WatchGuard Firebox Review

Provides the layered security I need but reporting and management features could be improved


What is our primary use case?

The primary use case is protection for my network from external access. We also use it for some VPN, but mostly it's for protection. It's mixed usage on about a dozen different connections, a dozen different workstations, and access points.

How has it helped my organization?

I don't really worry about individual workstation security as much, anymore. I can depend upon the firewall to control incoming viruses, incoming attacks, bad port usage.

It simplifies my job because I don't have to worry about it on a day-to-day basis, the way I otherwise would. I'm not checking and monitoring each workstation on a minute-by-minute basis. I can check what's going on with the firewall and see how it's being used and where, and if there are any things coming through the logs.

I've built my process around the WatchGuard. I can't say it has saved me time because it's become the defacto process. I don't have anything against which to compare it.

What is most valuable?

  • Intrusion Prevention is my primary focus so that's what I find most useful. The why is straightforward: It's to prevent intrusion.
  • The usability is pretty good. 
  • The throughput of the solution is also pretty good. I think there is some throttling that occurs.
  • It provides me the layered security I need.

What needs improvement?

There are some features I'd like to see, although they are not standard in any of the products in this class; for example, better monitoring.

I'd like to have better access to workstation monitoring, connection monitoring, and the amount of time an address is being used, to better gauge proper network utilization. If I knew that something was connected to a particular external location for an extended period that seems abnormal, I'd be able to act upon it. It comes down to overall monitoring and reporting for the class of services that I have.

The solution's reporting and management features, based on what I have, are fair. I'd like to see an easier way of managing, controlling, and viewing usage at an IP-address-based level.

For how long have I used the solution?

I've been using the solution for about five years.

What do I think about the stability of the solution?

It's very stable.

What do I think about the scalability of the solution?

WatchGuard's product line is very scalable, but this particular product is not.

How are customer service and technical support?

Technical support is pretty good. The online knowledge base is usually the best way to go. But I have had some telephone support as well.

If you previously used a different solution, which one did you use and why did you switch?

I had been using SonicWall for about ten years. I got a little frustrated with them at around the time that Dell purchased them. The WatchGuard UI is easier to manage and easier to work through. I ultimately became dissatisfied with the service and ongoing costs of the SonicWall devices.

How was the initial setup?

The initial setup was straightforward. They walked me through it. I have enough knowledge to be able to walk through the setup and then tweak it the way I need it. I was able to find anything that was unusual, pretty easily, on the web.

The initial deployment took under an hour. I've spent dozens of hours tweaking it over the years, but nothing out of the ordinary.

The implementation strategy was to set up something that allowed for VPN access, to grow VPN access, and that would protect my workstations against viruses and attacks, as well as my servers. The goal was to simplify everything with one box.

For deployment and maintenance, it's just one person who handles the network, and that is me.

What about the implementation team?

I did it myself.

What was our ROI?

I'm not sure I could establish a numerical return on investment. It's mostly peace of mind. I could probably do well with a lesser product, but I'm afraid a lesser product would provide significantly less protection.

What's my experience with pricing, setup cost, and licensing?

It costs me about $800 a year. There any no costs in addition to the standard licensing fees.

Which other solutions did I evaluate?

I looked at some Cisco products. I only upgraded to this latest T35 last year, from the previous WatchGuard item. I also looked at SonicWall and a couple of others.

What other advice do I have?

It's used extensively. Do I plan to increase usage? If I can get better reporting, perhaps. But it's fully deployed and static at this point.

I would rate WatchGuard a seven out of ten. A perfect ten would come from lower costs for small installations for the service licensing, and improved reporting. And maybe some better awareness of what it's capable of doing. It's hard to figure out what I could do. That's a big thing. It's hard to figure out what is possible. What am I not taking advantage of? I've tried to work with people on that, and that's the biggest thing.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email