TrustRadius
WatchGuard NGFW, Layered Security that makes you feel warm insideOur WatchGuard NGFW is being used by our entire organization as a corporate firewall. All traffic, to include remote facility VPN flows through our WatchGuard M470. Our M470 NGFW addresses many business problems including, but not limited to: web proxy / filtering, firewall, IPS, gateway anti-virus, data loss prevention, reporting, Advanced Persistent Threat and corporate VPN access. When discussing NGFW characteristics, I believe that it goes beyond just features and capabilities...I feel that a true NGFW brings an aspect of collaborating and verification of data/information available within the environment. The WatchGuard NGFW products do just that. We have utilized the WatchGuard products since 1999 and have never been disappointed or let down by the vendor. Technical support (with a subscription) is always available and have always provided business-class professional service and support to our company.,Strength: I believe a major strength is in the services they provide and the upgrades available to NGFW owners. While certain features are subscription based, they provide you with many options to customize and "layer" your security model. Strength: As long as you have a subscription of Total Security Suite, you have access to the Dimension appliance which provides logging, reporting and management features for your NGFW. The Dimension appliance runs either on VMWare or Hyper-V and is a power tool for visualizing firewall traffic and subscription based statistical data, and it only takes literally minutes to get it up and running to collect data. Instructions are available on the WatchGuard support site and are simple and easy to follow whether you're an experienced IT professional or not. Strength: Software & Firmware updates are a breeze and can be performed via hard client or over the internet from the web client. The system will perform a backup prior to performing any updates and usually only take a few minutes to complete. Strength: Traffic Monitor. Visualization of data is clean and uncluttered. Whether you are looking at firewall traffic to determine why a certain user or device is getting denied through the firewall or why a website is getting blocked by a particular computer, it is as simple as filtering what characteristic you want to look at in the traffic monitor and sit back and watch. The traffic stream is able to be paused in the viewer enabling you to copy and paste and search for what you need. Strength: The WebBlocker service is extremely flexible to configure. There are 2 choices: You can use the WebBlocker cloud, which gives you tons of categories to filter, or you can utilize an on-premises WebBlocker server. Both enable you to easily set up exceptions as well as an override password. Strength: This is one heck of a strength in my opinion as it lets you block whole countries. I use this extensively to block a large portion of countries that are notorious for nefarious activity. Strength: IPS - If you have a detected intrusion, the system will let you know as well as provide an alarm. You can visualize the information from the WatchGuard Dashboard via the web interface. Strength: Dashboard for Subscription Services. All subscriptions services are available in one easy to read dashboard. Keeps you informed of all activity in a graphical layout. If you need to drill down, you can utilize either a reporting server or the Dimension appliance.,Con: (May not be Con for everyone) Many newer firewalls that provide VPN functionality have auto discovery and are easy to set up. I am not implying that the WatchGuard NGFW is hard to set up VPN on, I am stating that it is not automated. you must know how to choose your IP addresses for your remote and local locations as well as set up traffic rules. On a positive note, WatchGuard technical support will assist you in setting it up quickly. Con: (May not be Con for everyone) Most all firewalls that I have dealt with must be maintained in some way. Whether it's a annual maintenance cost or subscription based services, you will need to plan for an annual budget to cover the cost of whatever security / support package you select for your company. I consider it a cost of doing business as you either want to be protected or you don't. Con: VPN client. WatchGuard provides a free SSL-VPN client, however the IPSEC VPN client is a 3rd party client. I would like to see them provide a WatchGuard IPSEC client that isn't 3rd party.,10,Positive: As a Aerospace & Defense company, we must comply with flow down requirements from the government as it relates to CyberSecurity and data protection. WatchGuard has provided the foundation on which we build that protection platform. Layered NGFW security defenses coupled with end point protection and vulnerability scanning provide us with an ROI that can only be measured in uptime and zero loss of work. Positive: Intuitive and easy to use interface helps us save time when troubleshooting traffic blocking issues or any denied traffic. Positive: Access to the WatchGuard Dimension Appliance, which provides an extensive data collection tool enabling our IT department to monitor traffic and seek out anomalies quickly.,,SYSPRO, Microsoft Office 365, Microsoft Visio,Yes,10,Yes,I was required to set up a point to point VPN between our two locations and was having an issue with the configuration. The cutover was scheduled for a Saturday and I needed to have the equipment pre-configured to just drop in. I called tech support on the Monday before install and the tech went through every aspect of the setup and configuration with me until it was complete. All I had to do was drop the equipment in place, plug in the power and network connections and I was done. The tech was amazing and patient with me and was able to figure out quickly what configuration mistake I made. Turned