WatchGuard Firebox Cloud (BYOL)

My experience with WatchGuard Firebox  has been that it operates similar to other firewall services available in the market, such as Palo Alto and Fortinet, however, it does not provide the same level of throughput and features. 

We are using it as a firewall, enabling geofencing, creating policies to allow or block traffic, and setting up site-to-site VPN connections on the box. WatchGuard Firebox  is deployed on-premises, as it is a hardware box.

The most valuable features of WatchGuard Firebox include everything that a firewall should support, however, they do not quite reach the mark compared to offerings in the market. 

It does support features such as tunnel and policy creation, enabling geofencing and similar functionalities. WatchGuard Firebox simplifies my job through the policies we can define. When we create a policy, it simplifies our workflow, which helps with our overall efficiency.

I hear complaints that the LAN network is slow. It is also difficult to diagnose issues if any devices get compromised; for example, if someone hacks our system, it becomes hard to trace who made changes or accessed the firewall. While it is user-friendly for configuration, troubleshooting is challenging, and they need to improve their system to be more competitive.

I have been using WatchGuard Firebox for five years and only for one customer.

The stability of WatchGuard Firebox is good. That said, performance does vary. Our on-site team has reported feelings of slowness at times. When we verified up to the firewall, it worked fine, but there are issues with traffic hitting the firewall, which could indicate performance problems related to throughput. 

Since we are using an old firewall, that may be part of the issue. I am not sure how the new devices perform.

In terms of scalability, WatchGuard Firebox rates as five out of ten. When I log into the firewall, the user interface and features compared to newer firewalls are not up to the mark, which includes functionalities such as filtering, web filtering, threat protection, user identity, and UTM features that need improvement.

My experience with WatchGuard's technical support has been that it was hard to get them on the call initially. Finally, we connected with someone, and I would rate their support as eight or nine out of ten once we were able to speak with them. The challenge is getting them on the line.

Positive

My role in the initial setup and deployment of WatchGuard Firebox is limited to supporting the existing infrastructure for one customer, as I haven't been involved with any new implementations.

I don't handle the pricing aspect of the solution. 

WatchGuard Firebox is only deployed in one location within my customer's organization, and at the other locations, we are using Meraki and FortiGate. We plan to replace WatchGuard Firebox soon. My impression of the spam blocking capabilities of WatchGuard is not very favorable, as I don't think it is very capable. I haven't noticed effective web ratings or IPS signatures, which may be due to managing an older OS; I'm not certain about the performance of the newer versions. I am not aware of whether the transition to faster ports on WatchGuard Firebox supports maintaining productivity levels during peak usage times. Based on my experience, I would rate WatchGuard Firebox as five out of ten overall.

On-premises

I actually use the host ransomware prevention feature of WatchGuard Threat Detection and Response , and we haven't had issues with that. This is currently maintained by our partner in the WatchGuard management. We are a town hall, but there is an enterprise provider that is currently managing all the WatchGuard Threat Detection and Response  installation.

I am not familiar with the automated remediation tools in WatchGuard Threat Detection and Response and how they help in reducing manual intervention because this is managed by our provider.

I have not yet utilized the cloud sandboxing feature in WatchGuard Threat Detection and Response.

The centralized visibility and control of endpoints in WatchGuard Threat Detection and Response helps coordinate cybersecurity, but this is managed by another tool that is installed in our PCs. It is installed and configured, but we don't use it because the main feature is with the EDR. It is configured but not used as a model per se.

I would like to improve WatchGuard Threat Detection and Response, but I don't manage it directly. The main problem that WatchGuard Threat Detection and Response has is that they use several tools to do the same tasks, and they are sometimes very complicated to use and very slow.

For example, we had Palo Alto deployed 10 years ago, and there were many things that were better managed by Palo Alto than the tools we currently have in WatchGuard Threat Detection and Response. The main concern is about managing tools and having a unified management model for managing the firewalls and response. They have many web interfaces that do many things, but they don't have one tool that does all the things that a firewall should do.

