WatchGuard Firebox Other Advice

IT Manager at a engineering company
Do your research. It's not impossible. Do things in a logical order and make sure you understand what you're doing and how you're going to do it. Once you understand it and get everything working the way you want, it does get very easy to use and work with from there. Once you get over the learning curve of how all the pieces work together, it's very easy, very user-friendly, very easy to update, and very easy to make changes and document those changes - all that good stuff. I tend to buy the hardware platform that's like one level above where we think we absolutely have to be at a minimum, so the performance has been adequate or good. I've yet to hit an issue where I feel the device is slowing us down or causing any issues because of the performance of the device, itself. We're usually limited more by our actual bandwidth. It's been great as far as our network and needs go. In terms of the extent to which we're using the product, six months ago when I renewed the second three-year term, the subscriptions had changed quite a bit from when I had my first three-year term. Now, I have a whole list of new subscription services or modules or layers that I have not started implementing. I got a couple of the new ones implemented, to get some of the benefit, when I first got this new device. But there are a few more I want to implement. One of them, is packet inspection, which is difficult because that can really bog down your device. I'd like to have Dimension control to get better reporting. There are a couple of other ones that I have not implemented because they're new for me and I just haven't had the time to work on them. Threat Detection and Response is one I'm interested in which I haven't time to implement yet. It involves me setting up a client in each one of my endpoints and it keeps track of unusual activity there. That's probably where I want to go next. Maybe even the Access Portal could be useful for me, to have a place for vendors or customers go to access things inside our network. We've gotten more features for our money because there's a new security package which wasn't available when I first subscribed, and that included pretty much everything. I had paid separately for APT, Advanced Persistent Threat protection, on my old subscription. To get that now, it was cheaper to bundle it with their total threat package. That included a lot of things like DNSWatch, which I did set up to look for malicious DNS access requests throughout my network. It gave me intelligent antivirus. I believe there's some kind of DLP module, which is one I haven't spent any time on. Network Discovery is another one I haven't spent time on that I need to work on. All of those came as new features with the new hardware and with that new subscription. The Threat Detection Response is definitely something I didn't have access to before. For sure, in this second three-year term, we got a lot more value for the money with what WatchGuard offered us. I would give WatchGuard an eight out of ten. There's a little bit of room for improvement but I'm very happy with WatchGuard. I think it's a good fit for me. I won't often give a ten, just on principle, unless I feel they deserve a 12. That's when I give a ten. I've definitely said positive things about WatchGuard to other people in the industry, people I talk to or know. I'm a promoter of WatchGuard, to be honest. I haven't seen anything I like better, but I haven't had a lot of experience with other devices. I've said good things to people on a regular basis, especially about WatchGuard's education, the emails and videos and other stuff they put out to try and help people, even when it's not related to WatchGuard products. View full review »
Joseph Jansen
IT Specialist at Art Students League
I wouldn't hesitate to implement this solution. Particularly if you're down to an IT staff of one, this is a really good solution. If you're that small and your IT staff is very limited, then you're probably lacking the onsite expertise to move to a more expensive solution anyway. I would strongly recommend it. We've got three people who sign in to WatchGuard, me and two others. Beyond that, everybody else is just an end-user. I'm the only full-time IT person we have on staff. We do have a vendor that we use for a lot of our engineering solutions and design. They spend about 12 hours a week on our network. As for increasing our usage of it, I don't know what all its capabilities are. I deal with problems all the time and I have to come up with solutions for them. I don't foresee any expanded use of WatchGuard. However, it may be that it can solve some of my problems much more simply than some of the other solutions I'm thinking about. But I don't really know how it could at this point, so I'm not seeing us using more of it than we are now. I would give WatchGuard a ten out of ten. It's simple, easily managed, and it has good tech support compared to other products out there. Because it is a full-functioning firewall, it does everything with full support. You're not buying a cheaper quality of firewall at all. It's full quality, fully functional and has good support. View full review »
Hiro Amano
IT Manager at Yamazen Inc
If you have a small IT staff and want an easy-to-set-up solution, I would one hundred percent recommend WatchGuard. If you have a very serious, big IT department and a big business, you might want to test out the throughput and the stability. In each of our ten remote offices, we have about ten to 15 people using it. At our corporate office we have 70 to 80 people. We require two people for deployment and one person for maintenance of the solution, including me, the IT manager and, our systems administrator. I would rate the solution at nine out of the. It's just missing that stability point. View full review »
Find out what your peers are saying about WatchGuard, Fortinet, pfSense and others in Firewalls. Updated: September 2019.
