Likelihood to Recommend Overall, management is not terrible if you have a stable network that is not overly complex. If you don't, this product will take considerable time to plan for an effective solution. I will say support is not very helpful, so if you need assistance after the initial sales rep assisted setup, good luck and be prepared to spend hours on the phone.
Read full review Generally speaking, our customers have standard requirements and the WatchGuard Network Security Firebox is there to ensure they stay protected. We've never had a successful breach on a customer's on-premise setup with a WatchGuard Network Security Firebox installed. 3rd parties (like CCTV, Printers, Login Systems, etc.) do not know which port their devices work over, so we have to identify that with them and there are often delays when this occurs.
Read full review Pros Manage high-privilege access to communications equipment. It allows to be granular in the permissions, to have it integrated with the LDAP users and, most importantly, to audit what tasks each user performed. Profile users and devices and assign privileges and access levels based on that combination. It greatly improves the user experience, since it does not depend on the network it is in, but on the access levels it has depending on the device. It also allows self-managed guest access with approval flow, which is essential for our business. It has also allowed us to automate actions based on findings from StealWatch, Umbrella, AMP, etc. Read full review Incoming Torrent attempts were blocked, but outgoing (by a user) were permitted. Similarly, other direct attempts were summarily blocked. provides full administrative support for analysis of usage and scope. strong Wi-Fi support and security - area wi-fi maps They think of all the things secure and I don't have to worry about it. I have not identified anything else that needs improvement - I am well satisfied. Read full review Cons I guess the user experience itself, it's sometimes a little bit slow, but this is also dependent on the platform and the scale of the deployment of course. But actually functionality-wise it's really, really good. But yeah, it could sometimes be a little quicker to react on the good front. Read full review Bridging ports, after the firewall is setup, isn't as easy as it could be. Cloud integration for management requires recreating the entire device. It should just convert the current config. Adding a Proxy policy should be on a different page from the other policy creation page. Read full review Likelihood to Renew We are so very reliant on Cisco Identity Services Engine at this point that finding another solution would be a big hassle for us.
Read full review I'm giving this note to WatchGuard Network Security due to its ease of daily support (after acquiring necessary knowledge in the solution), which allows agility in configuration changes, its integration of several reliable security features (such as SSL VPN, VPN Virtual Interfaces between companies, and others) and functional and stability in operation, with no downtime in the equipment due to problems or malfunctions
Read full review Usability For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
Read full review Although it might take some time to figure out, we have been able to use WatchGuard's online reference library and tech support to create/implement/modify all of our filtering rules and exceptions needed. There really has not been a shortcoming other than perhaps a learning curve.
Read full review Reliability and Availability We do have to occasionally reboot the servers when they get low on memory, but we're also a few versions behind. Availability has generally been pretty good though with no major outages in the time that we've had it implemented.
Read full review Applications errors should always be expected in any kind of technology. What matters most is the way you find to resolve it.
Read full review Performance ISE performance has never been an issue for us. The system doesn't tend to slow down at all.
Read full review WatchGuard works seemlessly and so in the background you don't realize it's there until you need it!
Read full review Support Rating Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
Read full review We have only had to contact them once during the initial set up to help bring the internet back on line. After that for the most part our systems have been automated, and could easily be checked form their online FAQ and Knowledge base that they provide. Everything else is easily handled from their browser based interface
Read full review In-Person Training We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
Read full review Online Training Online training is good for learning how to use the product. It does not teach security strategy because that is not its intent.
Read full review Implementation Rating I did participate in the implementation of Cisco ISE and while there were times when it was confusing and we had a lot of trial and error, overall the experience was fine.
Read full review I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
Read full review Alternatives Considered So the security team selected Forescout because of its inventory functionality. We have had to utilize Cisco ISE though to actually push the SGT Policies as well as the SGACL mappings and the SXP Propagation across the switch infrastructure. There is a lot more configuration that has to happen in Forescout in order for it to manage the switches.
Read full review At 3 of my locations I use both a Sonic Wall and a watch guard. In my experience, the sonic wall has a much better interface. I feel it was much easier for someone that has never accessed a fire wall to be able to make changes and learn very quickly. I feel the Watchguard has better built in applications and the VPN was easier to use and access.
Read full review Scalability Yes, we have the ability to scale ISE to however many nodes and clusters we want, but of course this takes time and money for licenses.
Read full review We scaled it exactly as we needed it to be! Easy, money-saving, and we didn't end up with features or options that we'd never use or worry about.
Read full review Return on Investment Cisco ISE is fairly expensive, but I feel that the time it saves our team is well worth it. We have been able to roll this our to all of our teams, and they can each manage their own device and it is really convenient to have each team mange their own devices Once it is deployed and configured, it seems like there isn't much upkeep, so we don't have to hire someone to manage it we do it by committee. Read full review The VPNs are very easy to configure, less time to loose at new implementation. The traffic monitor can be improved, I can't see the ISO layers to do a faster diagnosis. Having an ADDS authentication is a plus, can use it with rules and vpn for remote access. Very useful. The dimension feature can be developed as a website + database for NGINX, Apache2, IIS, etc., I feel traped on that linux vm only. Most of the customers doesn't like to pay for a solution like this. They will accept only after beign attacked. WatchGuard can improve the sales with a demo (hacking, active security, etc.). Read full review ScreenShots WatchGuard Network Security Screenshots