WatchGuard Firebox Review

Productivity has increased because the time that we used to spend on each machine can now be spent on the network level


What is our primary use case?

The primary use case is it is a firewall solution. One of the major selling points was that WatchGuard does adapt in real-time as new threats are discovered, and they push out fixes in real-time.

A lot of our servers have been migrated to the cloud, so it is really our primary solution right now.

How has it helped my organization?

One of the things that it has done is we have been able to start cutting down on extraneous web traffic. We make sure that our bandwidth is being used for business functions rather than for downloading or streaming media files.

It very much simplifies my job. Before we got the WatchGuard solution, I was doing everything on a per machine basis. All of the security, firewall, and port security had to be done on the front-end before anything could go out. This could take hours to days depending on the system being used, and then it would have to be in the IT department getting provisioned. Now, the provisioning goes more toward what types of software are needed. We have it completely unified across locations with a security standard through the WatchGuard systems due to the roles that we've set up for the organization. We just set the same roles in place, then we are able to ensure that everything is uniform across all locations.

Productivity, especially within the IT department, has increased due to the time that we used to spend on each machine can now be spent on the network level. This allows us to turn our attention to other tasks, such as creating in-house systems, so we can roll out changes faster and be more responsive to the needs of our business.

What is most valuable?

One of the most valuable features is the Geolocation. Because we aren't a multinational corporation, it allows me to look at things which might be suspicious to make sure that they are legitimate transactions rather than people sniffing around the network.

I have found the reporting and management to be pretty useful a lot of times. When the reporting did come up short, it was due to a configuration error on my part. Anytime that I've had to look up historical information, I found that everything I have needed has been there and it has allowed me to piece together what happened.

What needs improvement?

We do a lot of work with cloud-based and Internet-based vendors. A lot of times when we are on the phone with them, I find that it is a bit more technical than they are used to when we are trying to set up specific exceptions to the firewall. We ask for the ports that it's going to use or the block of addresses that they're going to be going from. A lot of times the only thing that they have for us is the web address that they want me to whitelist. Unless I'm missing that functionality, it seems like it is looking more for those technical data points, essentially. A lot of times, I'm running into a problem where there's a lack of give and take between WatchGuard and me. We get it figured out eventually, but it would just be nice if there was a way to say, "We just want to whitelist this address."

For how long have I used the solution?

I have been using the solution for six and a half months now.

What do I think about the stability of the solution?

It is a very stable solution. 

Once we had it set up the way we wanted, it seemed to be running extremely well.

For deployment and management, it's just me along with the reselling group (POA).

What do I think about the scalability of the solution?

We have not reached any scalability issues, so far. We have used it in clinics as small as a few practitioners and ones that have more than 30 providers. We have never experienced any issues with the product slowing down or failing in any way.

There are five different users, I'm the main power user of it, and I essentially set up the rule sets and work to ensure that the system is delivering what is needed. The other users are more of administrative users who are viewing the web traffic within their own departments.

How are customer service and technical support?

So far, I haven't needed to go to the solution's technical support.

If you previously used a different solution, which one did you use and why did you switch?

We were just using on system firewalls. We were getting to the point where we needed to consider a network-based solution of a physical firewall. WatchGuard came highly recommended from our consultants when we partnered with POA.

How was the initial setup?

At first, I did the guided set up where I chose the rules of what to block and what not to block. That was fairly simple. There are a few things that I had to go in and change. That took me a little bit of time to figure out. Overall, it was pretty simple. 

When logging in and registering it, I did run into an issue where I had to spend about an hour reading to try and figure out why I couldn't activate it. I contacted my reseller and they helped me with it.

The deployment took about two and a half hours.

Implementation strategy was more about my bosses wanting to get in, then set it up afterward. It was more about let's get it in place, get it working, and then we'll lock things down as we need to.

We have hubs in multiple locations. Our strategy for implementing these was once the first one was installed in our main location, then we had the role set up the way we wanted it for the entire organization. We used that to order additional Fireboxes and took them to our other locations. Those were preloaded with the same role sets and put online.

What about the implementation team?

We used Pacific Office Automation. We had a very good experience with them. With the few bumps in the road that we had following the setup, we called them. We let them know what was going on and they helped us resolve the issues quickly.

What was our ROI?

It saves a lot of time. On a weekly basis, without having to do a per machine basis, it probably saves me about three and a half to four hours a week.

What's my experience with pricing, setup cost, and licensing?

I think we might be subscribed to one or two of the premium features.

Which other solutions did I evaluate?

We were evaluating a Cisco solution as well. 

What other advice do I have?

Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us.

There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use.

With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there.

We are not using the solution's cloud visibility feature.

Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows.

I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email