out that I mistyped an encryption password.,Software & Firmware Updates Creating new policies Setting up WebBlocker Services Setting up subscription services Setting up Dimension Applinace,VPN Setup Making sure your services are tied to your policies. you have to drill down to verify.,10WatchGuard - solid firewalls for small to medium businesses.WatchGuard is one of the many firewall options utilized for my clients. They are terrific business-grade firewalls that protect networks against attacks and allow extremely customizable rules and filters to regulate traffic and end users. They are easy to configure and maintain and have all of the features that can be expected on an industry-grade firewall appliance.,Business-grade appliance with all of today's security features. Intrusion Detection and Prevention is one of the best out there. Highly customizable content filtering can stop individuals, groups, or entire networks from accessing websites and categories.,Working within the web interface can sometimes be challenging, needing to use the Desktop Manager, software that requires installation. Firmware updates are a bit "odd" in that they require downloading and installing a firmware version, then manually grabbing the files from the folder installed and pushing them to the appliance.,8,Excellent solution to protect local networks, very compatible with standard Windows networks. Very competitively priced appliances even with security services. Very good product for multi-site installations, work well together and in unison.,SonicWall TZ, Barracuda NG Firewall, Sophos SG Firewall Appliances and Cisco Meraki MX FirewallsSolid Value and clarity for SMB's that demand clear insights into network protectionWe use them at 4 sites currently, to manage external Internet Access Drains (IAD) and for VPN to VPN failover between those sites. Since one is used at the main site, we have the entire organization being secured by them. They are centrally managed by Watchguard System Manager, and all policies are synced in that manner through that server- yet we still have individual views into each. We also use the Dimension Server to aggregate the logs and activity. The problems addressed by these firewalls are: 1) Easy to use interface GUI 2) Several windowed views such as HostWatch (Sees what internal IPs are talking to what) and a good dashboard for the overall health of the connections, and the policy viewer, among a few. 3) Web blocker and other subscription services make fast and easy setup to stop poor choices by users before they cause issues.,User-friendly GUI (for the most part- firewalling can get complicated, so some topology knowledge is necessary), allows for fast reconfigurations of rule sets. Comes with 25 SSL-VPN keys. Easily supports RADIUS authentication if desired. Very visual interfaces for Hostwatch, dashboard, etc. System Manager can control all the firewalls from a single pane of glass. The Dimension Server can log and display relevant information desired from all endpoints at once, or singly.,Setting up a VPN to VPN auxiliary network for failover has not been either easy or worked very well for us. Automatic failover to redundant circuits locally has not worked, althoiugh semi-permanent use of local drains for http services does work well. I'd like to see alerts for when the failover networks are in use or when they fail back - if we can get it to work.,8,We have stopped over a billion (!) attacks on our networks with the built in IDS (Intrusion Detection System). We have tracked and blocked poor user surfing habits due to the insights we get with the hostwatch and dimension servers. The one negative is in their warranty - we had an electrical issue take out a firewall (possible lightning?) and got no credit towards replacement, although the license remainder was added on. Overall a good ROI.,,Netwrix Auditor, RackFoundry Total Security Management, Meraki MS Switches,3,3,Web Blocker- keeps people from doing something ill-advised and dangerous IDS- automatically fends off millions of attacks every month Remote offices connect through VPN or can use a local IAD (Internet Access Drain) while connected to the WAN to save on traffic between sites and remain encrypted and secure HostWatch allows realtime visibility into network traffic and external to internal connections Dimension logs traffic and can be used in numerous ways,I am not certain that our use would be considered either innovative or unexpected- this is really meant to normalize the user experience and business impact. Perhaps this isn't quite the product that this general question would encompass.,Creating a VPN to VPN mesh network with auto failover via the auxiliary circuits/alternate media (Cable, DSL, etc.) in the event of the loss of fiber to our main facility is a goal of ours.,9,Yes,9,Yes,Yes- We were moving from one facility to another for one of our branch offices in North Dakota, and we needed to cutover the network to new IP addresses and the new network while the old one was still up. When the time came to forklift the racj from the old site to new, we had to engage the LEC and WAN providors to make the cut. It took them into the very late hours and our watchguard support engineers stayed with us until very late (early in the am) as we troubleshot several thrid party vendor issues (mostly the new fire alarm people- they couldn't seem to understand Ethernet connections as opposed to telephone landlines- which we didn't have...).WatchGuard vs OthersIt is being used by 2 of the legal entities that I manage. It is being used mainly as an internet security device.,Ease of use Well priced Very stable,Not on par with newer solutions Does not have a lot of local representation,6,It has worked well Little to no consulting needed for administration,Sophos UTM
Unspecified
WatchGuard NGFW
9 Ratings
Score 8.1 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

