We just raised a $30M Series A: Read our story

WatchGuard XTM [EOL] OverviewUNIXBusinessApplication

What is WatchGuard XTM [EOL]?

Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.

Buyer's Guide

Download the Firewalls Buyer's Guide including reviews and more. Updated: September 2021

WatchGuard XTM [EOL] Customers

AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense

WatchGuard XTM [EOL] Video

Archived WatchGuard XTM [EOL] Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
VP
General Manager- IT & Automation - Serum at a pharma/biotech company with 501-1,000 employees
Real User
Protects from attack software and hacking but it doesn't provide the reports in a readable format

Pros and Cons

  • "WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."
  • "One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

What is our primary use case?

We use WatchGuard XTM as a privileged access management solution.

I used another product that was supposed to be a firewall but was the wrong kind of thing. I complained about that unstable product and we switched to WatchGuard, which has been good. It's a good product. 

How has it helped my organization?

The signature features of WatchGuard XTM are valuable. The product is also recommended for power firewall settings. Fireware is a good feature.

What is most valuable?

WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking. 

What needs improvement?

In my opinion, image clarity is very important, because I don't get the proper image product on reports. This means that functionality is not there.

My engineer does not know how he can replace an order. We attach a log after any kind of keys using a utility instead. 

For the internet policies that we are implementing, the policy should be based on proper protocols. We use the default policies and there are a number of third-party protocols that appear here.

Management with WatchGuard XTM means that out of policy is the problem from our side. In this way, we can not do effective services for people with this one. 

The policy definition with WatchGuard XTM is not proper for all use case requirements. 

I've got weekly business reports that I am expecting attachments with from WatchGuard XTM that display data for all kinds of consideration which should be required. 

Main User Functionality Level Order must adhere to using the admin functionality on the registry, or else our users publish their own name. 

Maybe these recommendations are irrelevant, but I say that the issue to improve most with WatchGuard XTM is the Main User Function.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

We haven't had any issues with scalability. 

What do I think about the scalability of the solution?

Scalability depends on a deeper number network and a different number of requirements. We are using a range of network addresses per person here, for the norm, and expecting to boost further without a problem. 

Currently, we have connected about fifteen hundred users with plans to increase the usage. We are expanding. Right now, there is no next product solution upgrade scheduled. 

Most of the competitors to WatchGuard XTM provide the same kind of setup.

How are customer service and technical support?

Technical support with WatchGuard XTM is handled by my team. 

How was the initial setup?

The setup is straightforward and not complex. WatchGuard XTM is very neat and simple. It took around three months to complete.

What about the implementation team?

We had a consultant for the deployment. One woman was here to assist us with implementation.

What's my experience with pricing, setup cost, and licensing?

This product is made well in the sense of prospective functionality, which may not arrange properly for report constitution, i.e. helping us to constitute reports. 

What we are looking for is reports on:

  • Which bandwidth users were getting registered on.
  • Which users received high instead of low bandwidth. 
  • Internet using functionally: what kind of person is using the internet. 
  • What kind of files they have downloaded.
  • The variety of web/mobile traffic devices used. 

I'm not sure of WatchGuard XTM has feature support for all of these. The support in these areas can be improved or needs to be better learned.

I would advise other users to pay attention to what kind of IT policy you are configuring. That kind of support is important when implementing WatchGuard XTM.

What other advice do I have?

One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. 

That functionality is what we are looking for from WatchGuard XTM here. It needs to have better functionality where you can see images in reports.

When I'm looking at the reports, which we are doing in the administrative job here, we are using other software. Changing the resolution, that makes a difference for us. 

There is much that cannot be understood in the combination file but that isn't an extension file or a software problem. It is a problem with WatchGuard XTM.

What I'm looking for here are solutions that make a difference, i.e. what will the solve the problems. WatchGuard XTM provides what I am looking for in different products. I would advise someone considering this solution to put the competitors in front of you for reference.

For my take on WatchGuard XTM as a solution, I can say on a scale of one to ten, ten being the best, I would give it a six.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AI
CEO at Aveata Limited
Real User
After installing the product, we achieved awareness of our data protection needs and email misuse

Pros and Cons

  • "After installing the product, we achieved awareness of our data protection needs and email misuse."
  • "I would like them to improve the product's overall protections. This would be good for all product users."

What is our primary use case?

It is for the protection of end users and data loss protection.

How has it helped my organization?

Previously, the data protection was just open. There was no data security nor data logs of data misuse. After installing the product, we achieved awareness of our data protection needs and email misuse.

What is most valuable?

  • Data loss protection
  • Spam protection
  • User email protection

What needs improvement?

I would like them to improve the product's overall protections. This would be good for all product users. E.g., let the user know of the next type of attack that is happening on the horizon. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is fine. We experience operating system issues, but these are not related to this specific product.

What do I think about the scalability of the solution?

The scalability is fine. We now have around 567 users utilizing this product, but the numbers of users is increasing.

How are customer service and technical support?

The technical support is fine.

Which solution did I use previously and why did I switch?

Before using WatchGuard, I used Sophos and Kaspersky.

How was the initial setup?

The initial setup was straightforward.

I took around 20 days to configure everything, phasing in all the features.

What about the implementation team?

We used the supplier and a local person for the deployment. Our experience with them was good.

What's my experience with pricing, setup cost, and licensing?

We do annual licensing.

Which other solutions did I evaluate?

I also did a PoC with Kaspersky and Bitdefender. We chose WatchGuard because of their great features.

What other advice do I have?

Do a PoC with three products, including WatchGuard, then chose WatchGuard.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about WatchGuard, Fortinet, Netgate and others in Firewalls. Updated: September 2021.
540,694 professionals have used our research since 2012.
CL
IT Manager at Concretemastersinc
Real User
Helps us limit bandwidth but needs to improve setting policies

Pros and Cons

  • "I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."
  • "The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

How has it helped my organization?

Since bandwidth is so expensive in my country being able to block sites that use a lot of bandwidth helps.

What is most valuable?

I like the HostWatch because I can see what traffic uses the most bandwidth and I can block that site.

What needs improvement?

The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic. 

In addition, easier setup policies should be provided for this solution. The administration of the product needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a very stable product. We never had problems with it.

What do I think about the scalability of the solution?

We do not have experience with the scalability of the solution.

Which solution did I use previously and why did I switch?

I previously used Check Point, which does have a better ability to monitor specific traffic.

What's my experience with pricing, setup cost, and licensing?

The licensing and renewal are very expensive.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
DD
Senior Support Engineer at Port-IT B.V.
Real User
The best features are the anti-virus solutions and the multiple scanning features.

Pros and Cons

  • "We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
  • "Sometimes we have had issues with stability of the product."

What is our primary use case?

Our primary use case is to use it as a gateway for our fleet of sea vessels. We have around 50 vessels that are serviced by the solution.

What is most valuable?

With WatchGuard, we see some bugs in the IT system, and can easily fix it within a few days. It is easily resolved and that is a big benefit for us.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Sometimes we have had issues with the stability of the product.

What do I think about the scalability of the solution?

The scalability is good. Sometimes we need to buy a better hard drive to run all of the services, but overall it is good.

How are customer service and technical support?

We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them.

Which solution did I use previously and why did I switch?

We compared this solution to Juniper, and we find that WatchGuard is a much better product.

What's my experience with pricing, setup cost, and licensing?

In order to setup the solution, it is a good idea to get an expert to help. I suggest improving the setup process.

Which other solutions did I evaluate?

We considered Juniper.

What other advice do I have?

When considering a product like WatchGuard, the best criteria is: the anti-virus system solutions and using multiple scanners, that's basically the best way to approach an infection. WatchGuard has these important features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MV
Director at a tech services company with 11-50 employees
Real User
Application Control gives us granular regulation for different types of users and how they access websites

Pros and Cons

  • "Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."
  • "Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
  • "They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
  • "WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

What is our primary use case?

The primary use case is network protection from phishing attacks and web browsing attacks. It has performed extremely well, we've had zero intrusions so far.

