WatchGuard Firebox Review

Detailed reporting and Active Directory Integration make this solution easy to configure and use


What is our primary use case?

We are not currently using this solution. Rather, we are reselling, and I have implemented these systems.

The most recent one I implemented was an M200 model that was being used as a gateway firewall to control their internet usage, primarily for URL filtering.

How has it helped my organization?

The reports are detailed. Rather than showing the IP address for a query, such as "who is the most active internet user", it will show their name and the specific activities that he or she is browsing on the internet.

What is most valuable?

The most valuable feature is the Active Directory integration. WatchGuard is very easy to integrate with. The URL filtering is ok, but instead of filtering by IP addresses I usually set up filtering through Active Directory user profiles.

I can import the users directly from Active Directory and create a space for a certain user or a certain group. This is something that is great because I have a lot of trouble setting this up with other products.

I also liked a new feature, the WatchGuard TDR (Threat Detection and Response). This reports malware activity to the cloud.

What needs improvement?

This solution needs the option to add an external hard drive. The competitors have this. With WatchGuard, you have to get another server, set it up, and then point it to WatchGuard. That is where the logs will be stored.

Some find this tedious because they have to get another server, although I find it advantageous because there is no hard drive needed. It removes another point of failure. In any case, if the customer wants an external hard drive then it would give them the option.

I saw a feature in Cisco that was a historical trajectory of the files, or sets, moving in the network. I would like to see them include this feature in the next release of the TDR.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

So far, the solution is stable.

I have two customers who have experienced problems due to a storm. An electrical surge came through the internet line and caused damage to the port. This had nothing to do with the stability of the product itself.

What do I think about the scalability of the solution?

In terms of updates, it is one of the easiest firewalls to update. I just download the latest one and let it work until it reboots.

In the company where the M200 was implemented, they have fifty users.  

How are customer service and technical support?

Whenever I have a problem I contact the technical support and I normally have to wait at least a day for them to respond. I have opened approximately twenty tickets, and so far, all of them have been resolved.

If you previously used a different solution, which one did you use and why did you switch?

We used an older model of the WatchGuard solution, the T50 e-series, but we have replaced it. We received a discount on a bigger unit from Fortinet. However, we recently sold a WatchGuard M200 and I had the opportunity to use the product. Comparing what I see now to what it was before, there are a lot of good changes. Not so many in the GUI, so there is familiarity there, but I think that it is faster now.

My customer for this solution did not previously have a firewall. It was just an open internet router.

How was the initial setup?

The initial setup is very easy for somebody who knows the product, so I can't say that it is complex. For someone who is new to the product, of course, they would find it intimidating at first.

The deployment took three days, with the third day being the turnover. I had to train them on how to use it. The first two days were spent setting it up.

One IT person handles maintenance for the solution, just for secondary support.

What about the implementation team?

I took care of the deployment for our customer.

What's my experience with pricing, setup cost, and licensing?

The subscription that was purchased is for three years but it is usually for one year at a time. There are no costs in addition to the standard licensing fees.

Which other solutions did I evaluate?

My customer was looking into Sohpos, but because the budget was drained they opted for WatchGuard. It was a cheaper solution.

What other advice do I have?

Based on the reactions from people who I have implemented this solution for, some of them find it difficult to use before they get used to the interface. At the same time, if they later move to another product then they say that WatchGuard is simpler.

I keep hearing that WatchGuard is quite marginal because it is not listed as a leader in the Gartner Magic Quadrant. It is listed under Visionary. For a firewall product, I do think that it's a leader. It doesn't cost a lot compared to Cisco, Palo Alto, or others. I think that WatchGuard is good enough.

I would rate this product eight and a half out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Add a Comment
Guest
Sign Up with Email