WatchGuard Firebox OverviewUNIXBusinessApplication

WatchGuard Firebox is the #3 ranked solution in our list of top Unified Threat Management (UTM) tools. It is most often compared to Fortinet FortiGate: WatchGuard Firebox vs Fortinet FortiGate

What is WatchGuard Firebox?

WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.

WatchGuard Firebox Buyer's Guide

Download the WatchGuard Firebox Buyer's Guide including reviews and more. Updated: September 2021

WatchGuard Firebox Customers

Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence

WatchGuard Firebox Video

Pricing Advice

What users are saying about WatchGuard Firebox pricing:
  • "I buy a three-year renewal on the main device, which is usually around $3,000 to $4,000. They usually upgrade the device when I do it. You get a big discount when you do three years."
  • "I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
  • "I usually tell people that it's really affordable as well, particularly compared to Cisco."
  • "The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand."
  • "The cost was somewhere in the vicinity of $2,000 to $3,000 for each one..."
  • "They license it. When we buy it, we buy it with a three-year license. That's the most cost-effective way to do it. So, if you're going to buy it, then buy it with the three-year licensing."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
JasonGiles
IT Manager at WTS Media (Wholesale Tape & Supply)
Real User
Top 20
Setup, and setting up the routing — normally very complicated processes — are intuitive

What is our primary use case?

It's our main firewall. We have over 120 hosts that flow through it.

Pros and Cons

  • "[A] valuable feature would be the branch office. We have five offices throughout the United States, and it coordinates the connections of those offices."
  • "In terms of the reporting and management features — and this isn't necessarily a WatchGuard issue, this seems to be more of an industry-wide issue — you get reports, but a lot of times you don't know what you're looking at. You're so overwhelmed with the data. You're getting a lot of stuff that doesn't matter, so it takes time to parse through it, to actually get what you want to know."

What other advice do I have?

Make sure you buy the device that fits your environment. Don't try to do too much with too little. You can buy one of the edge devices, and you could technically run a large network on it, but it's not going to work as smoothly. Your firewall is your primary point of security from outside intrusion so you want to do it right. Be very meticulous about your configuration. Straight-up, walking-to-the-console usability of the solution is not very user-friendly. It's not very intuitive. However, compared to other firewalls, it's very user-friendly. So it's more user-friendly than most, but it's…
Peter Galgano
Owner at a construction company with 51-200 employees
Real User
Top 10
Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders

What is our primary use case?

It's a perimeter device and I use it as a DNS server for my domain, but I'm not the typical user for this type of device. I'm a hobbyist when it comes to this type of product and I use it in a small office environment.

Pros and Cons

  • "The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
  • "I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."

What other advice do I have?

Use it. It's very unlikely that a perimeter device is going to be cracked unless you leave something really crazy open. Most consumers are going to have some sort of perimeter device involved with their internet delivery and they're going to have some sort of a reasonably clean plug, with some port forwarding for their outbound connections coming into their network. And then if they're geeks, they're going to set up a pfSense virtual machine or get a little ARM processor. I wanted to have a physical device at the network that I could just glare at. But you can set up a perimeter device with…
Learn what your peers think about WatchGuard Firebox. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
536,114 professionals have used our research since 2012.
Kelly Carlisle
Manager IT at a hospitality company with 501-1,000 employees
Real User
Top 20
Automated reports, generated regularly, enable me to see metrics showing what the box is doing

What is our primary use case?

WatchGuard Firebox is our edge firewall. Currently, we are using the M470 and we have used many models in the past.

Pros and Cons

  • "WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively."
  • "Regarding the reporting, I was in the Dimension server earlier today. It's very powerful. I like it. And the management features are easy to use. I like the fact that I can open up the System Manager client or I can just do it through the web if I'm making a quick change."
  • "Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."

What other advice do I have?

Invest in some Professional Services. Although you can absolutely pull it out of the box and deploy it — and we've done that before — it's always good to have somebody that you can ask about best practices and run a few scenarios by them. We ended up purchasing four Professional Services from our local reseller. It was good. Although they didn't really provide any answers, they were there to say, "Oh no, you're doing the right thing." It was more reassurance than anything. But I would definitely recommend springing for some Professional Services. That will make the whole process go a lot…
GT
Director of Information Technology at a retailer with 201-500 employees
Real User
Allows me to schedule rebooting of the wireless accent points on a regular basis, making it set-and-forget

What is our primary use case?

We have multiple sites. We're in the wine business. Our corporate office is where we have accounting and marketing. Our executives are based there as is IT, HR, and payroll. That's where we have the big M200. We have five wineries that we support. Each of the wineries has a WatchGuard on it and we connect them with the business office VPN. We share files across our VPN and we also authenticate our users. Not all of our sites have file servers so we use the business office VPN to get them authenticated onto their machines. We also use that to go out and work on their machines if they have… more »

Pros and Cons

  • "Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager."
  • "If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier."