I have been working with WatchGuard Threat Detection and Response for about three years.

The deployment for WatchGuard Threat Detection and Response took about three months because we deployed many components around the system. Previously, we had Palo Alto, and we changed all the structures to WatchGuard Threat Detection and Response. We changed VPN, detection mode for several things such as HTTP navigation, and many other products. The final substitution took about one month. The most delayed deployment was the VPN because we have around 1,000 users.

The technical support of WatchGuard Threat Detection and Response is generally helpful. We have had two issues related to the VPN, and we experienced 24/7 activity from their team. Their support was very powerful as they responded very quickly and stayed online with us for two days.

However, when we find something strange in the firewall, such as access issues or configuration changes, the WatchGuard team has to recompile some new features or make a new deployment to our installation to solve the problem. This was not the case with Palo Alto. They are very powerful in this sector, but they have some issues in the way they manage the firewall system.

Positive

Two years after the deployment, we have found that WatchGuard Threat Detection and Response is more difficult to manage than Palo Alto and Fortinet. Our biggest concern is not about price but about management.

The installation and implementation process of WatchGuard Threat Detection and Response was handled as a part-time job by one person.

I am satisfied with the licensing cost and pricing of WatchGuard Threat Detection and Response because we came from Palo Alto, which is a very expensive firewall. When we tried to renew the Palo Alto license, the cost was beyond any reasonable range. WatchGuard Threat Detection and Response seemed very powerful and appeared to be a good solution, as recommended by our partner. At that time, we had several options, including Fortinet.

I have not seen any positive impact or benefits for my company from using WatchGuard Threat Detection and Response. On a scale of 1-10, I rate this solution a 7.

On-premises

Other

The main use cases for the WatchGuard Firebox  are to protect our customers' network, VPN connection or IPsec, or SSL VPN , as by default, it's a protection of the network and the users, and servers.

WatchGuard Firebox  technical support is very easy for us to contact, and we also have presales engineers such as Jeremy Schramm, who is French and provides excellent technical help; he visits our office one day a month to assist us in trying some solutions.I utilize AI within the WatchGuard Firebox, as we use the interconnection with threat syncs, and AI is implemented; we try to sell our customers XDR  or IDR, so there is AI in the product.I have a good impression of the efficiency for threat detection provided by the WatchGuard Firebox, as we have cybersecurity teams and sell security about the product, so we think it is a good product to protect our clients.

I would like to see the WatchGuard Firebox improved because I work with an experimental presales engineer directly, and we have some presentations regarding the SASE  project under the XDR  solution, so we know the good projects now.The WatchGuard Firebox has certain features, but the challenge is that we have some clients who don't have a network or are only mobile users, which leads us to think the future is in SASE  products, not in the WatchGuard Firebox.The mobile coverage should be included with the WatchGuard Firebox, but in some cases, there is no WatchGuard Firebox because the client has no network or all users are in different locations.

I have been working with the WatchGuard Firebox for probably 10 or 11 years, as we are IT resellers and sell all customers these firewalls, so it's the product by default, and all customers we have have by default, Stormshield WatchGuard Firebox.

I find the WatchGuard Firebox stable with no problems; it's performing well.

I find the WatchGuard Firebox scalable, as it's easy to change configurations from this product to another one, although it's always complicated to buy another product and there are no upgrade solutions at a lower price.

WatchGuard Firebox technical support is very easy for us to contact, and we also have presales engineers such as Jeremy Schramm, who is French and provides excellent technical help; he visits our office one day a month to assist us in trying some solutions.On a scale of one to 10, I would rate the technical support of the WatchGuard Firebox a 10.I would recommend the WatchGuard Firebox to other businesses, as it is very easy to communicate with them for support and the presales engineers, who are very easy to work with.

Positive

The only problem we have with the WatchGuard Firebox is about the price or the options that are very expensive for customers, as other firewalls such as FortiGate  offer free MFA authentication, so the main trouble is the price of the product.