371,062 professionals have used our research since 2012.
Jon Leib
Information Technology Specialist at a healthcare company with 51-200 employees
Take a look at the needs of your business and how reactive you need to have your firewall solution be. One of the major selling points for our corporate board was: As new threats come up, WatchGuard is constantly taking the information coming in and looking for a solution, then pushing it out. That was one of the major selling points for us. The field that we're in takes security very seriously. We wanted to make sure that we were protecting our client's information. When it came down to it, that was a major selling point for us. There was a bit of a learning curve. Once I was in it for about a week or two, I found it simple and intuitive to use. With the throughput, the only issues that we found were at the very beginning, and that was due to a misconfiguration on my part. There hasn't been a noticeable change in slow down from the throughput the way that some firewall solutions might cause. Now, my end users don't even realize that it is there. We are not using the solution's cloud visibility feature. Right now, we are on the base usage. It's a firewall solution for us and we haven't really had the chance to dig into the advanced features that much. I plan to expand how we use it in the future, as time allows. I'm very happy with it so far. I need some more data points to really firm that up. However, at this time, what I'm basing the eight (out of 10) off of is the ease of use, the ease of setup, and its learning curve. Once you learn how to use the system, it is very well-organized. It does save us so much time. The drawbacks are just sometimes not having the technical information that we need in order to easily make connections with all of our Internet-based clients, but we can put the work in and still get it done. View full review »
IT Manager at Horizon Forest Products
It's worth it, depending on your current network environment. If you are in the same situation we were in, it's really a no-brainer going from the MPLS network to self-managing it with simple broadband internet. It works great. To be honest, you'd be crazy not to do it. The advantages of WatchGuard over MPLS are that it's cheaper and you have more control because it's self-managed. The only con is that it does require a little bit of maintenance that you wouldn't otherwise have to do, but it's minimal. In terms of distributed locations, we have a firewall at all of our locations. Once we got it set up we'd visit a branch, install it, test it, and implement it. As for maintenance, it requires just one person, a network administrator. We manage it ourselves and there's not a whole lot to it. View full review »
Richard Marcin
Sr. Systems Administrator at a individual & family service with 201-500 employees
I would definitely recommend using WatchGuard. I would also recommend taking one of the courses that goes through all the features of the device and the way it is organized. Every firewall vendor looks at things differently. If you don't understand the way WatchGuard is structured, you may make a strategic mistake in setting it up and you'll have to tear some of it down and redo which is true of any firewall. Leanr and use the tools Watchguard provides. I used to do everything in WatchGuard through their Web UI but I now use the System Manager software because it is very valuable. It provides a lot of features that I had not realized I was missing. The System Manager Server is able to store previous versions of the configuration, and to force people to enter comments regarding what they changed when they save one. Being able to compare the configurations side-by-side, and have it tell you the differences are great tools that you should know about if you're going to start implementing a WatchGuard. View full review »
Joseph Redmond
Woodworker at Creative Woodworking NW
If you can understand the way the firewall works, the logic of the firewall, it will serve you really well. It's a very stable, great product. I started with a T10. I ended up needing a more powerful version, so I bought the T30 about two years ago. I've been very happy with it. The usability is difficult but it's a complicated system. It's a professional solution. I wouldn't recommend it to my friends for their homes, but for business, I think it's a fantastic solution. I'm happy with the throughput on the T30. The T10 was definitely lacking. It was definitely slow. I would rate it a nine out of ten. The way to make it a ten would be to make it easier to use for a novice. View full review »
I.T. Manager at a construction company with 201-500 employees
Give Firebox a good, strong look. Give it a test run and I'm sure you'll be happy with it. We've always had it. Our opinion of it is that it flat-out works and we're very satisfied with it. I'm sure there are better ones out there for somebody who has more time to manage it. But if you're looking for something so that you don't need a dedicated staff to manage it, I'd say this is a pretty good one. I give it a nine out of ten. View full review »
John Giacco
Network Administrator at Peace Bridge
Leverage the website. They have a good knowledge base out there. If this was a green deployment, make sure that you understand how the policies work for VPN and matting. The throughput is adequate. It certainly handles what I pumped through it, which is about 150MB. I don't know how we would do on a big gigabit network, but for what I do, it works. I haven't seen any slow downs in throughput. I am not using the Cloud Visibility feature. View full review »
Rick Phillips
IT Manager at IDI Distributors Inc.