How has it helped my organization?

We can now browse or interact with the internet with confidence, knowing we can do our jobs while being protected. We don't have to worry.

What is most valuable?

The most valuable features of the solution are the subscription services that come with the product:

  • Intrusion Protection - This is pretty standard across all products.
  • WebBlocker - It used to be called WebSense. For a decent-sized organization that's a $200,000 product, and we get a fully-implemented version of that inside our product. 
  • Data Loss Prevention - This feature is really good for sorting out the loss of credit card information or other valuable information.
  • Application Control - This is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular.
  • Botnet protection - Protects against phishing attacks, which is really good.
  • Geolocation services - Allows us to filter out Russian attackers (for example) so they'll never attack our political systems.
  • APT Blocker - This is advanced malware protection
  • Reputation Enabled Defense - Indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process.

And with all of those services turned on, we're still achieving about a gigabit of internet performance, which is outstanding.

On top of that, they have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time.

In addition, the rate of progress of introducing new features: There's a fantastic wireless solution that provides extreme levels of security, plus user tracking/monitoring if you're a retail mall or company. The features go on and on. They just keep on coming.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It's been very stable for us. We don't have any issues with the reliability at all.

What do I think about the scalability of the solution?

WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure.

How are customer service and technical support?

Tech support has worked well for us. Most of their people are really knowledgeable.

Which solution did I use previously and why did I switch?

We found that the WatchGuard product appeared to offer the widest range of protection at the best price.

How was the initial setup?

It takes a bit of configuring, there's no doubt about that, because there are a lot of configuration options. That's where we get the in-depth security. It just doesn't say this side is right or this side is wrong, it looks at a lot of different metrics, so there is a fair bit to configure. But it's easy to configure, it's easy to work through the options, which makes it quite good.

It's not straightforward in the sense that you have got to know what you're doing, but it offers a lot of options to customize a solution for a particular client's needs, and our own needs. When you give that level of optimization, then you expect the setup to be just a wee bit more complex.

Which other solutions did I evaluate?

We evaluated a number of different brands, including Fortinet and Sophos.

What other advice do I have?

Get your advice from people who know about the particular solutions that you're looking at. There's no point in asking "Mr. Sophos" what he thinks about Fortigate or WatchGuard.

I would rate WatchGuard XTM a nine out of 10 because it achieves all of our goals at a reasonable price without compromise.

For me, there are three important criteria when selecting a vendor. They must:

  • offer the greatest level of protection
  • not to be restricted by performance 
  • provide a reporting engine that stores data over a long period of time. 

Anyone in the security industry understands that there will be intrusions at some stage, but not to have the data to go back six months and find out: "Hang on, this is where it started," is a complete disaster.

We're really happy with WatchGuard. It has worked extremely well. It has an easy to use management interface and can manage multiple units at multiple branches easily.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
President at a tech consulting company with 51-200 employees
Consultant
It is stable and does not require you to reboot all the time

Pros and Cons

  • "It is stable and does not require you to reboot all the time.​"
  • "It configures in all-in-one place.​"
  • "​Monitoring of network activity is included in the box.​"
  • "The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.​"

How has it helped my organization?

Instead of having to manage NAT policies and firewall policies in different Windows, in WatchGuard XTM OS, it configures in all-in-one place.

What is most valuable?

Monitoring of network activity is included in the box.

What needs improvement?

WatchGuard never stops doing improvements on their products.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Never, and I have 30 boxes installed already.

What do I think about the scalability of the solution?

Never.

How are customer service and technical support?

Professional grade support: They are really knowledgeable.

Which solution did I use previously and why did I switch?

We previously used SonicWall and Fortinet.

How was the initial setup?

The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.

What's my experience with pricing, setup cost, and licensing?

Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.

Which other solutions did I evaluate?

We did look at SonicWall and Fortinet, but we finally choose WatchGuard.

What other advice do I have?

After it is installed, you will have plenty of time to do something else, because it is stable and does not require you to reboot all the time.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
MaximilianoHuguenin
IT Security Analyst at a tech services company with 11-50 employees
Real User
It costs less than the competition without increasing much of the CPU usage

Pros and Cons

  • "There is a site-to-site VPN configuration between others people."
  • "Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

What is most valuable?

It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use. But if you use, for example the SSL connections (using a certificate), the memory use will increase, but having a better product is less expensive than the SonicWall SSL inspection.

How has it helped my organization?

I'm working for a provider, supporting the clients with MSSP. The customer client needs less attention.

What needs improvement?

Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer).

For how long have I used the solution?

For three years. I have used the following versions: M400, XTM 25-W, XTM 330, XTM 515, T50, M500, XTM 330, T30, and Fireware 11.12.4.

What do I think about the stability of the solution?

Yes, in previous firmwares, you have problems with leaked memory using SSL inspection, problems with Active Directory when the user exists inside more than one group, and problems with site-to-site VPNs in previous firmwares - lost connection but the enlace is still up.

What do I think about the scalability of the solution?

No, but it depends on the hardware size.

How is customer service and technical support?

The support is poor and lazy.

How was the initial setup?

It is normal like the other market competitors. There is a site-to-site VPN configuration between others people.

Which other solutions did I evaluate?

I like the Sonicwall interface experience better, the VPN configurations, and Active Directory (LDAP) integration for SSO.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
it_user719133
systeembeheerder at a manufacturing company with 201-500 employees
Real User
Creates New Ways To Secure Your Network

Pros and Cons

  • "SNMP status monitoring and the Central Management Software."
  • "The VPN errors are not helpful when troubleshooting."

What is most valuable?

Blacklist IP addresses of "hackers", SNMP status monitoring and the Central Management Software.

How has it helped my organization?

Because of the high throughput, we created multiple LAN segments. This reduced the broadcast and the improved the security in traffic monitoring.

What needs improvement?

It's a fine product, but some features like the max bandwidth don't work well.

Also, the VPN errors are not helpful when troubleshooting.

For how long have I used the solution?

For eight years.

What do I think about the stability of the solution?

Yes, a couple of firmware updates caused a factory reset.

What do I think about the scalability of the solution?

Yes, fallback needs a lot of tweaking to work.

How are customer service and technical support?

Good.

Which solution did I use previously and why did I switch?

Yes, Cisco but the lack of management tools and knowledge made us change to WatchGuard.

How was the initial setup?

Very straightforward.

What's my experience with pricing, setup cost, and licensing?

Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network.

Which other solutions did I evaluate?

Yes. SonicWall, but the web interface takes a lot of time to find the right option.

What other advice do I have?

Take a look at the WatchGuard support site. Opening an account is free and you can find there are a lot of helpful topics.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Gevorg Harutyunyan
Software Developer, Head of IT Department at a tech vendor with 1-10 employees
Real User
Packet filters and proxy policies are valuable features. The management console and web interface are very bad.

What is most valuable?

Packet filters and proxy policies are valuable features. They allow you to configure restrictions by domain name. These features are useful to block web pages which have multiple IP addresses, such as Facebook.

How has it helped my organization?

It was installed as two redundant XTM 850s (active-passive).

The XTM 850s perform as a general firewall and as a filter of WAN traffic. Routers are configured as a load balancer for internal VLANs and for WAN as well. Other network functionality is based on Extreme Networks equipment.

What needs improvement?

The management console and web interface are very bad. They should improve it and add more command lines and easy scripting functionality. I also suggest adding/improving smart and easy logging and debugging tools.

For how long have I used the solution?

We have been using the solution for about 18 months.

What do I think about the stability of the solution?

We had a stability issue. Sometimes devices hang and it is very difficult to understand why. Sometimes we rebooted the system and it started to work, but we couldn’t understand what the issue was.

What do I think about the scalability of the solution?

We had a scalability issue. Sometimes when we have heavy traffic, such as 100 mbp/s, we see a high CPU load.

How are customer service and technical support?