What other advice do I have?

Take a good hard look at it. The interface is pretty easy to work with. The devices are consistently good. It has a lot of features and the boxes are hard-working. They just work. I recommend WatchGuard to people when I'm at industry trade shows when anybody asks me. I think it does provide me with layered security, but I don't spend a lot of time looking into that. It's just part of my total solution package. The value that I get out of it is consistent management. It's a good product. Whatever kind of additional security they provide to me is just a bonus.
Jason Markle
IT Director at a healthcare company with 1-10 employees
Real User
Top 20
I don't have to worry about malicious attacks or vulnerabilities in our facility

What is our primary use case?

We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.

Pros and Cons

  • "The policy monitoring and allowing different traffic flows are the most useful features for us; regulating which traffic comes in and out."
  • "I'm not really impressed with the reporting side of it. It may be something I just haven't figured out very well, but it's hard to filter down on reporting of the actual valuable information that you would want. There is a lot of information out there so you have to have some kind of tool capture it and then filter through. So far, I haven't found the reporting side of the WatchGuard to be that user-friendly."

What other advice do I have?

My advice would be go for it. We've not had any problem with it. We've been very pleased, especially with the newer WatchGuard we've put in place. It's very responsive. It works great. It may have a little bit of a curve on learning it, but once you learn it, it's hard to say you'd want to go back to something else. It took me a little bit to get used to WatchGuard. I was familiar with SonicWall before I moved into this role. But now that I've used it for almost seven years, I've gotten to know it pretty well and it works great. Once you get used to what I would call the idiosyncrasies of…
GH
Network Administrator at a retailer
Real User
Provides us with more secure site-to-site VPN, remote access ACLs, and client-to-VPN

What is our primary use case?

We have four locations and at every one of them we use WatchGuard. We use them as firewalls and for UTM. They provide protection in terms of detection and prevention. And we also use them for site-to-site VPN, as well as for direct connect, VPN to AWS, and to AWS using VLAN tagging.

Pros and Cons

  • "It's hard to pick one feature over another. But if I had to pick one, the UTM would be the most valuable because of the notification. I get notified via email if there is any type of threat detection or alert, telling me something is wrong."
  • "Websense is an application that monitors and filters internet traffic. Websense was derived from WatchGuard. But when you go to WatchGuard to actually implement that particular feature, you have to use some type of additional feature and you have to pay for it, unfortunately. I think it should be free or free in the WatchGuard box itself, as an option. It would be nice if they didn't charge us for that."

What other advice do I have?

Educate yourself. Read documentation and watch videos online. Since the administrators are going to use it, they should educate themselves on WatchGuard. Keep a cheap, old box for training. I train my administrators on an older box and I give them a network to train on. We have been attacked with ransomware in the past, and it was kind of disappointing because, when I talked to Cisco support they said that they recommended purchasing end-point protection with a ransomware interceptor, so we ended up getting Sophos. So alongside the WatchGuard, we have Sophos' ransomware interceptor and…
SR
President and Owner at Peak Communication Systems, Inc.
Reseller
Its stability and reliability help us save time and man-hours

What is our primary use case?

We use it in my company and for my clients as well. We sell Internet access, so we use them as a firewall to hopefully protect our clients. We work with one of our partners, who is a certified WatchGuard engineer, and have come up with a fairly good plan to get these completely fired up and working. That makes a huge difference. We're now up to the 7 Series. We've gone through WatchGuard 3 Series, 5 Series, and 6 Series. So, we've gone through several different versions over the years.

Pros and Cons

  • "It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."
  • "The pricing could be improved. It is definitely one of the more expensive products."

What other advice do I have?

It is a great piece of hardware. The learning curve for this solution depends on your background. If you have some technology background, implementing it will probably be okay. They have a WatchGuard academy. If you have no background at all, I wouldn't suggest you do it. In comparison, when you get trained with Cisco, there are several different classes to go through and each class is several hours long. I would rate it as a nine or nine point five out of 10.
Scott Morin
Owner / Sr. System Engineer at Midwest Technology Specialists LLC.
Real User
Top 20
Enables us to drop a lot of traffic and reduce a lot of load on otherwise poorly performing Internet connection

What is our primary use case?

Our primary use cases are for the firewall and for limited routing for small to medium-sized businesses.

Pros and Cons

  • "As a whole, it has a very low requirement for ongoing interaction. It's very self-sufficient. If properly patched, it has very high reliability. The total cost of ownership once deployed is very low."
  • "The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous."

What other advice do I have?

I would rate WatchGuard Firebox a ten out of ten.
See 21 more WatchGuard Firebox Reviews