I feel they deserve a 12. That's when I give a ten. I've definitely said positive things about WatchGuard to other people in the industry, people I talk to or know. I'm a promoter of WatchGuard, to be honest. I haven't seen anything I like better, but I haven't had a lot of experience with other devices. I've said good things to people on a regular basis, especially about WatchGuard's education, the emails and videos and other stuff they put out to try and help people, even when it's not related to WatchGuard products.
The functionality of the unit is great. However, you have to be pretty knowledgeable on how to work with its interface. I don't any plans to increase usage. The product is always on and always being used.
If you can understand the way the firewall works, the logic of the firewall, it will serve you really well. It's a very stable, great product. I started with a T10. I ended up needing a more powerful version, so I bought the T30 about two years ago. I've been very happy with it. The usability is difficult but it's a complicated system. It's a professional solution. I wouldn't recommend it to my friends for their homes, but for business, I think it's a fantastic solution. I'm happy with the throughput on the T30. The T10 was definitely lacking. It was definitely slow. I would rate it a nine out of ten. The way to make it a ten would be to make it easier to use for a novice.
It's worth it, depending on your current network environment. If you are in the same situation we were in, it's really a no-brainer going from the MPLS network to self-managing it with simple broadband internet. It works great. To be honest, you'd be crazy not to do it. The advantages of WatchGuard over MPLS are that it's cheaper and you have more control because it's self-managed. The only con is that it does require a little bit of maintenance that you wouldn't otherwise have to do, but it's minimal. In terms of distributed locations, we have a firewall at all of our locations. Once we got it set up we'd visit a branch, install it, test it, and implement it. As for maintenance, it requires just one person, a network administrator. We manage it ourselves and there's not a whole lot to it.
I wouldn't hesitate to implement this solution. Particularly if you're down to an IT staff of one, this is a really good solution. If you're that small and your IT staff is very limited, then you're probably lacking the onsite expertise to move to a more expensive solution anyway. I would strongly recommend it. We've got three people who sign in to WatchGuard, me and two others. Beyond that, everybody else is just an end-user. I'm the only full-time IT person we have on staff. We do have a vendor that we use for a lot of our engineering solutions and design. They spend about 12 hours a week on our network. As for increasing our usage of it, I don't know what all its capabilities are. I deal with problems all the time and I have to come up with solutions for them. I don't foresee any expanded use of WatchGuard. However, it may be that it can solve some of my problems much more simply than some of the other solutions I'm thinking about. But I don't really know how it could at this point, so I'm not seeing us using more of it than we are now. I would give WatchGuard a ten out of ten. It's simple, easily managed, and it has good tech support compared to other products out there. Because it is a full-functioning firewall, it does everything with full support. You're not buying a cheaper quality of firewall at all. It's full quality, fully functional and has good support.
They're good machines. They're fairly easy to configure and they're stable. We mostly use the M400 at corporate and at our branch offices we use T35s, T30s, and XTM25s. In terms of additional usage, I'm looking at the management console and, possibly, the drag-and-drop VPNs. I would rate it at nine out of ten. The documentation makes it a little hard to find what I need sometimes.
I would definitely recommend using WatchGuard. I would also recommend taking one of the courses that goes through all the features of the device and the way it is organized. Every firewall vendor looks at things differently. If you don't understand the way WatchGuard is structured, you may make a strategic mistake in setting it up and you'll have to tear some of it down and redo which is true of any firewall. Leanr and use the tools Watchguard provides. I used to do everything in WatchGuard through their Web UI but I now use the System Manager software because it is very valuable. It provides a lot of features that I had not realized I was missing. The System Manager Server is able to store previous versions of the configuration, and to force people to enter comments regarding what they changed when they save one. Being able to compare the configurations side-by-side, and have it tell you the differences are great tools that you should know about if you're going to start implementing a WatchGuard.
Give Firebox a good, strong look. Give it a test run and I'm sure you'll be happy with it. We've always had it. Our opinion of it is that it flat-out works and we're very satisfied with it. I'm sure there are better ones out there for somebody who has more time to manage it. But if you're looking for something so that you don't need a dedicated staff to manage it, I'd say this is a pretty good one. I give it a nine out of ten.
It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality. I would rate this solution a ten out of ten.
Based on the reactions from people who I have implemented this solution for, some of them find it difficult to use before they get used to the interface. At the same time, if they later move to another product then they say that WatchGuard is simpler. I keep hearing that WatchGuard is quite marginal because it is not listed as a leader in the Gartner Magic Quadrant. It is listed under Visionary. For a firewall product, I do think that it's a leader. It doesn't cost a lot compared to Cisco, Palo Alto, or others. I think that WatchGuard is good enough. I would rate this product eight and a half out of ten.
If you have a small IT staff and want an easy-to-set-up solution, I would one hundred percent recommend WatchGuard. If you have a very serious, big IT department and a big business, you might want to test out the throughput and the stability. In each of our ten remote offices, we have about ten to 15 people using it. At our corporate office we have 70 to 80 people. We require two people for deployment and one person for maintenance of the solution, including me, the IT manager and, our systems administrator. I would rate the solution at nine out of the. It's just missing that stability point.
If you want a robust firewall that has a great price point, this is the best way to go.
When considering a solution like this: > not only putting data security at the top of my list > user convenience as the second consideration. If there's anything extra that I have my users do, I have to really look seriously at those trade-offs.