The technical support is very bad. The price is very high, the response time is very long, and technical support does not provide a general solution. They just try to solve local, small issues. Sometimes they cannot understand standard issues and provide solutions.

Which solution did I use previously and why did I switch?

We didn't use a similar solution, but we have used MicroTik routers and UNIX firewalls.

How was the initial setup?

The setup was very easy.

What's my experience with pricing, setup cost, and licensing?

My advice is to decrease technical support pricing and increase the quality.

Which other solutions did I evaluate?

I didn’t select this device.

What other advice do I have?

The documentation is just for configuration. I suggest adding documents about solutions for different cases.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user512307
instructor with 501-1,000 employees
Vendor
Easy to set up. Provides access to the centralized environment.

What is most valuable?

VPN, routing, firewall, and accessibility are the most valuable features.

It is easy to set up and provides access to the centralized environment.

How has it helped my organization?

It has decreased consuming excess bandwidth, restricting access to the social networks, downloading games, risk applications, and music.

It allows us to balance the different internet services and, via the rules, it gives greater capacity to the critical departments.

What needs improvement?

Licensing should be improved.

It should allow you to keep the rules that are created; at the end of the grace period, it does not allow you to create new rules but only to maintain the current ones.

The mobile administrative management applications (mobile devices) should be improved.

For how long have I used the solution?

I have used this solution for four years.

What do I think about the stability of the solution?

There were no stability issues.

What do I think about the scalability of the solution?

There were no scalability issues. There is 24/7 support from our provider.

How is customer service and technical support?

The level of technical support is adequate. From a range 1 to 10, I would give them a 8/10 rating.

How was the initial setup?

The setup was simple and workable for any non-expert user.

What's my experience with pricing, setup cost, and licensing?

Simply, give this tool a try; it will generate great benefits in terms of the scalability and environment.

Which other solutions did I evaluate?

We evaluated other solutions such as Cisco from its extensive stock of solutions.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AP
Global Director MSS with 11-50 employees
Real User
Based on WG, we can deploy 30 offices in a few days, and maintain an excellent visibility of the network traffic for the entire network, using a single console.​

What is most valuable?

Performance, Security Services integration, Management, Tools all included, VPN.

How has it helped my organization?

Security is a requirement for any organization, using WG products you can deploy faster solutions to big problems with a fair price.

Based on WG, we can deploy 30 offices in a few days, and maintain an excellent visibility of the network traffic for the entire network, using a single console.

What needs improvement?

Intrusion Prevention, Antivirus, and Data Loss Prevention

For how long have I used the solution?

I have been working with WatchGuard products for more than 15 years. With these specific appliances +2 years.

What do I think about the stability of the solution?

In my experience with WG, stability issues are associated with bad configurations.

What do I think about the scalability of the solution?

Yes, in the past you could base on the same appliance, in some cases up to three different models. You could grow your performance and capabilities using a license. Now, you need to replace the appliance.

How are customer service and technical support?

Seven out of 10, with too many areas to improve, when you have many years of experience with the appliances. For new users the rating could be 9+.

Which solution did I use previously and why did I switch?

We moved because of price, management, stability, scalability.

How was the initial setup?

Super easy to deploy, in this area WG is the best.

What's my experience with pricing, setup cost, and licensing?

Always consider competitive trade and long-term licensing, to get the best price. if not, the product is expensive.

Which other solutions did I evaluate?

Cisco, CheckPoint, Fortinet, Palo Alto.

What other advice do I have?

Base your design on traffic and throughput, not on users. If you don't, your performance will be affected. WG is an excellent product for small and medium business. For large environments, the performance and features need to be revised and other vendors can offer better solutions.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
TZ
IT Director at a financial services firm with 201-500 employees
Real User
​VPN tunnel creation way in WSM is very easy to setup.

What is most valuable?

VPN tunnel creation in WSM. Very easy to setup BOVPN tunnel between two sites by dragging and playing. Device configuration change method (editing configuration file offline, then pushing to device which gives the convenience of changing settings remotely when the network connection is being adjusted.

How has it helped my organization?

When moving datacenter and WAN IP changed, simply edited the configuration and deployed device at the last second to demount device. Then, simply power on device with new WAN connection and get all things up without further configuration.

What needs improvement?

Can’t add static route with domain, must use IP.

What do I think about the stability of the solution?

VPN tunnel lost packet.

What do I think about the scalability of the solution?

No.

How are customer service and technical support?

7/10

Which solution did I use previously and why did I switch?

N/A

How was the initial setup?

Simple and straightforward.

What's my experience with pricing, setup cost, and licensing?

Price is still high, especially for subscription services.

Which other solutions did I evaluate?

Yes, Dell SonicWall.

What other advice do I have?

LiveSecurity and subscription service. Low market ratio causes local service not to be so strong.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Deputy Head of IT Department at a financial services firm with 501-1,000 employees
Vendor
Helps me create firewall policies for networks and services.

What is most valuable?

The proxy based policy in Policy Manager is the best feature. It helps me:

  • Create many different firewall policies for different networks and services
  • In tracking problems in the policy rule in the traffic monitor of Firebox System Manager

How has it helped my organization?

With this product, I can easily block group websites with its WebBlocker based on predefined categories such as: Social Network, Sex Material, and Video Streaming

We can also use Application Control to block some applications based on pre-defined categories such as: P2P, Social Network, Streaming Media, and Games.

What needs improvement?

1. It is difficult to configure WatchGuard with your internet settings.

Actually, a normal internet setting/configuration is easy. However, I had a problem with multi WAN and multi LAN. I have a few different LAN subnet and two WAN.


What I want to do is to route traffic from LAN1 through WAN1 and use WAN2 as failover. And for LAN2, it would route through WAN2 and use WAN1 as failover. So all traffic from LAN1 supposed to go through WAN1 only unless WAN1 is down, then it will go WAN2.


However, I still could see some packet from LAN1 go through WAN2 at the same times. I checked the Traffic Monitoring in WatchGuard and I figured it out that is because of default “Outgoings” policy. Unfortunately, I could not disable default “Outgoings” policy and if I do “all clients could not access the internet even if I created another Outgoing Policy to replace the default one”.

I used to ask my Vendor to help with this problem, but they could not do it.


2. I would like to see more granularity on each IP bandwidth that is used. I want to check which IP consume internet Bandwidth the most, but it is not convenient to check the total bandwidth that one IP is consuming. I need to go to “Traffic Management” to see which group IP that used most of the bandwidth, and then I go to “Hostwatch” to check bandwidth of each IP and sum the consumed bandwidth by myself.


3. It cannot block Internet Download Manager nor the Torrent application “BitComet” Internet Download Manager and BitComet are two applications that I cannot block in “Application Control”. I used to ask my vendor for help, but they still could not do it. Other application (Messenger, other peer-to-peer application, social network, VOIP .. etc), WatchGuard can block them.

For how long have I used the solution?

I have been using it for eleven months.

What was my experience with deployment of the solution?

There were no big issues with deployment except the problem of multiple WANs and multiple subnets from the LAN.

What do I think about the stability of the solution?

No stability issues were encountered. The device is working smoothly for me.

How are customer service and technical support?

Customer Service:

The customer service from my vendor was very good. I would give them a rating of 9/10.

Technical Support:

I would give technical support a rating of 7.5/10 for two reasons:

  • The vendor technician, on the first occasion, checked the device remotely and configured something, but saved the running configuration without backing up the previous configuration first.
  • Singapore technical support tried to remotely fix the problem where the application control could not block the Torrent application “BitComet”. After one hour of testing was complete, he later sent an email to my vendor to alert them that the current WatchGuard cannot block “BitComet” and that we are waiting for a new version. At that time, he should have tested it at his office first before he asked to check my device remotely.

Which solution did I use previously and why did I switch?

The company has just opened and WatchGuard was the first solution.

How was the initial setup?

It’s not complex. The configuration is UI based. For experienced network administrators who understand network and firewall concepts, it is easy.

What about the implementation team?