I find that we have no trouble with the WatchGuard Firebox, as it is very simple to install because we have certified engineer installation, so it's very easy for us.

I have faced challenges with the WatchGuard Firebox regarding price since we work with customers who use the Stormshield product, which is less expensive and French-made, while some products from the USA have left a bad impression, and some customers ask us to find another French or European product.

The main differences between WatchGuard Firebox and other solutions such as FortiGate  or Sophos are that I find the product heartbeat in the Sophos product very good; however, in WatchGuard Firebox, there is a similar set of products as firewalls, showing no major difference.

My advice for users looking to start working with the WatchGuard Firebox is that the easiest solution is to realize a POC to test the product, so we can watch and review reports with customers. On a scale of one to 10, I would overall rate the WatchGuard Firebox as a solution a nine.

We have all kinds of customers, including schools, colleges, institutes, and organizations. We do not work in a specific area, and we have a wide range of customers in various sectors.

The Firebox offers valuable features such as network security, URL filtering, UTM features, intrusion prevention and detection, and authentication. It also supports VPN, IPsec, and point-to-point communication. I did not encounter any problems after configuring threat detection and protection, intrusion prevention systems, and intrusion detection systems.

The only problem I have with Firebox is the grouping issue. When implementing a rule using a group of IPs, it is not possible to do that directly. I have to manually add all the IPs, and this is where I think WatchGuard should improve.

I have been using this solution since 2016.

The support system is similar to EPDR and EPP. They will register my case and either call me back, email me, or send me an article or key bulletin if things are sorted out. 

Otherwise, they will take a remote session to resolve the issue. They have a centralized portal where I can get support for EPP and EPDR.

Neutral

Setting up Firebox is not an easy task for everyone. To set up Firebox, one should have at least professional knowledge. Not everyone can do a Firebox setup because it is executed based on protocols. 

One cannot simply pick up Firebox and go through a basic configuration. For Firebox setup, having knowledge equivalent to Cisco CCNA associate level plus professional level is essential. 

Additionally, understanding basic routing and switching is necessary. Having knowledge of IPs and professional skills is crucial. Unlike Sophos, which is easy with a 'next' approach, configuring Firebox requires deep knowledge about protocols and how they work.

My only issue with Firebox is the grouping issue. I recommend Firebox since this device will not let anyone down. If someone drives a Volkswagen, they may find it challenging to switch to another car. It is the same with WatchGuard; once someone adopts this device, they will likely not buy another.  

I rate the overall solution a nine out of ten.

I'm using it in the banking sector only. Basically, I'm using it for security and other purposes, including data loss prevention. Security is the main purpose in banks.

Nowadays, we are using small models for SD WAN also, depending on security purposes. Basically, we have received a good return on investment.

The basic problem is that for every firewall in India, there is a need for a one-year or two-year subscription. That is the main issue for all users. Particularly in India, the cost for renewal after three years is 75% of the hardware cost, which is a significant problem.

I've been using VoiceBot for the last two years.

It's scalable for us. If we're going for more concurrent users, we need to change the entire box. In that case, they provide a discount for replacing the old box. I think it involves seven or eight users.

The technical support is good. Their distributor is in Mumbai, and they arrange everything about support. In case we need the same development PeerSpot or engineers on-site.

Neutral

It depends on the company, however, it usually takes about two hours, not more than that. I have a team of specialists for this, consisting of three people.

Only three or four people are involved. It relies on online support by remote access, not on-site visits.

I don't know the current cost. It's all imported products. It's not assembled in India. It's expensive us here.

Currently, I'm using WatchGuard. I'm also using pfSense in some cases.

The major problem is pricing and licensing loss. In India, the cost for renewal after three years is 75% of the hardware cost, which is a significant problem. Your review may be available to third parties and on third-party websites.

I'd rate the solution eight out of ten.

On-premises