What users are saying about
Likelihood to Recommend
WatchGuard has NGFW appliances for any size business large or small and is well suited for companies that want a comprehensive and layered approach to cybersecurity. WatchGuard provides a plethora of options that enable IT professionals to tailor not only the services provided, but the annual costs as well. WatchGuard devices can be managed by a small department from one unified console.
- Strength: I believe a major strength is in the services they provide and the upgrades available to NGFW owners. While certain features are subscription based, they provide you with many options to customize and "layer" your security model.
- Strength: As long as you have a subscription of Total Security Suite, you have access to the Dimension appliance which provides logging, reporting and management features for your NGFW. The Dimension appliance runs either on VMWare or Hyper-V and is a power tool for visualizing firewall traffic and subscription based statistical data, and it only takes literally minutes to get it up and running to collect data. Instructions are available on the WatchGuard support site and are simple and easy to follow whether you're an experienced IT professional or not.
- Strength: Software & Firmware updates are a breeze and can be performed via hard client or over the internet from the web client. The system will perform a backup prior to performing any updates and usually only take a few minutes to complete.
- Strength: Traffic Monitor. Visualization of data is clean and uncluttered. Whether you are looking at firewall traffic to determine why a certain user or device is getting denied through the firewall or why a website is getting blocked by a particular computer, it is as simple as filtering what characteristic you want to look at in the traffic monitor and sit back and watch. The traffic stream is able to be paused in the viewer enabling you to copy and paste and search for what you need.
- Strength: The WebBlocker service is extremely flexible to configure. There are 2 choices: You can use the WebBlocker cloud, which gives you tons of categories to filter, or you can utilize an on-premises WebBlocker server. Both enable you to easily set up exceptions as well as an override password.
- Strength: This is one heck of a strength in my opinion as it lets you block whole countries. I use this extensively to block a large portion of countries that are notorious for nefarious activity.
- Strength: IPS - If you have a detected intrusion, the system will let you know as well as provide an alarm. You can visualize the information from the WatchGuard Dashboard via the web interface.
- Strength: Dashboard for Subscription Services. All subscriptions services are available in one easy to read dashboard. Keeps you informed of all activity in a graphical layout. If you need to drill down, you can utilize either a reporting server or the Dimension appliance.
- Setting up a VPN to VPN auxiliary network for failover has not been either easy or worked very well for us.
- Automatic failover to redundant circuits locally has not worked, althoiugh semi-permanent use of local drains for http services does work well.
- I'd like to see alerts for when the failover networks are in use or when they fail back - if we can get it to work.
Likelihood to Renew
Based on 1 answer
To be replaced, we would need to see a clear set of reasons that acutely address the points I have made in favor of this solution, and they would need to be Cheaper, easier to use, give more clarity into the networking, and create easier dashboards and reports for managemnt of users networking and threat actors attempts to compromise the network.
Based on 1 answer
Overall, it is very intuitive and the tech support website provides excellent documentation to set up and implement all features with the NGFW environment. If you are a subscription based customer and up to date on maintenance, the technical support is superb
Based on 2 answers
I give this rating as a result of almost 20 years of interfacing with WatchGuard technical support. Of all my vendors that I have to deal with WatchGuard is one of the best I have ever dealt with bar none. I have seldom finished a call to them without a solution. If they by chance don't have the solution, they will figure it out and get back to you ASAP as well as update the casefile online. Technical support is available via phone and web portal. It takes a few minutes to create a case online, assign a priority and submit. They get back to you depending on the critical nature of the issue, but you can expect urgent attention for critical and catastrophic issues.
Sonicwalls we used previously often required reboots, while the WGNGFW's have been up for over a year without one. Fortinet was clunky and sometimes shut down neeed ports due to false positives. CISCO units are expensive and obtuse- except for the new Meraki Security Appliances, one of which we are testing now.
Return on Investment
- We have stopped over a billion (!) attacks on our networks with the built in IDS (Intrusion Detection System).
- We have tracked and blocked poor user surfing habits due to the insights we get with the hostwatch and dimension servers.
- The one negative is in their warranty - we had an electrical issue take out a firewall (possible lightning?) and got no credit towards replacement, although the license remainder was added on.
- Overall a good ROI.
Premium Consulting/Integration Services—
Entry-level set up fee?