WatchGuard NGFW Reviews

WatchGuard NGFW
9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.1 out of 101
Show Filters 
Hide Filters 
Filter 9 vetted WatchGuard NGFW reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-4 of 4)
  Vendors can't alter or remove reviews. Here's why.
Joe Spradlin profile photo
September 27, 2018

Review: "WatchGuard NGFW, Layered Security that makes you feel warm inside"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Our WatchGuard NGFW is being used by our entire organization as a corporate firewall. All traffic, to include remote facility VPN flows through our WatchGuard M470. Our M470 NGFW addresses many business problems including, but not limited to: web proxy / filtering, firewall, IPS, gateway anti-virus, data loss prevention, reporting, Advanced Persistent Threat and corporate VPN access. When discussing NGFW characteristics, I believe that it goes beyond just features and capabilities...I feel that a true NGFW brings an aspect of collaborating and verification of data/information available within the environment. The WatchGuard NGFW products do just that. We have utilized the WatchGuard products since 1999 and have never been disappointed or let down by the vendor. Technical support (with a subscription) is always available and have always provided business-class professional service and support to our company.
  • Strength: I believe a major strength is in the services they provide and the upgrades available to NGFW owners. While certain features are subscription based, they provide you with many options to customize and "layer" your security model.
  • Strength: As long as you have a subscription of Total Security Suite, you have access to the Dimension appliance which provides logging, reporting and management features for your NGFW. The Dimension appliance runs either on VMWare or Hyper-V and is a power tool for visualizing firewall traffic and subscription based statistical data, and it only takes literally minutes to get it up and running to collect data. Instructions are available on the WatchGuard support site and are simple and easy to follow whether you're an experienced IT professional or not.
  • Strength: Software & Firmware updates are a breeze and can be performed via hard client or over the internet from the web client. The system will perform a backup prior to performing any updates and usually only take a few minutes to complete.
  • Strength: Traffic Monitor. Visualization of data is clean and uncluttered. Whether you are looking at firewall traffic to determine why a certain user or device is getting denied through the firewall or why a website is getting blocked by a particular computer, it is as simple as filtering what characteristic you want to look at in the traffic monitor and sit back and watch. The traffic stream is able to be paused in the viewer enabling you to copy and paste and search for what you need.
  • Strength: The WebBlocker service is extremely flexible to configure. There are 2 choices: You can use the WebBlocker cloud, which gives you tons of categories to filter, or you can utilize an on-premises WebBlocker server. Both enable you to easily set up exceptions as well as an override password.
  • Strength: This is one heck of a strength in my opinion as it lets you block whole countries. I use this extensively to block a large portion of countries that are notorious for nefarious activity.
  • Strength: IPS - If you have a detected intrusion, the system will let you know as well as provide an alarm. You can visualize the information from the WatchGuard Dashboard via the web interface.
  • Strength: Dashboard for Subscription Services. All subscriptions services are available in one easy to read dashboard. Keeps you informed of all activity in a graphical layout. If you need to drill down, you can utilize either a reporting server or the Dimension appliance.
  • Con: (May not be Con for everyone) Many newer firewalls that provide VPN functionality have auto discovery and are easy to set up. I am not implying that the WatchGuard NGFW is hard to set up VPN on, I am stating that it is not automated. you must know how to choose your IP addresses for your remote and local locations as well as set up traffic rules. On a positive note, WatchGuard technical support will assist you in setting it up quickly.
  • Con: (May not be Con for everyone) Most all firewalls that I have dealt with must be maintained in some way. Whether it's a annual maintenance cost or subscription based services, you will need to plan for an annual budget to cover the cost of whatever security / support package you select for your company. I consider it a cost of doing business as you either want to be protected or you don't.
  • Con: VPN client. WatchGuard provides a free SSL-VPN client, however the IPSEC VPN client is a 3rd party client. I would like to see them provide a WatchGuard IPSEC client that isn't 3rd party.
WatchGuard has NGFW appliances for any size business large or small and is well suited for companies that want a comprehensive and layered approach to cybersecurity. WatchGuard provides a plethora of options that enable IT professionals to tailor not only the services provided, but the annual costs as well. WatchGuard devices can be managed by a small department from one unified console.
Read Joe Spradlin's full review
Derek Schroeder profile photo
December 06, 2018

WatchGuard NGFW Review: "WatchGuard - solid firewalls for small to medium businesses."

