Watchguard Review for the busy Network Admin
November 19, 2021

Watchguard Review for the busy Network Admin

Isaac Shaw | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with WatchGuard Network Security

We are using the Watchguard Network Security Firewall within our network. Several different departments are using it like the remote fire departments and VPN users. It provides site-to-site VPN connectivity from our remote locations as well as for remote users who might work from home. While keeping our network secure from outside hackers, the WatchGuard allows for only traffic from the VPN users or thru the VPN tunnels with authentication and encryption.

Pros

  • Intrusion detection & prevention.
  • Gateway Antivirus, detecting and eliminating viruses.
  • Remote VPN connectivity for external employees.

Cons

  • Watchguard policy creation can really get complicated. When you create a policy you can create a proxy action which ties to a proxy action, per the protocol which ties to a proxy action for that protocol, which ties to the web blocker policy that can be adjusted per its own web blocker action. Each of these steps can be confusing especially if you don't have a consistent naming convention to tie back to the original policy. It does work though you just have to be consistent.
  • I can't manage 3rd party certificates from the system manager because the function is not there. If you go to the help WatchGuard website it directs you to Firebox System Manager - View - Certificates and you can import certificates. Those instructions are outdated as the "view" option in not even available anymore. You can go to file - certificates, but that only brings up a window that say the system manager will retrieve the new certificates as needed. You can manage and import a 3rd party certificate from the web interface by going to system - certificates, but I prefer one pane of glass.
  • In the Aliases section, Watchguard should include "in brackets" after each alias if it's in use or not. Within the Watchguard Policy Manager, if you go to setup - actions - proxies .. . WatchGuard already lists out which proxy actions are not in use by putting in brackets after the action (not used). Such a simple thing, but if you add this to aliases it would make cleanup of old aliases much easier instead of having to hunt thru every policy. Maybe make a report function that would list all the policies that an alias is in.
  • The Watchguard firewall VPN feature has been very instrumental in allowing users to work from home during COVID thru VPN connections.
  • The Watchguard firewall has also been very useful in keeping out any hackers from other countries and as well locally.
  • The ability of the Watchguard firewall to monitor traffic as well as get updates regularly for IPS/IDS and antivirus has been very valuable to us.
We have worked with Gov Connection to purchase the WatchGuard firewall and licenses. Very good support from a sales perspective. We would buy from them again.
The initial migration from the Cisco ASA to the WatchGuard firewall was done through a 3rd party vendor 6 years ago. I would recommend documenting everything and making sure to keep a diligent naming convention with routes and policies.
The simplified packaging and licensing have made registering and documentation much easier. I've made an excel sheet and just keep up with the expiration date of the licensing per device rather than per license.
I've found the Cisco ASA to be rather confusing to implement. Although the WatchGuard might have its own level of understanding needed I've found it to be easier overall to implement. I am CCNA certified and a Cisco fan but still prefer the WatchGuard over the ASA.

Do you think WatchGuard Network Security delivers good value for the price?

Yes

Are you happy with WatchGuard Network Security's feature set?

Yes

Did WatchGuard Network Security live up to sales and marketing promises?

Yes

Did implementation of WatchGuard Network Security go as expected?

Yes

Would you buy WatchGuard Network Security again?

Yes

The Watchguard network security firewall is really a good product for what it does, keeping your network safe and allowing only specific traffic that you designate thru. So they have different models of firewalls some for the small business and others for more of a corporate environment. The firewall is well suited in both environments as well as those in between. Just make sure the get the right one for the size of your network and the number of end-users. I would not get an M4600 for a small remote location as that would be entirely overkilling, but instead may be a T40. Just have to gauge it correctly.

WatchGuard Network Security Feature Ratings

Identification Technologies
9
Visualization Tools
9
Content Inspection
9
Policy-based Controls
10
Active Directory and LDAP
8
Firewall Management Console
9
Reporting and Logging
8
VPN
10
High Availability
9
Stateful Inspection
8
Proxy Server
8

Comments

More Reviews of WatchGuard Network Security