WatchGuard Network Security Review
April 14, 2020

WatchGuard Network Security Review

Mauro Biefeni | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Overall Satisfaction with WatchGuard Network Security

We used WatchGuard firewall hardware solution as the first line of defense for incoming and outgoing data traffic on our network in order to protect the entire organization. WatchGuard provided us with protection against intrusion and attacks from malicious endpoints, or hack attempts, and allowed us to add applications to the appliance in order to enhance security.
  • Easy to deploy. One does not have to have knowledge of their CLI structure to deploy it which makes it easier for a wider range of people.
  • Traffic analysis
  • Very easy branch to branch VPN setup
  • Powerful reporting
  • Expensive. Adding apps to the appliance can get quite costly. As well, discontinuing an application can cause disruption of service without warning.
  • LOTS of configurations that you can tweak to get the job done. Yes this is a CON too. There are so many things you can change that it can be a bit cumbersome at times.
  • Often required a reboot as traffic would stop for no (known) reason.
  • We found WatchGuard to be overall too pricey for our IT budget. ROI was not there.
  • We found the appliance we had to be too quirky and required regular reboots, which was a time-waster.
  • We found that the appliance was actually limiting our Internet bandwidth to 100mbps up/down and when we replaced it with pfSense we noted it actually has 1000mbps up/down.
We did not work with a WatchGuard Network Security partner as we have an in-house Network Security Administrator who knows his stuff quite well. He was able to set up and keep the appliance working, add domains, open ports as required, etc. The only issue we had was with the actual performance of the appliance itself.
The WatchGuard interface was actually fairly intuitive and even though we had a dedicated network admin, quite possibly a technically savvy user would be able to administer most of the required functions of the firewall. Again, the only issue to me would be the catch-22 when you discontinue certain add on applications, this can cause serious problems without explanation as it just blocks all data flow.
The implementation of the WatchGuard appliance and the setup for connectivity and applications, etc. was very good, due to the fact that we have a Network Admin who understands the system and was able to configure things properly for our office as well as for our US warehouse to have a VPN connection to our main office in Winnipeg.
The basic coverage of the WatchGuard appliance was good, but if you really wanted to harness the power of it, you would need to add on apps and this again was costly and also problematic when we decided to remove certain features in order to save money. It sounds like it would be a great deal all in, but like most companies these days, they all work towards that constant money flow of the subscription models.
We now use pfSense as it is open source and can be installed on any computer as long as you have the hardware you need to support it.

As far as ease of use, WatchGuard is definitely easier to use, but pfSense is more powerful with more options included with it. This is why it is more complicated to set up because there are so many things you can do with it. If you have a decent network admin I would recommend pfSense. If you need something easier to manage that will still offer the protection you need, I would recommend WatchGuard.
WatchGuard Network Security may be well suited for companies who have a decent budget for IT, need decent protection options and reporting capabilities, and are willing to deal with the quirks.

WatchGuard may not be well suited for smaller environments where there is not a big budget available as you will need to settle for a less robust appliance and the apps can be quite expensive as well.

WatchGuard Network Security Feature Ratings

Identification Technologies
Visualization Tools
Content Inspection
Policy-based Controls
Active Directory and LDAP
Firewall Management Console
Reporting and Logging
High Availability
Stateful Inspection
Proxy Server
Not Rated