The Red Hat Ansible Automation Platform (acquired by Red Hat in 2015) is a foundation for building and operating automation across an organization. The platform includes tools needed to implement enterprise-wide automation, and can automate resource provisioning, and IT environments and configuration of systems and devices. It can be used in a CI/CD process to provision the target environment and to then deploy the application on it.
$5,000
per year
WatchGuard Network Security
Score 8.6 out of 10
N/A
WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.
It has helped save us so much time, as it was designed to automate mundane and repetitive tasks that we were using other tools to perform and that required so much manual intervention. It does not work very well within Windows environments, understandably, but I would love to see more integration. I want it to be sexy and attractive to more than just geeky sysadmins.
WatchGuard Network Security is well suited for everyone's needs but isn't well suited for a price conscience consume. They are overpriced for what they are and have a semi enclosed licensing model, so it's hard to use them after their 5-year life cycle has expired. You are forced into another model once your device is EOL even if the device is more than what you need hardware wise.
Debugging is easy, as it tells you exactly within your job where the job failed, even when jumping around several playbooks.
Ansible seems to integrate with everything, and the community is big enough that if you are unsure how to approach converting a process into a playbook, you can usually find something similar to what you are trying to do.
Security in AAP seems to be pretty straightforward. Easy to organize and identify who has what permissions or can only see the content based on the organization they belong to.
YAML is hard for many to adopt. Moving to a system that is not as white space sensitive would likely increase uptake.
AAP and EDA should be more closely aligned. There are differences that can trip users of the integration up. An example would be the way that variables are used.
Event-driven Ansible output is not as informative as AAP.
Sometimes, it is not very intuitive. You'll not know how to use certain features unless you read the documentation.
Some settings in the firebox are not visible unless you enter edit mode. This can cause inadvertent issues if you make a change when you just want to review the settings.
The use of blocks in the design of the Firewatch interface can be confusing. A better design could have been used.
Even is if it's a great tool, we are looking to renew our licence for our production servers only. The product is very expensive to use, so we might look for a cheaper solution for our non-production servers. One of the solution we are looking, is AWX, free, and similar to AAP. This is be perfect for our non-production servers.
I'm giving this note to WatchGuard Network Security due to its ease of daily support (after acquiring necessary knowledge in the solution), which allows agility in configuration changes, its integration of several reliable security features (such as SSL VPN, VPN Virtual Interfaces between companies, and others) and functional and stability in operation, with no downtime in the equipment due to problems or malfunctions
Although it might take some time to figure out, we have been able to use WatchGuard's online reference library and tech support to create/implement/modify all of our filtering rules and exceptions needed. There really has not been a shortcoming other than perhaps a learning curve.
Availability has always been a strong point of this product, it is rare that watchguard does not have a solution for customers' network monitoring needs.
Great in almost every way compared to any other configuration management software. The only thing I wish for is python3 support. Other than that, YAML is much improved compared to the Ruby of Chef. The agentless nature is incredibly convenient for managing systems quickly, and if a member of your term has no terminal experience whatsoever they can still use the UI.
The performance of WatchGuard Network Security is very good, in the years that we have used the solution we have only had a single error and Watchguard itself was able to solve it. Furthermore, when purchasing any product, the partner always evaluates the capacity of the solution to recommend the most appropriate product for our needs.
There is a lot of good documentation that Ansible and Red Hat provide which should help get someone started with making Ansible useful. But once you get to more complicated scenarios, you will benefit from learning from others. I have not used Red Hat support for work with Ansible, but many of the online resources are helpful.
We have only had to contact them once during the initial set up to help bring the internet back on line. After that for the most part our systems have been automated, and could easily be checked form their online FAQ and Knowledge base that they provide. Everything else is easily handled from their browser based interface
We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
I haven't thought of any right now other than just doing our own home-brewed shell scripts. Command line scripts. And how does this compare? It's light years ahead, especially with the ability to share credentials without giving the person the actual credentials. You can delegate that within, I guess what used to be called Ansible Tower, which is now the Ansible Automation platform. It lets you share, I can give you the keys without you being able to see the keys. It's great
I honestly feel they're best in class, I've used other platforms but when it comes to comprehensive security I don't think they offer as many features, or the level of security that we needed. Again the support has been excellent for us too, and keeping our firewalls up to date has proven simple and pretty straight forward.
This product is very scalable since previously everything related to Watchguard was on premises but that has now changed with the inclusion of watchguard cloud. Now the product has evolved to have full control of firewalls at the cloud level.
Increased Productivity - uptime has greatly increased form old system. I believe the percentage would be a decrease in downtime of 35 to 40 percent.
Compliance and regulatory ROI has helped financially offering the WatchGuard Network Security setup for protection to our insurance company. This proof of security has saved us thousands of dollars on our liability insurance.
On the negative side - Performance overhead when implementing deep packet inspection and VPN encryption effect performance of WatchGuard Network Security.