The device is implemented through a vendor team. I would give them a rating 7/10 because they did not check and verify the configuration clearly before they left our office. I later found that their configuration was not yet working well and they had to return to configure it again.

What was our ROI?

For the current network demand, I think the product is worth buying. It is not too expensive and it has almost all the features that I need.

What's my experience with pricing, setup cost, and licensing?

I think it is best to consult with the vendor for pricing and licensing.

Which other solutions did I evaluate?

Previously, I wanted to use Juniper as my firewall. However, after consulting with the vendor and reviewing the product ranking and features, we finally chose WatchGuard for our solution.

We chose it based on “medium price with high quality and security that its features can use.” So we chose it for the frontend firewall and we have another for the backend firewall.

What other advice do I have?

If your company needs a medium priced firewall appliance with WebBlocker, Application Control, VPN, and SpamBlocker, then you should try WatchGuard.

However, it is not recommended to use an e-banking server or another import server for the DMZ zone on WatchGuard.

You have a firewall, but you need a very good IPS appliance in addition to these servers. WatchGuard has IPS, but it is not very good yet.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user292644
System Administrator at a logistics company with 501-1,000 employees
Vendor
Application Signature doesn't work well, but we do have better monitoring of our users' internet usage.

What is most valuable?

We are using WatchGuard's SSO feature to help us track user access. From there, we can drill down the reports, and we can the details we need such as what websites a user goes to, or which websites are accessed the most.

How has it helped my organization?

We now have the capability to manage traffic better by putting non-business critical traffic into the small bucket, while business critical traffic gets higher priority.

What needs improvement?

  1. We still haven't got the Terminal Service agent to work in our Citrix environment
  2. Application Signature also doesn't work well especially in SSL traffic

For how long have I used the solution?

We have had this solution for just over one year.

What was my experience with deployment of the solution?

I believe we were one of the first companies that implemented SSO. We had continuous issues when we first implemented it, and we needed to log calls with Watchguard. They released two new firmware versions in order to resolve the issue.

How are customer service and technical support?

The support is not the best, but it is good enough. Not everyone has the right skills, so make sure to ask them to escalate it if it has taken too much time to resolve the issue.

Which solution did I use previously and why did I switch?

We used both Juniper SRX and TMG. We replaced Juniper because it is hard to troubleshoot as there is no real-time traffic monitoring, and we replaced TMG because it was end of life.

How was the initial setup?

Apart from SSO, the setup was really easy and straightforward. With the firmware that they have now, SSO should not be an issue anymore.

What about the implementation team?

We did it ourselves, and we only asked a third party to verify oour configuration.

What's my experience with pricing, setup cost, and licensing?

We also looked at Sophos.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user292641
Systems Engineer at a financial services firm with 501-1,000 employees
Vendor
It provided us with VPN SSL, but they need to make changes in web filtering access for Skype.

Valuable Features

  • Price
  • Functionality
  • Device management

Improvements to My Organization

It has provided us with the following -

  • Control
  • Internet access
  • Web filtering
  • IPS
  • VPN SSL
  • Profiles
  • Reports - they are complex, but they are neccesary to analyze the real time logs
  • Graphics

Room for Improvement

In my experience they need to make changes in web filtering access for Skype as that's the time we had problems.

Use of Solution

We used it about three years ago.,

Deployment Issues

We had issues and raised a case with WatchGuard.

Stability Issues

We had issues and raised a case with WatchGuard.

Scalability Issues

We had issues and raised a case with WatchGuard.

Customer Service and Technical Support

Customer Service:

It's OK to good.

Technical Support:

It's OK to good.

Initial Setup

It was was fast and easy to learn the functionality.

Implementation Team

The implementation was in-house.

ROI

ROI was complete in less than a year.

Pricing, Setup Cost and Licensing

It was cheaper than other options.

Other Solutions Considered

The vendor in my country came with this product, and at the time we needed a firewall, but didn't have the budget, and this was a good product with an excellent price. This was the reason to bought this firewall.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user285063
Account Manager with 51-200 employees
Vendor
While the wireless capability is great for roaming and seamless hand-off, there have been intermittent issues with connection dropping on Apple devices.

What is most valuable?

The most valuable features of the WatchGuard product line that we appreciate and leverage the most is the UTM security suite. That front-line of defense is invaluable in providing protection for our network, and the networks of our customers.

How has it helped my organization?

The WatchGuard SSL VPN is great for remote access to our location, and for remote support to our customer locations. It allows us to easily and securely access their network remotely to make any changes needed while supporting them.

What needs improvement?

While the wireless capability is great for roaming and seamless hand-off, there have been intermittent issues with connection dropping on Apple devices.

For how long have I used the solution?

We have been using and selling the WatchGuard product line for three years.

What was my experience with deployment of the solution?

We have had no issues with any of the WatchGuard XTM deployments.

What do I think about the stability of the solution?

The WatchGuard XTM platform has been very stable.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Excellent, they have incredibly quick response to any questions, and their online customer portal is very nice.

Technical Support:

Excellent, they have never had an issue troubleshooting our equipment or help with our clients equipment. Their ticketing system is also very helpful.

Which solution did I use previously and why did I switch?

We used SonicWall. We made the switch shortly after Dell acquired them due to their continued wireless issues. WatchGuard seemed to be much more stable and scalable. We have had much better success with WatchGuard and are very glad we made the switch, especially for our customers.

How was the initial setup?

Because we are an IT company, and are certified in the product, setup was very straightforward. I like the interface as it is very logical to set everything up. For a standard end-user, however, it is very complicated as an enterprise based router/firewall is not intended for the general end user to set up.

What about the implementation team?

Being an IT solutions provider, we were able to purchase through our distributer and deploy in-house as we are certified in the product. We have installed this device in our offices, and many different WatchGuard products at many different locations.

What was our ROI?

The return was very fast, as it helps us to do our job very effectively and securely.

What's my experience with pricing, setup cost, and licensing?

Pricing and licensing is very straightforward. No hidden fees, and applying licenses is incredibly easy.

Which other solutions did I evaluate?

Because we are an IT solutions provider, we looked into a few different options before deciding to proceed with WatchGuard. We looked at continuing with SonicWall, Cisco, Adtran, etc. WatchGuard was the best fit for our company as well as our clients.

What other advice do I have?

While there are many choices available today, and you won’t be disappointed if you choose to proceed with implementing a WatchGuard device. We have been using them for years, have deployed them at many locations, and have been very happy with them – as have our customers.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a WatchGuard Gold partner.
ITCS user
Support Analyst at a logistics company with 501-1,000 employees
Real User
The application proxies are valuable but we had some problems of instability with older versions of the software.

What is most valuable?

Multiple VPN choice Application proxies VoIP

What needs improvement?

SSO needs to be improved.

For how long have I used the solution?

I've used it for four years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

We had some problems of instability with older versions of the software. Today, however, with the 11.9.4 version, our environment is very stable.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service: 9/10. Technical Support: 9/10.

Which solution did I use previously and why did I switch?

We previously used the Microsoft ISA server, and we switched because it…

What is most valuable?

  • Multiple VPN choice
  • Application proxies
  • VoIP

What needs improvement?

SSO needs to be improved.

For how long have I used the solution?

I've used it for four years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

We had some problems of instability with older versions of the software. Today, however, with the 11.9.4 version, our environment is very stable.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

9/10.

Technical Support:

9/10.

Which solution did I use previously and why did I switch?

We previously used the Microsoft ISA server, and we switched because it was discontinued.

How was the initial setup?

It was straightforward.

What about the implementation team?

We implemented it into our environment.

Which other solutions did I evaluate?

We also looked at SonicWALL.

What other advice do I have?

Take an online course in the WatchGuard site and you will have no problems.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Network Administrator at a university with 1,001-5,000 employees
Vendor
It has definitely helped us in framing and implementing IT policy of our organization, but the VPN hardware needs to improve.

What is most valuable?

