Guardicore is a segmentation company, now part of Akamai since the late 2021 acquisition, aiming to displace legacy firewalls. The Guardiocre software-only approach is decoupled from the physical network to provide a faster alternative to firewalls. It is built for the agile enterprise that offers greater security and visibility in the cloud, data-center and endpoint.
N/A
WatchGuard Network Security
Score 8.9 out of 10
N/A
WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.
This is the best possible solution for enterprise-level organizations where server counts will be in the thousands. To manage these and understand the communication can be very cumbersome without this tool. Ease of creation map zone and application-wise can be relaxing to OS teams and support teams as well. There is no limit to labeling schema of servers and it gives the freedom to do so.
Generally speaking, our customers have standard requirements and the WatchGuard Network Security Firebox is there to ensure they stay protected. We've never had a successful breach on a customer's on-premise setup with a WatchGuard Network Security Firebox installed. 3rd parties (like CCTV, Printers, Login Systems, etc.) do not know which port their devices work over, so we have to identify that with them and there are often delays when this occurs.
I'm giving this note to WatchGuard Network Security due to its ease of daily support (after acquiring necessary knowledge in the solution), which allows agility in configuration changes, its integration of several reliable security features (such as SSL VPN, VPN Virtual Interfaces between companies, and others) and functional and stability in operation, with no downtime in the equipment due to problems or malfunctions
The solution is deployed throughout the organization. Teams are working and integrating it with the help desk tool wherever required. Helps in identifying the network traffic flows in lateral movement and east and west as well. Allows policies by default and later fine-tuning to be done to narrow it and enforce blocking action. Exporting reports from the tool is easy and can be observed for any issues.
Although it might take some time to figure out, we have been able to use WatchGuard's online reference library and tech support to create/implement/modify all of our filtering rules and exceptions needed. There really has not been a shortcoming other than perhaps a learning curve.
Availability has always been a strong point of this product, it is rare that watchguard does not have a solution for customers' network monitoring needs.
The performance of WatchGuard Network Security is very good, in the years that we have used the solution we have only had a single error and Watchguard itself was able to solve it. Furthermore, when purchasing any product, the partner always evaluates the capacity of the solution to recommend the most appropriate product for our needs.
Support has been available 24*7. It also depends on criticality but support is available. Also, the right expertise from the team helps in identifying the issue quickly and this helps in less production downtime if required. The ticket is resolved with RCA.
We have only had to contact them once during the initial set up to help bring the internet back on line. After that for the most part our systems have been automated, and could easily be checked form their online FAQ and Knowledge base that they provide. Everything else is easily handled from their browser based interface
We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
1) No limit to labeling schema. 2) Ease of creating maps with respect to zone, environment, subnets, etc. 3) Ease of creating policies and publishing the same. 4) Deception 5) Integration with monitoring tool (grafana) 6) Changes in the agent can be considered if there are legacy systems, time-consuming but can be achieved with the right information.
At 3 of my locations I use both a Sonic Wall and a watch guard. In my experience, the sonic wall has a much better interface. I feel it was much easier for someone that has never accessed a fire wall to be able to make changes and learn very quickly. I feel the Watchguard has better built in applications and the VPN was easier to use and access.
This product is very scalable since previously everything related to Watchguard was on premises but that has now changed with the inclusion of watchguard cloud. Now the product has evolved to have full control of firewalls at the cloud level.
The VPNs are very easy to configure, less time to loose at new implementation.
The traffic monitor can be improved, I can't see the ISO layers to do a faster diagnosis.
Having an ADDS authentication is a plus, can use it with rules and vpn for remote access. Very useful.
The dimension feature can be developed as a website + database for NGINX, Apache2, IIS, etc., I feel traped on that linux vm only.
Most of the customers doesn't like to pay for a solution like this. They will accept only after beign attacked. WatchGuard can improve the sales with a demo (hacking, active security, etc.).