Likelihood to Recommend Sometimes it is really hard to handle. There are so many bugs especially when it comes to ACL or HA creation. Sometimes the Cisco Secure Firewall just needs a restart in order to work but that shouldn't be like that in our environment the Cisco Secure Firewall is the heart of the network and if the Cisco Secure Firewall is down the whole branch is down, for that we need a more reliable product.
Read full review Generally speaking, our customers have standard requirements and the WatchGuard Network Security Firebox is there to ensure they stay protected. We've never had a successful breach on a customer's on-premise setup with a WatchGuard Network Security Firebox installed. 3rd parties (like CCTV, Printers, Login Systems, etc.) do not know which port their devices work over, so we have to identify that with them and there are often delays when this occurs.
Read full review Pros How the firewall works well is normally the firewall is protecting the secure network for the internal network to prevent the attack from external network. normally for the ISP customer, we usually filter the firewall polices only for the server farm, server farm because normally in ISP is the customer doesn't want to be filtered. So only for the server farm, they need the firewall for the enterprise like banking and for the DDoS attack, like the malware attack, something like that. And then sometimes it's some customer in ISPalso, they got the many DDoS attack and then they are using the public ip. When there are using the public ip, they need to protect their ip. So they need to use the firewall. So the firewall is essentially needed. many attackers and many, many things, terrible things have been to the network which has large impact.. Read full review Incoming Torrent attempts were blocked, but outgoing (by a user) were permitted. Similarly, other direct attempts were summarily blocked. provides full administrative support for analysis of usage and scope. strong Wi-Fi support and security - area wi-fi maps They think of all the things secure and I don't have to worry about it. I have not identified anything else that needs improvement - I am well satisfied. Read full review Cons The UI in Cisco Firepower formerly Sourcefire) is complicated and entirely redundant. A lot of these features are not useful, and therefore, it can be removed from the main window. The interface is very slow, with each operation taking a lot of time. Searching through the logs takes too much time. Read full review Bridging ports, after the firewall is setup, isn't as easy as it could be. Cloud integration for management requires recreating the entire device. It should just convert the current config. Adding a Proxy policy should be on a different page from the other policy creation page. Read full review Likelihood to Renew It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
Read full review I'm giving this note to WatchGuard Network Security due to its ease of daily support (after acquiring necessary knowledge in the solution), which allows agility in configuration changes, its integration of several reliable security features (such as SSL VPN, VPN Virtual Interfaces between companies, and others) and functional and stability in operation, with no downtime in the equipment due to problems or malfunctions
Read full review Usability Solution is highly effective, offers a lot of features with constant improvements and additions of new features over time. It's relatively easy to get familiar with the system, especially if transitioning from adaptive security appliances. If this is not the case, as for learnability there's a learning curve but once learned it is relatively easy to remember the details about the system even after a period of non-use
Read full review Although it might take some time to figure out, we have been able to use WatchGuard's online reference library and tech support to create/implement/modify all of our filtering rules and exceptions needed. There really has not been a shortcoming other than perhaps a learning curve.
Read full review Reliability and Availability We have had really good success with Cisco Secure Firewall when it comes to availability. Even when we’ve had temporary issues with one appliance or the other, or with the Firewall Management Center, it has stayed up and defended our network diligently. We even had an issue where the licensing got disabled for multiple days, and it kept spinning like a top
Read full review Applications errors should always be expected in any kind of technology. What matters most is the way you find to resolve it.
Read full review Performance WatchGuard works seemlessly and so in the background you don't realize it's there until you need it!
Read full review Support Rating Customer service has been great. TAC has been mostly able to identify and fix problems that we may have and have been very responsive. If for some reason something isn't fixed right away, they have been adamant on staying with us and working the issues out before things get escalated up the chain.
Read full review We have only had to contact them once during the initial set up to help bring the internet back on line. After that for the most part our systems have been automated, and could easily be checked form their online FAQ and Knowledge base that they provide. Everything else is easily handled from their browser based interface
Read full review In-Person Training We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
Read full review Online Training Online training is good for learning how to use the product. It does not teach security strategy because that is not its intent.
Read full review Implementation Rating In the beginning transition from Adaptive Security Appliance to Cisco Secure Firewall did not look like the best choice. Solution was new, there were a lot of bugs and unsupported features and the actual execution in the form of configuration via Firepower Management Center was extremely slow. Compare configuring a feature via CLI on ASA in a manner of seconds (copy/paste) to deployment via FMC to Secure Firewall which took approx. 10 mins (no exaggeration). Today, situation is a bit different, overall solution looks much more stable and faster then it was but there's still room for improvement.
Read full review I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
Read full review Alternatives Considered We use the FMC as a virtual machine, it combines administration, monitoring and can be used perfectly for error analysis. There are restrictions due to administration without the FMC, so we decided on the FMC as the central administration.
Read full review At 3 of my locations I use both a Sonic Wall and a watch guard. In my experience, the sonic wall has a much better interface. I feel it was much easier for someone that has never accessed a fire wall to be able to make changes and learn very quickly. I feel the Watchguard has better built in applications and the VPN was easier to use and access.
Read full review Scalability We scaled it exactly as we needed it to be! Easy, money-saving, and we didn't end up with features or options that we'd never use or worry about.
Read full review Return on Investment Cisco Secure Firewall has provided a single management interface for all of our devices. We have had issues implementing 1010 in HA where a site was using a dynamic IP previously. Lack of DHCP options has slowed deployment to our smaller sites. Read full review The VPNs are very easy to configure, less time to loose at new implementation. The traffic monitor can be improved, I can't see the ISO layers to do a faster diagnosis. Having an ADDS authentication is a plus, can use it with rules and vpn for remote access. Very useful. The dimension feature can be developed as a website + database for NGINX, Apache2, IIS, etc., I feel traped on that linux vm only. Most of the customers doesn't like to pay for a solution like this. They will accept only after beign attacked. WatchGuard can improve the sales with a demo (hacking, active security, etc.). Read full review ScreenShots WatchGuard Network Security Screenshots