  • For the monitoring of the devices' operation, and network traffic, a monitoring software, "WatchGuard System Manager" is provided
  • It has an online traffic monitor, which is an ultimate feature and valuable for troubleshooting
  • Web/URL filter is strengthened by the WebSense filter
  • The web based log analyzer called "WatchGuard Dimension," offers great information regarding network traffic
  • The traffic analysis reports can be created in both granular and brief summary fashion, and extracts are useful for managerial information

How has it helped my organization?

  • Online traffic monitoring is a great help in network troubleshooting, as the log analyzer reports found great sources of information for technical support and the management who are barely acquainted with the technical terms
  • Websense has categorized web traffic in over 150 different categories
  • Decisions to block certain unwanted sites or categories have been made on the basis of the web traffic trend presented by the log analyzer
  • Permissions can be set by groups, so as an educational organization, our users are grouped as administrative officers, clerical staff, post graduate students, research students and faculty
  • The web access is made available to users is only available for their work, and as a result, the utilization of Internet connectivity has been improved
  • It has definitely help us in framing and implementing IT policy of our organization.

What needs improvement?

Initially WatchGuard assured us regarding endpoint security, but we are not sure that the product provides endpoint security features to its full extent. Instead, WatchGuard provided us a VPN hardware. WatchGuard needs to improve this feature.

For how long have I used the solution?

I've used it for over two years.

What was my experience with deployment of the solution?

We had almost no problems.

What do I think about the stability of the solution?

The product has been stable for the last two years. We have connected it to three leased lines, a DMZ with 10 web applications and 2000+ campus users are connected without any issues. Also, there have been no bottlenecks!!!

How are customer service and technical support?

Customer Service:

Satisfactory to good.

Technical Support:

The technical team, so far with WatchGuard OEM has been excellent. Recently, there a new team has been formed, and I am yet to interact with them. Also, the support team from their business partner is also good. We have a very good rapport with them and during the last two years only, only one or two unsolved issues were escalated to their international support.

Which solution did I use previously and why did I switch?

We were using a different solution previously, but it didn't prove perfect for our requirements. It lacked many features like URL filtering, log analysis etc. So we were searching for a better product. We had a proof of concept from three reputed products.
Finally, WatchGuard offered almost all the features we needed, coupled with the lowest recurring cost, i.e. annual subscription renewals.

How was the initial setup?

We have got three internet lines shared amongst campus users and off campus web clients.
The requirements keep changing from time to time. We have over 35 VLANs that need to be catered for according to IT policy of the organization. and WatchGuard is almost perfect.

What about the implementation team?

A joint OEM and vendor team initially implemented the product. The team configured and demonstrated the product to us. They also handed over operational know-how of the product, and the team had an exceptional level of competency.

What was our ROI?

The ROI can be measured in several ways. First, our in house team has excelled in re-configurating the product and network troubleshooting is made simple using WatchGuard tools. The tools are very simple to handle, so our in-house team has become more confident and got more expertise in handling IT infrastructure.

There are moderate renewal cost for subscriptions like AV, IPS, IDS,web filter, application control etc. therefore recurring cost is low. As such after fulfilling rationale of the firewall device, additional returns are in the form of lower operating costs and manpower expertise.
Therefore, the returns are higher as compared with the initial investment on this product, so the ROI is positive.

What's my experience with pricing, setup cost, and licensing?

Our estimated cost for the setup was INR25,00,000+/- and we grabbed an offer for a pair of devices, costing around half of the estimated cost. Deprecation is 33% on this kind of equipment. The annual subscription renewal cost is 20% of original set up cost.

Which other solutions did I evaluate?

  • Fortinet
  • HP

What other advice do I have?

WatchGuard XTM2050A has enterprise class performance with the cost of an SMB class device. If you are not enthusiastic about the brands or reputed survey reports, WatchGuard will be definitely an option to go for.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Sr IT Security Consultant at a healthcare company with 10,001+ employees
Vendor
I found this device to be one of the most stable platforms that I have worked with, but paying a yearly maintenance fee for firmware updates is not worth it in my opinion.

What is most valuable?

I love the GUI and the ability to edit rules on the fly without needing to save a configuration. This makes for a very quick adjustment when needed. I also like the fact that you can save to a configuration file, so if there are a number of changes being made, it can always be rolled back to the previous save.

How has it helped my organization?

This device was one that I deployed on my own business network and has given me the ability to thoroughly know the product that I was selling. The added security features from Live Security ensured I did not have to manually update some of the basic functions of the device.

What needs improvement?

I feel that paying a yearly maintenance fee for firmware updates is not worth it in my opinion. I would rather see the yearly fee go for updates to the add-ons and live security, but I think as time goes on firmware updates should be free since the price tag of some of these devices is difficult for some small businesses to swallow.

While I hold the company in high regard the learning curve on these devices can be tough right out of the box. I've had to contact support on numerous occasions due to little quirks in the system that needed to be ironed out.

For how long have I used the solution?

I personally have had an XTM25 in my own network for over five years, and I've used multiple versions of WatchGuard enterprise grade firewalls over the last decade. My first experience was with an X500 Edge and the last product I had the opportunity to use in the field was an XTM26 for small to medium sized businesses.

What was my experience with deployment of the solution?

Yes, there were times that the device would lock up after completing the initial configuration and would need to be factory reset.

What do I think about the stability of the solution?

I found this device to be one of the most stable platforms that I have worked with. Even when the UI seemed to fail on a device, the product still functioned until we had time to reboot the device and bring the UI back online.

What do I think about the scalability of the solution?

Yes, I deployed an XTM25 to a smaller business and the company grew beyond what the device could handle VPN wise. There was a trade in process but the company decided not to go with that since it was within a year and the process was not worth their time or effort.

How are customer service and technical support?

Customer Service:

I had great encounters with all levels of customer service from the general help desk all the way up to our regional manager.

Technical Support:

Most of the time when I called customer support it was for features that I did not work with or if I had a configuration question that did not seem to be working. Most of the time, I was able to get the answers right there on the phone. There were times that tickets had to be opened and a call back was warranted, and most of the time I received a solid response within 24 hours.

Which solution did I use previously and why did I switch?

Previously we used a software firewall deployed to a form factor box. We switched because of my experience with the product and the stability.

How was the initial setup?

The initial setup was straight forward, The GUI pretty much takes you through all of the settings you would need to know to set up a general device.

What about the implementation team?

I was the implementation team for my organization as I was part of a managed service provider.

What was our ROI?

The ROI for this product in my eyes was knowing that my customers were protected by a stable platform that could be updated and upgraded when they needed it. The features that were available could be added as needed with small additional purchases for feature keys.

What's my experience with pricing, setup cost, and licensing?

Depending on the product, my setup cost was around $250 for time and labor. For the most part I could deploy one of these devices in about an hour with very little downtime to the organization.

Which other solutions did I evaluate?

I had been a vendor of firewall services for many years prior to deploying WatchGuard technology. I evaluated and was not impressed with SonicWALL, or Untangle. I was deploying pfSense on boxes and found that the WatchGuard platform was perfect in size, and the software seemed to match all of the features of pfSense. The reason for switching ultimately came down to additional customer service and availability of support.

What other advice do I have?

This product is solid and has a great reputation behind it. I would recommend the product and company to anyone looking for a great firewall solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229821
Third Line Engineer at a tech services company with 51-200 employees
Consultant
Although it's expensive, you should go for it as it offers great protection for your network.

What is most valuable?

  • Nice user interface
  • Ease of use
  • Easy to set up
  • Good range of subscription services

How has it helped my organization?

It has added many security features to our network with the use of the subscription services such as Gareway AV, Reputation Enabled Defence, Webblocker, IPS, etc.

What needs improvement?

  • Expensive
  • Requires client-server application to use some advanced features

For how long have I used the solution?

I've used it for six months.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Great customer service with fast response.

Technical Support:

They have good technical knowledge.

Which solution did I use previously and why did I switch?

We used to use Drayteks, but they did not offer the features that were were looking for.

How was the initial setup?

