WatchGuard Firebox Review

Compares signatures using its IPS and can block signatures automatically, simplifying my job

What is our primary use case?

The primary use case is for protection.

We are using the hardware model and have a couple of different ones.

How has it helped my organization?

It is a firewall, so it provides us great security. We do a penetration testing once a year, and we pass with flying colors due to the firewall.

The solution simplifies my job because I don't have to monitor it all the time. It is doing the job for me automatically. The Blocked Sites is a great tool where it automatically blocks stuff according to their intrusion prevention systems (IPS). It compares signatures and can block those signatures automatically, so I don't have to go through everything and do the blocking. It just automatically blocks it for me. The automation of it is awesome.

What is most valuable?

All its features are important: 

  • The UTM saves us a lot of time and protects us from hackers and attackers. 
  • The IDS protects us from stuff being installed internally.
  • I like the product's usability a lot. I highly recommend it.
  • The throughput over the performance that the solution provides is great. It provides what they say, so it matches the specifications.
  • We use WatchGuard Dimension, which I really like. It is nice because it keeps us up to date. The notifications are great.
  • The port scanning is great, because it allows us to block a whole bunch of stuff that I don’t have to monitor 24/7. 
  • The subscription services are great, like the antivirus and spam blocker. 
  • I really like the geolocation, because we can completely block out Russia, China, etc. I don't have to worry about allowing attackers from other countries coming in. That is a great feature.

What needs improvement?

I would like a deeper insight into their bandwidth monitoring.

The traffic management needs a bit more improvement.

For how long have I used the solution?

I have been using it for about six years.

What do I think about the stability of the solution?

It is very stable.

We can make modifications here and there, which is nice. One thing, I do like about it is that I can update things on the fly without having to worry about restarting the whole firewall or interrupting any other services.

What do I think about the scalability of the solution?

It is very scalable.

Everyone in our company is using the firewall. So, everyone goes through it, but they are not actually interfacing with it. I am the only one interfacing with it.

The product is fully implemented. We do not have plans to increase usage currently.

How are customer service and technical support?

The technical support is very good.

If you previously used a different solution, which one did you use and why did you switch?

We were using Juniper previously. WatchGuard’s interface was much easier to use and navigate.

How was the initial setup?

The initial was straightforward. We set it up and were able to get it up and running quickly.

The deployment took about 15 minutes. I just followed the instructions. They basically had it set up for us. If you followed the instructions, it worked.

WatchGuard has an online program where you can configure it locally, then upload your configuration to their website. Once that device in the remote site comes up, it will automatically download the settings and configure it for you automatically.

What about the implementation team?

We didn't use anybody else for the deployment. It was just our company, and I am the only person who does deployment and maintenance.

What was our ROI?

We have seen ROI. It has been just paying for itself for the last six years.

The solution saves us time. Per week, it probably saves us at least five hours.

What's my experience with pricing, setup cost, and licensing?

Our licensing costs are around $3000 on a yearly basis. It is just a licensing fee for the services, like the UTM services, and it includes support.

Which other solutions did I evaluate?

We also looked at SonicWall and Cisco.

What other advice do I have?

Implement it. It's a great solution, which is easy to use. I can make changes on the fly without interrupting other services. Other providers would require you to do changes after hours, but you can do these during production hours.

I would rate it a nine (out of 10). For a 10 (out of 10), it needs fine-tuning and small tweaks to be adjusted on the GUI interface.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Sign Up with Email