WatchGuard Firebox Valuable Features

IT Manager at a engineering company
One of my favorite features is the Geolocation service, where you can actually block specific activity or IP addresses registered to certain countries. For example, I don't want any web traffic from Russia or North Korea. I may even lock down certain policies down to "I only want U.S. IP addresses." I find that very useful. That was not a feature that was initially there for us. It was something WatchGuard released after we bought our first device with them and it is one I am very happy with. I may want to only allow U.S. IPs onto a specific interface that I share files with, for security reasons, or I may know of a security issue in a particular country. I can just block that whole country for all my users. Or maybe I'm seeing a lot of malicious links coming out of South Korea, even, and I just say, "We don't go on a lot of websites there, let me just block that country completely," and if we do need to get on a website, I'll just make an exception. It improves security and helps block malicious links. There's a little bit of a learning curve in getting everything working. But once you understand how all the pieces work, and the fact that you're using physical hardware with a web interface alongside a piece of software installed on your computer, and you learn what to do in each location, it's very user-friendly. I like the management. There are some nice dashboards and other things to keep an eye on things. There are email alerts, once you get those configured. Once again, they're a little complicated to get set up, but once they work, they work well. Management is pretty easy. The version I'm on, 12.5, came out last week. I try to stay pretty current and they do add features and improve usability and functionality often. It's one thing I've been happy with. It's not like they say, "Here are the modules you bought with it four years ago and that's all you have." They're constantly adding, developing, improving. They've done a lot of work with their SD-WAN, which we do use, to have our old internet service with our new internet service. If anything goes down on a particular interface, I can have different rules applied. Most of my users don't even know when our primary internet goes down anymore. It does run slower on our backup, but they don't know the difference unless they're doing some kind of bandwidth-intensive function or streaming. I don't have to be here to do anything to switch it to our backup internet or to switch it back. They've developed that feature even more, to allow you to have different rules for different policies or different interfaces to behave differently, depending on what happens with either packet-loss or latency, with multiple internet sources. That is pretty helpful. View full review »
IT Manager at WTS Media (Wholesale Tape & Supply)
The basic firewall features, or just the routing, are the most valuable because that's how we configure our network. The second valuable feature would be the branch office. We have five offices throughout the United States, and it coordinates the connections of those offices. And the filtering features are okay. It layers security in the sense that it does isolate different networks. I have in-house web hosting and that's more of a DMZ-type thing sitting out in the open, so that it has to be isolated from our network. It has Gateway antivirus, which is important. It has Gateway spam protection, but I've never actually seen it do anything. That could be because our regular spam filters grab it before it gets a chance to. It's not a direct user-security thing. Another level of security is that I do keep our guest WiFi network separate from our main WiFi network. Even though WatchGuard doesn't manage our WiFi, it does play the traffic-cop between those two networks and keeps them separate. It's more IP-based routing security than anything else. View full review »
Joseph Jansen
IT Specialist at Art Students League
What I like most is the analytical side. It's pretty simple to understand when you want to do any diagnostics on your network. If you want to go in and see what packages are having trouble getting through, what's being held, stalled, etc., it's very easy to use in that way. In terms of the usability overall, it's pretty simple but, at the same time, it's pretty full-featured in terms of what it can do. We only use part of it, only because that's where we're at right now. But for a small network, for a small organization, especially, it's a complete solution to your firewall needs. It's relatively simple for me to get into and to work with when I need to; if I need to set up an ARP table or to create different reports. For a smaller network with lesser-trained IT people - if they're lucky, they've got one IT guy trying to do it all - it's an excellent size. Whether you've got a few machines or several hundred, it's pretty simple. View full review »
Find out what your peers are saying about WatchGuard, Fortinet, pfSense and others in Firewalls. Updated: January 2020.
389,978 professionals have used our research since 2012.