It was pretty straightforward, especially with the use of a setup wizard.

What about the implementation team?

We implemented it in-house.

Which other solutions did I evaluate?

We also looked at an option from Sophos.

What other advice do I have?

Go for it. It's a great product with many security features and offers great protection for your network.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229818
Executive VP/Partner at To Solution, LLC
Consultant
The multi-layer security of the products are the primary reason we use these appliances, however, the gateway wireless functionality for managing access points leaves much to be desired.

What is most valuable?

They provide excellent security and administration at a reasonable price. However, the multi-layer security of the products are the primary reason we use these appliances. Another valuable feature of the product is that the configuration interface and tools across any product is the same, making administration of the devices simple and consistent.

How has it helped my organization?

WatchGuard has improved the way our organization functions by providing our client sites with better security. Since we have been working with WatchGuard appliances, the rate of spy-ware, malware, and viruses has dropped significantly.

What needs improvement?

The WatchGuard gateway wireless functionality for managing access points leaves much to be desired. While the access points are good hardware, the access point controller lacks many of the features found on other wireless controllers. For example, when adding a MAC address to the controller (if restricting access to particular devices), every attached access point reboots, interrupting the wireless network.

For how long have I used the solution?

We've used it for more than four years, alongside APs100 & 200. We also run a WatchGuard Dimension reporting server.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

We encountered some issues with the older generation firewalls (e.g. XTM 515s), however, the more recent models have been very stable.

What do I think about the scalability of the solution?

We have not encountered any scalability issues with these firewall appliances.

How are customer service and technical support?

Customer Service:

When we have called on them for sales and product support, the customer service has been very good.

Technical Support:

When we have needed it, the technicians responding to cases are always helpful and very competent on the products. We generally get quick resolution on the issues.

Which solution did I use previously and why did I switch?

We used to use various other firewall solutions Including Cisco, Sonicwall, and Fortinet. We switched because WatchGuard offered better value for money without sacrificing security. We found the ease of configuration, tools, and features on this next generation firewall to be a better value than other firewalls with no security compromise.

How was the initial setup?

The initial setup for these appliances is simple. There are options to configure through a software utility or a web-based GUI. Both options are relatively simple. There is a wizard feature that allows for quick configuration. They even have the ability to preconfigure firewalls, send them to the sites, and have them deployed live on-site, where the configuration is downloaded from the Internet. This saves a lot of time.

We can deploy online and automatically download configurations. Or, we can deploy off-line by manually installing and configuring the appliances. Deployment is simplified since all configurations are saved as XML files.

What about the implementation team?

We implemented our WatchGuard solutions in-house since we are a managed service provider.

What was our ROI?

Our ROI on the product is positive.

What's my experience with pricing, setup cost, and licensing?

Depending on model chosen, the setup cost hardware ($2,000-$5,000) and labor (approx. $500). The day-to-day cost is approximately $1.20 per day (includes maintenance/updates and labor costs to do firmware updates & monitoring).

Which other solutions did I evaluate?

We compared our existing solutions to WatchGuard.

What other advice do I have?

The best advice is to take the time to learn the product well. Take advantage of training to learn the product fully as, without the training, it can be difficult to administer the products. Also, knowing the tools for administration goes a long way.

Disclosure: My company has a business relationship with this vendor other than being a customer: We have been WatchGuard channel partners for four years.
ITCS user
Network & infra Manager at Vanguard Business Solutions & Consulting
Consultant
The product is great for small enterprise usage but WiFi throughput needs work.

Valuable Features

Drag and drop VPN is the most satisfying feature Easy to configure

Improvements to My Organization

It has reduced the amount of manpower needed in IT departments.

Room for Improvement

Wireless throughput needs to be improved.

Use of Solution

I've use it for nearly two years.

Deployment Issues

No issues encountered.

Stability Issues

No issues encountered.

Scalability Issues

No issues encountered.

Customer Service and Technical Support

Customer Service: I haven’t requested any help from customer service. Technical Support: I attended training from WatchGuard, as a result, I haven’t needed help from technical support.

Initial Setup

Initial setup is very simple for me.

Implementation Team

I implemented it by myself.

ROI

The product…

Valuable Features

  • Drag and drop VPN is the most satisfying feature
  • Easy to configure

Improvements to My Organization

It has reduced the amount of manpower needed in IT departments.

Room for Improvement

Wireless throughput needs to be improved.

Use of Solution

I've use it for nearly two years.

Deployment Issues

No issues encountered.

Stability Issues

No issues encountered.

Scalability Issues

No issues encountered.

Customer Service and Technical Support

Customer Service:

I haven’t requested any help from customer service.

Technical Support:

I attended training from WatchGuard, as a result, I haven’t needed help from technical support.

Initial Setup

Initial setup is very simple for me.

Implementation Team

I implemented it by myself.

ROI

The product is great for small enterprise usage.

Other Solutions Considered

I compared XTM with Cisco ASA firewalls, but Cisco isn’t as easy as XTM to handover.

Other Advice

The product is easy to use and is the fastest way to learn about firewalls.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229806
Network Administrator at a financial services firm with 51-200 employees
Vendor
Reporting features are there but aren't the greatest when compared to other devices. ​

Valuable Features

WatchGuard System Manager can work with multiple devices at once The Web UI is accessible from any OS platform

Room for Improvement

Reporting features are there but aren't the greatest when compared to other devices.

Use of Solution

I've used it for four to five years.

Deployment Issues

I had no issues during deployment.

Stability Issues

Early models of the XTM2 (e.g. 21, 22, 23) line lacked sufficient memory, and caused a number of issues that required frequent reboots. WatchGuard has since discontinued that line and has replaced them with a more robust XTM25 and 26 option.

Scalability Issues

No issues so far.

Customer Service and Technical Support

Customer Service: 7-8/10. Technical Support: 7-8/10 and I've yet to have an issue go…

Valuable Features

  • WatchGuard System Manager can work with multiple devices at once
  • The Web UI is accessible from any OS platform

Room for Improvement

Reporting features are there but aren't the greatest when compared to other devices.

Use of Solution

I've used it for four to five years.

Deployment Issues

I had no issues during deployment.

Stability Issues

Early models of the XTM2 (e.g. 21, 22, 23) line lacked sufficient memory, and caused a number of issues that required frequent reboots. WatchGuard has since discontinued that line and has replaced them with a more robust XTM25 and 26 option.

Scalability Issues

No issues so far.

Customer Service and Technical Support

Customer Service:

7-8/10.

Technical Support:

7-8/10 and I've yet to have an issue go unresolved.

Initial Setup

It was straightforward for the most part. All firewalls are a little unique in their own way, resulting in some complexity but, compaired to say Sonicwall, WatchGuard is straightforward.

Implementation Team

It was done in-house.

Other Solutions Considered

  • Sonicwall
  • Sophos

Other Advice

It's a solid firewall option with new. and useful, features typically being added with each new firmware release

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229800
PRE-SALES MANAGER at a tech services company with 51-200 employees
Consultant
Scalability to enterprise backbone bandwidth needs work, however, cost-price performance is at its best.

What is most valuable?

  • Lots of enterprise-grade features in SMB firewall
  • Cost-price performance is at its best

How has it helped my organization?

We are now able to combine lots of functionality, and this contributes to bandwidth optimization, traffic monitoring and traffic analysis.

What needs improvement?

  • Web GUI interface
  • Scalability to enterprise backbone bandwidth

For how long have I used the solution?

I've used it for five years.

What was my experience with deployment of the solution?

The issue that we had was that the integration with Active Directory was a bit of a hassle.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

There aren't issue as long the environment is between 200 to 2000 users.

How are customer service and technical support?

Customer Service:

3/5.

Technical Support:

3/5.

Which solution did I use previously and why did I switch?

We previously used both Fortinet and Sonicwall. We made the switch is due to the lack of support efficiency of Fortinet, and product instability of SonicWALL.

How was the initial setup?

It's straightforward.