They're good machines. They're fairly easy to configure and they're stable. We mostly use the M400 at corporate and at our branch offices we use T35s, T30s, and XTM25s. In terms of additional usage, I'm looking at the management console and, possibly, the drag-and-drop VPNs. I would rate it at nine out of ten. The documentation makes it a little hard to find what I need sometimes. View full review »
Shaun Sheng
Technical Support at Dataworld Computer Center
Based on the reactions from people who I have implemented this solution for, some of them find it difficult to use before they get used to the interface. At the same time, if they later move to another product then they say that WatchGuard is simpler. I keep hearing that WatchGuard is quite marginal because it is not listed as a leader in the Gartner Magic Quadrant. It is listed under Visionary. For a firewall product, I do think that it's a leader. It doesn't cost a lot compared to Cisco, Palo Alto, or others. I think that WatchGuard is good enough. I would rate this product eight and a half out of ten. View full review »
John Rhines
Network Administrator at Advanced Software Designs
Rely on your vendor. For us, it's in use every day. it's 24/7. We're not using the solution's cloud visibility feature. That's something you have to pay for, and we haven't. I would love to, but there's a wireless piece and it's just too expensive. They have a wireless product that integrates perfectly with the WatchGuard appliance. But that's just not a reality for us because of the cost of those appliances. We would love to but just can't. In terms of users, we've got about 15 people worldwide. They do support, testing - all of them use remote access. And then we have our internal users as well. It keeps us safe internally and our remote users are able to work with a reliable connection. It's very reliable. I'm the only one who manages the firewall. If I need any help, there is a local vendor that helps me out as well. We're a small company but it's been great for us. I'm not that technical but I just know it works. WatchGuard is a ten out of ten for me, because of its reliability. View full review »
Prepress/Systems Manager at a printing company with 51-200 employees
Read up about it. Understand what each of the settings are doing and use the resources that you have to get the best knowledge before implementing. It's pretty simple to use. It's pretty simple to understand, and there's plenty of documentation. It does a pretty good job of what it is meant to do. We are not using the solution’s Cloud Visibility feature. View full review »
John Farmer
Manager/Senior Systems Administrator at a tech services company
Implement it. It's a great solution, which is easy to use. I can make changes on the fly without interrupting other services. Other providers would require you to do changes after hours, but you can do these during production hours. I would rate it a nine (out of 10). For a 10 (out of 10), it needs fine-tuning and small tweaks to be adjusted on the GUI interface. View full review »
Ryan Baskharoon
Operations Manager at DLL Technologies
If you want a robust firewall that has a great price point, this is the best way to go. View full review »
Owner at
The functionality of the unit is great. However, you have to be pretty knowledgeable on how to work with its interface. I don't any plans to increase usage. The product is always on and always being used. View full review »
COO/CTO at a pharma/biotech company with 11-50 employees
When considering a solution like this: > not only putting data security at the top of my list > user convenience as the second consideration. If there's anything extra that I have my users do, I have to really look seriously at those trade-offs. View full review »
Roman Laminin
Technical Consultant at Rainbow Security
It is a very reliable and very easy solution. I think it is the best solution in the world, judging by its price and quality. I would rate this solution a ten out of ten. View full review »
Chief Technology Officer at a tech services company with 11-50 employees
I rate it 10 out of 10 because it is easy to deploy and use, the best of breed in the UTM firewall concept, creating the best UTM secure platform ever. It's easy to use. View full review »
Find out what your peers are saying about WatchGuard, Fortinet, pfSense and others in Firewalls. Updated: September 2019.
371,062 professionals have used our research since 2012.
Sign Up with Email