Network Administrator at a retailer
It's hard to pick one feature over another. But if I had to pick one, the UTM would be the most valuable because of the notification. I get notified via email if there is any type of threat detection or alert, telling me something is wrong. For me personally, because I'm Cisco-Certified, it was very easy to take this over. I think it's a lot easier to work with because it's a GUI and not a CLI. I cannot speak for other users or other administrators, but it's pretty simple. Based on our needs, the throughput is pretty solid. We haven't had any issues as far as the throughput is concerned. This particular box maxes out at 2 GBs and we only have 1 GB so we haven't had any latency. I manage it using the System Manager, based on the firewall access control that I have. I've been able to manage it and use it without any problems. View full review »
Hiro Amano
IT Manager at Yamazen Inc
The most valuable feature is the GUI, especially the real-time bandwidth usage report. Also, its integration with WiFi access points is nice. The product's usability is very good. We were using Cisco products before, and that was terrible. The difference is in integration. With Cisco we had to go into the command line to configure devices. With WatchGuard we can do everything from the GUI, so it's much easier to set up and to make sure everything is working the way we want. The throughput of the solution is good. It's also very good at reporting. I can see things graphically so I don't have to read through all the log text files. The solution provides our business with layered security. In terms of the attack vectors it secures, we have a firewall set up and it gives me reports. It also has an integrated web filtering solution. I can set up a website filter and it's all filtered in one place. I don't have to go to another solution. View full review »
Jon Leib
Information Technology Specialist at a healthcare company with 51-200 employees
One of the most valuable features is the Geolocation. Because we aren't a multinational corporation, it allows me to look at things which might be suspicious to make sure that they are legitimate transactions rather than people sniffing around the network. I have found the reporting and management to be pretty useful a lot of times. When the reporting did come up short, it was due to a configuration error on my part. Anytime that I've had to look up historical information, I found that everything I have needed has been there and it has allowed me to piece together what happened. View full review »
IT Manager at Horizon Forest Products
The firewall aspect and the branch office VPNs are the most valuable features. They just plain work. We don't have any issues with it. We don't have to spend a lot of time maintaining it. You set it up and, for the most part, you can forget about it. In terms of the usability: * It's user-friendly with an easy user interface. * It has a lot of features. The throughput the solution provides is good. In addition, WatchGuard provides our business with layered security. It certainly protects our network, blocks unwanted incoming traffic and, at the same time, can manage outbound traffic too. View full review »
Richard Marcin
Sr. Systems Administrator at a individual & family service with 201-500 employees
The Application Control and web blocker have been very valuable because they let me control the outgoing traffic of my users and keep them off of both productivity wasters and sources of vulnerabilities in my environment. I like the High Availability feature because it allows a firewall to fail while keeping the environment up and running. In terms of its usability, it's very straightforward to use, once you understand the way they look at a firewall and the design choices they made. The throughput the solution provides is excellent. I have not had any performance-related issues with any of the fireboxes I've used. I like their management features a lot. Their System Manager server as well the System Manager software make managing them, and tracking changes, very easy and complete. In terms of the reporting, I am just starting to look at the reports in Dimension and they look pretty well-organized and useful. View full review »
Joseph Redmond
Woodworker at Creative Woodworking NW
* Safety * Uptime The solution's reporting and management features are good. View full review »
I.T. Manager at a construction company with 201-500 employees
There are a lot of features I really like. One of them is that the interface is more intuitive for us. And the success rate has been very good for us. It's easier to use than a SonicWall. There's a learning curve with every firewall, but this one is a lot more intuitive than some of the other ones I've used. We've been very happy with the throughput and the performance the solution provides. The Dimension control, the one-spot reporting and control, has been nice. It's been easy to go in and make sure people are doing what they're supposed to be doing and that only the right stuff is getting in. It provides us with layered security. It's got a global map where you can block IP based on which country it's coming from. I haven't seen that on anything else. View full review »
John Giacco
Network Administrator at Peace Bridge
* HostWatch is a nice feature. * Logging * The central management piece of the system * The overview manager is good to have. * The GUI is somewhat easy to use. These features provide visibility on the network. When there is trouble, I like to see why I might be having trouble at the gateway level. HostWatch makes it so I can see, in real-time, activity in the event that there is something weird happening on the network. This simplifies my job. The product's usability is good. It is straightforward and simple. One of the benefits is that it is easy to navigate and intuitive. View full review »
IT Manager at a tech services company with 1-10 employees
Once it's set up, we don't have to touch it that much. We enjoy its usability very much. It's very easy to use, especially compared to similar products. A lot more users use the WatchGuard appliance now than use the SonicWall appliance because of the ease of usability. As long as you're using the correct model, since different models have different numbers of allowed tunnels, the throughput is enough. In terms of management features, we have a Dimension Server set up. It's nice to be able to see where people have gone to and when they have gone there. Overall, the solution makes it easier to manage on my side. Setting up new policies, new devices, and setting up tunnels to the current devices, is easier. The firewall secures the external perimeter. View full review »
Rick Phillips
IT Manager at IDI Distributors Inc.