What about the implementation team?

We are resellers of WatchGuard.

What was our ROI?

It's hard to calculate exactly, but it is better than what it was with Fortinet.

What other advice do I have?

Create a features list and choose the best price-for-performance firewall appliance that matches your list.

Disclosure: My company has a business relationship with this vendor other than being a customer: WatchGuard, Fortinet and Sonicwall Resellers
it_user229794
Project Engineer at a tech services company with 51-200 employees
Consultant
It probably has the most intuitive configuration, but it is expensive.

What is most valuable?

The full UTM capabilities are very useful for a mid-size business.

How has it helped my organization?

The box can control viruses and some types of malware when users browse over the internet. Also, it has improved the correct use of the internet within the company. Finally, it can provide isolation within the LAN for different departments e.g. financial, sales etc.

What needs improvement?

The problem is the high cost. Also, two important functions that need to be improved are the deep reports and visibility.

For how long have I used the solution?

I've been using it for two years.

What was my experience with deployment of the solution?

It's very simple, and easier, if you are moving from a previous version of WatchGuard.

What do I think about the stability of the solution?

We've not had any stability problems in more than two years.

What do I think about the scalability of the solution?

Some boxes provide cluster configurations with up to 16 boxes, and we've never had a problem.

How are customer service and technical support?

Customer Service:

It's pretty good.

Technical Support:

It's very good.

Which solution did I use previously and why did I switch?

We also looked at Fortinet but the problem with them is not the firewall, but the impact in the full UTM traffic. WatchGuard is less susceptible to this negative impact.

How was the initial setup?

It's very simple. You can preconfigure the box, send it to another site, and deploy it remotely.

What about the implementation team?

It was in-house, and we now provide WatchGuard as a service.

What was our ROI?

Our ROI is bery good. Also, when you consider usability, and trade up alternatives in the same brand, i.e. WatchGuard.

What's my experience with pricing, setup cost, and licensing?

Financially, this depends on many factors, such as the complexity of the network. In terms of man-hours, an installation can take anywhere from four hours to 25 ]for a mid-size business, so the price can be very different depending on the client.

Which other solutions did I evaluate?

  • Fortinet
  • Cisco

What other advice do I have?

I would recommend this product, as it is a very flexible one with probably the most intuitive configuration. Also, it's very easy to deploy in almost any scenario.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229791
SAP Specialist Engineer at a import and exporter with 51-200 employees
Vendor
The multi-WAN feature allows us to configure multiple external interfaces but the initial setup always is complex.

What is most valuable?

  • Traffic management
  • QoS
  • Many others

How has it helped my organization?

The multi-WAN feature allows us to configure multiple external interfaces. You have several options to control which interface an outgoing packet uses, and one option is 'Round-Robin.' When you configure multi-WAN with the 'Round-Robin' method, the XTM device looks at its internal route table to check for specific static or dynamic routing information for each connection.

The route table includes both routes, and you need to configure them on the device. If no specified route is found, the XTM device distributes the traffic load among its external interfaces. The XTM device uses the average of sent (TX) and received (RX) traffic to balance the traffic load across all external interfaces you specify in your round-robin configuration.

For how long have I used the solution?

I've used it for two years.

What was my experience with deployment of the solution?

No issues, it's very friendly.

What do I think about the scalability of the solution?

Our appliance has a firewall throughput of 2.5Gb/s but if we need more, we have to move to other models until we get to 3.5Gb/s.

How are customer service and technical support?

Customer Service:

It depends on the partner.

Technical Support:

Tech support is sometimes a little bit slow.

Which solution did I use previously and why did I switch?

We had Cisco Pix and when we wanted to move to something similar to WatchGuard, we had to invest more than $10,000.

How was the initial setup?

Initial setup always is complex because we don't know so much about the equipment. The key is to have a plan, objectives, and define our goals.

What was our ROI?

Our annual return is 11.7%.

Which other solutions did I evaluate?

  • Fortinet
  • Cisco
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user233277
Network & Voice Engineer at a tech services company with 51-200 employees
Consultant
Our business was down for two days when we had a faulty device but the web filtering is a good feature.

What is most valuable?

The web filtering s a good feature.

What needs improvement?

QoS for their version control needs to be improved The dashboard needs to be more user friendly

For how long have I used the solution?

I've used it for one and a half years.

What was my experience with deployment of the solution?

No issues were encountered.

What do I think about the stability of the solution?

Our device was not functioning properly, so we returned the product and as a result, our business was down for two days.

How are customer service and technical support?

Customer Service: I was satisfied, but I need a quick response instead of the given SLA of four hours. Technical Support: It's good.

Which solution did I use previously and why did I switch?

We didn't have a…

What is most valuable?

The web filtering s a good feature.

What needs improvement?

  • QoS for their version control needs to be improved
  • The dashboard needs to be more user friendly

For how long have I used the solution?

I've used it for one and a half years.

What was my experience with deployment of the solution?

No issues were encountered.

What do I think about the stability of the solution?

Our device was not functioning properly, so we returned the product and as a result, our business was down for two days.

How are customer service and technical support?

Customer Service:

I was satisfied, but I need a quick response instead of the given SLA of four hours.

Technical Support:

It's good.

Which solution did I use previously and why did I switch?

We didn't have a solution in place before.

How was the initial setup?

It's complex, but I am new to the product.

What about the implementation team?

We implemented through a vendor whose level of expertise was poor.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Systems Engineer at a tech services company with 51-200 employees
Consultant
It’s a complicated setup but, in the end, it does do what you want it to.

What is most valuable?

  • The connections of the VPN
  • The accessibility of the firewall from outside
  • The stability of the machine
  • A great security firewall that can be fully customized
  • The anti-Spam feature

How has it helped my organization?

XTM is more effective and friendly to use than our previous solution. It's not, of course 10/10, but I have one very good machine and instead of three machines, and it also provides me with very good VPN tunnel stability.

What needs improvement?

I think the anti-Spam feature, and the real time log to inspect the bandwidth users both need improving.

For how long have I used the solution?

I've used it for about two years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

It's perfect.

Technical Support:

It's excellent.

Which solution did I use previously and why did I switch?

Before implementing XTM, I had three separate machines -

  1. Anti-Spam
  2. Firewall
  3. Web filtering server

How was the initial setup?

It’s a complicated setup and it has to be followed step by step between the previous configuration of Cisco Pix to XTM.

What about the implementation team?

We used a vendor team who are very good.

Which other solutions did I evaluate?

We told different vendors about our previous configuration, and what they suggested was the best solution they could offer with a low cost

What other advice do I have?

It's a very good product very good characteristics, and in the end it does do what you want it to. However, for a new user, it does not have a very friendly GUI for when you want live information about the bandwidth (users, lines etc.).

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229779
Head of Information Technology with 51-200 employees
Vendor
The web interface is easy to use but it looks complicated and could be simplified.

What is most valuable?

  • Firewall
  • Policies

How has it helped my organization?

This product has helped in securing my SQL database and web applications from DDoS attacks and SQL injections. Also, I managed to create an IPSEC VPN between this device and a Fortinet device which is great as it helps me to do backup between my datacenters remotely without physically going down to them. It has also improved my network speed and also helped me to set specific policies for specific applications which I couldn't do with other products.

What needs improvement?

The web interface is easy to use but it looks complicated and could be simplified. Also it's lacking a feature to key in description for host IP addresses, and I think we need that to identify certain IP addresses.

For how long have I used the solution?

I've used it for one year.

What was my experience with deployment of the solution?

I was new to a new interface it took me a while to learn it.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

6/10.

Technical Support:

8/10.

Which solution did I use previously and why did I switch?

Previously, I was using Fortinet, and I switched as it had low security for web applications.

How was the initial setup?

It was complex because my network has many subnets, so creating policies for each one was a challenge.

What about the implementation team?

We implemented it with a mixed team consisting of the vendor and in-house staff. I would rate the vendor 6/10.

What was our ROI?