Score 8 out of 10
Vetted Review
Verified User
Review Source
WatchGuard is one of the many firewall options utilized for my clients. They are terrific business-grade firewalls that protect networks against attacks and allow extremely customizable rules and filters to regulate traffic and end users. They are easy to configure and maintain and have all of the features that can be expected on an industry-grade firewall appliance.
  • Business-grade appliance with all of today's security features.
  • Intrusion Detection and Prevention is one of the best out there.
  • Highly customizable content filtering can stop individuals, groups, or entire networks from accessing websites and categories.
  • Working within the web interface can sometimes be challenging, needing to use the Desktop Manager, software that requires installation.
  • Firmware updates are a bit "odd" in that they require downloading and installing a firmware version, then manually grabbing the files from the folder installed and pushing them to the appliance.
WatchGuard is perfectly suited for small to medium businesses. They have a wide variety of models depending on size, bandwidth, and throughput. There are several large scale competitors and it is a fierce market, but WatchGuard is definitely holding their own when it comes to the appliance and security services suite provided.
Read Derek Schroeder's full review
Bill Holmberg profile photo
September 15, 2017

WatchGuard NGFW Review: "Solid Value and clarity for SMB's that demand clear insights into network protection"

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use them at 4 sites currently, to manage external Internet Access Drains (IAD) and for VPN to VPN failover between those sites. Since one is used at the main site, we have the entire organization being secured by them. They are centrally managed by Watchguard System Manager, and all policies are synced in that manner through that server- yet we still have individual views into each. We also use the Dimension Server to aggregate the logs and activity.

The problems addressed by these firewalls are: 1) Easy to use interface GUI 2) Several windowed views such as HostWatch (Sees what internal IPs are talking to what) and a good dashboard for the overall health of the connections, and the policy viewer, among a few. 3) Web blocker and other subscription services make fast and easy setup to stop poor choices by users before they cause issues.
  • User-friendly GUI (for the most part- firewalling can get complicated, so some topology knowledge is necessary), allows for fast reconfigurations of rule sets.
  • Comes with 25 SSL-VPN keys.
  • Easily supports RADIUS authentication if desired.
  • Very visual interfaces for Hostwatch, dashboard, etc.
  • System Manager can control all the firewalls from a single pane of glass.
  • The Dimension Server can log and display relevant information desired from all endpoints at once, or singly.
  • Setting up a VPN to VPN auxiliary network for failover has not been either easy or worked very well for us.
  • Automatic failover to redundant circuits locally has not worked, althoiugh semi-permanent use of local drains for http services does work well.
  • I'd like to see alerts for when the failover networks are in use or when they fail back - if we can get it to work.
If you have a limited staff, the WatchGuard platform offers clear time saving advantages, and doesn't require an engineering degree or lengthy CISCO training as other firewalls do, and is far superior in performance and ease of use and visibility into network traffic than cheaper alternatives - while not being as expensive as the CISCO world or Fortinet. [It’s] Ideal for medium sized businesses using on-prem firewalling, and some SMB budgets as well. Most of all, it's pretty intuitive for techs with a network background and is easy to use and there is a host of free training from WatchGuard. There are also certification routes which are affordable.
Read Bill Holmberg's full review
Ramon Vazquez profile photo
August 04, 2017

WatchGuard NGFW Review: "WatchGuard vs Others"

Score 6 out of 10
Vetted Review
Verified User
Review Source
It is being used by 2 of the legal entities that I manage. It is being used mainly as an internet security device.
  • Ease of use
  • Well priced
  • Very stable
  • Not on par with newer solutions
  • Does not have a lot of local representation
WatchGuard NGFW is well suited for smaller companies that have less security worries. Not so appropriate for larger companies that have more requirements.
Read Ramon Vazquez's full review

About WatchGuard NGFW

Categories:  Firewall

WatchGuard NGFW Technical Details

Operating Systems: Unspecified
Mobile Application:No