The most valuable are the VPN and proxy features. We have all the sites we have to connect and that's how we do it. I've been using it for so long so I'm pretty used to it. But I think it's fairly simple to use and understand. It helps if you're an IT expert. There isn't much of a learning curve if someone has an understanding of connectivity and firewalling. If they don't, there is certainly a learning curve. The throughput is excellent. It's only limited to our bandwidth. We haven't had any trouble with throughput. The throughput of the firewall, in all cases, seems to be better than the bandwidth available. It's not the bottleneck. I don't use the reporting features a whole lot, but Dimension is pretty good. View full review »
Enterprise Architect at a health, wellness and fitness company with 10,001+ employees
* Intrusion Prevention is my primary focus so that's what I find most useful. The why is straightforward: It's to prevent intrusion. * The usability is pretty good. * The throughput of the solution is also pretty good. I think there is some throttling that occurs. * It provides me the layered security I need. View full review »
Shaun Sheng
Technical Support at Dataworld Computer Center
The most valuable feature is the Active Directory integration. WatchGuard is very easy to integrate with. The URL filtering is ok, but instead of filtering by IP addresses I usually set up filtering through Active Directory user profiles. I can import the users directly from Active Directory and create a space for a certain user or a certain group. This is something that is great because I have a lot of trouble setting this up with other products. I also liked a new feature, the WatchGuard TDR (Threat Detection and Response). This reports malware activity to the cloud. View full review »
John Rhines
Network Administrator at Advanced Software Designs
* We have firewall policies in place to keep safe from malware and we rely heavily on it for our secure VPN. * In terms of usability, the web interface is great. * The throughput is great. It's perfect. We have no issues whatsoever. * The management features are very powerful, although I don't use the reporting features at all. View full review »
Prepress/Systems Manager at a printing company with 51-200 employees
The VPN and tunnel between the two different clients. The ability to route Internet traffic to certain computers or IP addresses based on ports, etc. It provides me with ease of use, allowing navigation without having to do too much networking. It is all in a user friendly location. The product is very usable. I haven't had too many issues with it. It seems to always run and be easy to make changes to, as long as you know what you want to do. There is plenty of documentation online to how to do what you need to do. It simplifies my job because I can make any changes all in one location. I can login at the user-friendly site versus trying to do it in a programming or networking level site. View full review »
Ryan Baskharoon
Operations Manager at DLL Technologies
Here are just some of the valuable features: * WebGUI * Spam blocker * Website filtering * Internet security * Tech support is amazing. * Routing and setting up VLANs. These are just some; there are so many more to go over. Depending on the customer's budget, I would always recommend WatchGuard Firebox and their other security products. They have some of the best customer service in the industry. View full review »
Owner at
The most valuable feature is if I need to control spam. I can control everything with it, anything coming in or out of my network. The controllability is phenomenal. You can control how you want things to go in and out of it. So, it is great for that. View full review »
COO/CTO at a pharma/biotech company with 11-50 employees
Default set-ups found on the WatchGuard site and via YouTube are very helpful - the screen for set-up and adding additional features are lists with checkboxes. Understand what you click before you do so. View full review »
Roman Laminin
Technical Consultant at Rainbow Security
The most valuable feature for small and medium businesses is the support for various protocol proxies. Without any subscription, they can realize an IDS/IPS solution. View full review »
VP IT at a real estate/law firm with 51-200 employees
The most valuable feature is the ease of use of the interface. The usability is good. It's a firewall, it does its job and it does it well. The throughput also seems to be good. I don't have any issues with throughput. The management features are good. View full review »
Chief Technology Officer at a tech services company with 11-50 employees
WebBlocker, because it has the best URL category database ever. View full review »
Christian Watt
Engineer/Technician/Owner with 11-50 employees
The most valuable features of this solution are live logging, rule setup and maintenance, and VPN creation. View full review »
Find out what your peers are saying about WatchGuard, Fortinet, pfSense and others in Firewalls. Updated: January 2020.
389,978 professionals have used our research since 2012.