This product is something essential for the whole infrastructure of the company so I guess the ROI is 100%

What's my experience with pricing, setup cost, and licensing?

15,000SGD

Which other solutions did I evaluate?

We also looked at a Fortinet 100D.

What other advice do I have?

My advice would be to go ahead with it as its robust and easy to use with other products in the network.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229770
Infrastructure and Security Manager at a tech services company with 51-200 employees
Consultant
​This product helped facilitate and protect our environment from the inside out but you need some basic understanding of network security to set it up.

What is most valuable?

I would say the security features in the product are very easy to configure and cover all aspects of computer security needed a mid-sized company.

How has it helped my organization?

This product helped facilitate and protect our environment from the inside out, with features like DLP(data loss prevention) to content filtering all the way to port filtering and traffic shaping.

What needs improvement?

I wouldn't add anything to it as it is.

For how long have I used the solution?

I've used it for three years.

What was my experience with deployment of the solution?

No issues at all.

What do I think about the stability of the solution?

We've never had a stability issue.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Excellent.

Technical Support:

Excellent.

Which solution did I use previously and why did I switch?

We previously used Cisco ASA switches.

How was the initial setup?

The initial setup was very simple and straightforward.

What about the implementation team?

I implemented it myself out of the box. I setup the device with no previous experience, as you just need to have a sound knowledge on networking and some basic understanding.of network security.

What was our ROI?

It's worth every penny.

What's my experience with pricing, setup cost, and licensing?

The setup cost was about four thousand US dollars with a license for three years.

Which other solutions did I evaluate?

Yes of course, there were multiple UTM machines like Sophos, CybeRoam and others but non were up to WatchGuard standards.

What other advice do I have?

Don't think about it just get it, and you will find everything you need in it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user229362
Senior Systems Engineer at a financial services firm with 51-200 employees
Vendor
The SSL VPN remote feature is great, but we needed two-factor authentication, and had to employ a third-party product.

What is most valuable?

I have found the GUI interface to be invaluable, as it is very intuitive and easy to manage. Additionally, with a little searching on the WatchGuard support page, you can easily find answers to most of your questions.

How has it helped my organization?

Using the SSL VPN features has allowed us to set up a robust and secure remote access feature. Additionally, setting up a single interface as optional, allows us to setup a secure DMZ segment.

What needs improvement?

Using the SSL VPN remote feature is great, but we additionally needed two-factor authentication, and employed a third-party product. An in-house WatchGuard solution would have been preferable.

For how long have I used the solution?

I have administrated this device for two years.

What was my experience with deployment of the solution?

It was in place and operational when I took over as administrator. However, there have been little-to-no issues as I have developed and expanded it's capabilities. This has included adding branch-office VPN tunnels, secure remote access, IPS, DMZs, etc.

What do I think about the stability of the solution?

When I first took over as administrator, it was common to "reboot the firewall" to overcome any connection/communication issues with a particular VoIP vendor (running across HTTPS). After upgrading the firmware, this issue went away. Aside from this potentially being a WatchGuard issue, I have experienced nothing similar and it is very stable.

What do I think about the scalability of the solution?

Thus far, we have had no scalability issues. We are a call center running about 200 agents on a 50Mb connection, and have plenty of band-width, memory, and processing power.

How are customer service and technical support?

Customer Service:

Customer service has provided accurate and timely responses. If they do not have the specific answer(s) at their finger tips, they will either redirect you to the right department, and/or research it themselves, depending on what is needed.

Technical Support:

Technical is pretty good as long as you are covered with a support contract. Even without one, their documentation and blogs have pretty good info.

Which solution did I use previously and why did I switch?

Personally, my previous experience related to Cisco products, and home routers.

What other advice do I have?

I believe those with router/firewall experience would find this product a great solution for these looking for a UTM device. It has a great feature set which to choose from.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Kenneth Conklin
Owner at a tech services company with 51-200 employees
Real User
The security feature has reduced my overall labor on maintaining the network but I’m not in favor of having to setup security proxy settings.

What is most valuable?

The VPN to link my system to my clients, the gateway security features as my first defense layer to my client’s networks, and the firewall/NAT policy. I also love the alias feature as it allows me to configure items by common names instead of IP address.

How has it helped my organization?

The security feature has reduced my overall labor on maintaining the network. Most of the malware threats are blocked by the XTM device leaving only the benign adware to watch out for.

What needs improvement?

I’m not in favor having to setup security proxy settings instead of just turning them on like you do with the SonicWALL enhanced OS.

For how long have I used the solution?

I have been using XTM device for about two and a half years. I have deployed about 10 XTM SMB devices. All with great success.

What do I think about the stability of the solution?

No issues with stability! When I thought I had an issue, tech support said the issue was with another device connected to it, and they were correct.

What do I think about the scalability of the solution?

I have not been in the position to scale up for my customers.

How are customer service and technical support?

Excellent, although I have very little involvement with technical support, but when I did use technical support, the solution was fast and easy. I love the fact I can set a temporary read only password for WatchGuard tech support to connect to the XTM device and troubleshoot. These feature free my time up from going back and further over the phone for troubleshooting like other products.

Which solution did I use previously and why did I switch?

I have used SonicWALL since 1999. I switched when SonicWALL was sold to Dell and their technical support was hard to work with.

How was the initial setup?

Deployment is easy! Just log in to the web interface and run the wizard. Once the basic setting are done, connect to the XTM device using WatchGuard management suites to finish the setup. The management software allows one to configure the features in an off-line mode and then upload them to the XTM device for implementation.

What about the implementation team?

I’m a certified XTM 11.7 and 11.9 tech, therefore, I deploy the XTM device in-house and I also subcontract remote installation for another SMB company. The local admin run the wizard for me while we are the phone together. Afterwards, I finish the deployment from my local WatchGuard Management software.

What was our ROI?

As a small SMB, there is little profit in the sales and renewals for the XTM device. Most of my ROI is in the features of the device; security features, policy rules, reporting, and live connection monitoring.

What's my experience with pricing, setup cost, and licensing?

Investment is the XTM device ($395+), security subscription ($170+), and the initial setup (one to two hours depending on the features needed for the customers). After that, there is very little admin time involved in maintaining the XTM device.

Which other solutions did I evaluate?

I was looking for another solution to replace my SonicWALL when WatchGuard offered me a free instructor led certification course.

What other advice do I have?

Become certified or hire a certified firm or person, do not try to configure the advanced feature without the training. This is not your SMB office store product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user1143
Network Manager at a healthcare company with 51-200 employees
Vendor
WatchGuard Firebox X 1250e is a great firewall with a lot of functionality at an affordable price.

Valuable Features:

Setup and configuration is straightforward with excellent management interface.Rule setup is simple and logical with integrated proxies and other features and does not require knowledge of cryptic languages.Features eight 10/100 interfaces and provides features like stateful packet inspection and intrusion prevention.Powerful VPN capability is provided with 600 Branch Office VPNs, 400 Mobile VPN (IPSec) Tunnels and 500 Mobile VPN (SSL) Tunnels.

Room for Improvement:

No real cons device is working fine

Other Advice:

Ideal for Medium sized businesses which require multi-layered security solution with centralized management. Firewall features are great with excellent filtering services.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user1266
Network Manager at a local government with 51-200 employees
Vendor
Great firewall. I can always depend on it.

Valuable Features:

Flawless. I have had my firebox for 3 years now and never had an issue with it. Rules can easily be configured and preset rules are very helpful for less experienced admins. Has many advanced features and could feasibly be setup as your primary network management tool. Performance logging and resource monitoring is powerful and intuitive.

Room for Improvement:

Sometimes the local firebox management tool is flaky. The web management interface makes up for that.

Other Advice:

Awesome value for the price. This is a bug free firewall that has kept my network secure. I don't have to worry about it. When I had questions about upgrades and features, customer support was helpful. I looked at zywall, but their customer support is non-existant and firmware flaky.
Disclosure: I am a real user, and this review is based on my own experience and opinions.