WatchGuard Intrusion Prevention Service Review

Detect and prevent hacker attacks and has stable hardware and software


What is our primary use case?

Our primary use case of this solution is high tech intrusion prevention and detection in
Building Automation and Control Networks (BACnet).

How has it helped my organization?

I cannot really remember any hacker attack at our WatchGuard customers due to successful intrusion over years.

What is most valuable?

Just a few days ago one of our customers had a brute force attack detected and prevented and for us, it is very important that we get alarmed beforehand from the included feature WatchGuard Dimension. 

What needs improvement?

Integration of additional cloud services to be even more effective.

For how long have I used the solution?

I've been using the solution for almost 15 years now on public cloud as managed service provider and reseller.

What do I think about the stability of the solution?

The hardware is very, very stable. We've had no hardware defect in the past ten years. The software is also very stable. 

How are customer service and technical support?

The technical support is very good because when our customer has a problem, they are very dependent on the cloud services and on the WatchGuard as a gateway to the internet. So we are very, very much dependent on good support. This is really good.

If you previously used a different solution, which one did you use and why did you switch?

We used a dedicated solution but switch to WatchGuard because it is more comprehensive due to the Unified Threat Management (UTM) approach, where IPS is included and it focuses on our SMB customers.

How was the initial setup?

The initial setup was straightforward and, because we only need intrusion detection and prevention, we needed only about four hours to deploy it. We used a template, so it was very effective.

What's my experience with pricing, setup cost, and licensing?

The best is, that the Intrusion Detection and Prevention Module is included in Standard Security. Bu the solution has two suites, the Basic and the Total Security Suite with comprehensive and powerful UTM features. I only regret that one cannot buy single modules out of the Total Security Suite, and that makes it a bit expensive for some SMB customers. But WatchGuard offers a managed service license model for this cases, too.

What other advice do I have?

I have a request for a feature in the next version and that would be to not only have detection and prevention but also action, for example, to shut down the whole system over an application programming interface (api), for example that would be nice. My advice, however, is always to backup as often as you can. Because when it's a particle component, one has to have an effective backup strategy.

You cannot compare this solution to dedicated intrusion prevention systems like Proofpoint or other programs that act only for intrusion detection prevention. WatchGuard is a Unified Threat Management (UTM) system and it's for midsize market customers.

So in the future, I would like to see threat management and intrusion prevention in a single module. I rate this an eight out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email