Watchguard Review for the busy Network Admin
Overall Satisfaction with WatchGuard Network Security
We are using the Watchguard Network Security Firewall within our network. Several different departments are using it like the remote fire departments and VPN users. It provides site-to-site VPN connectivity from our remote locations as well as for remote users who might work from home. While keeping our network secure from outside hackers, the WatchGuard allows for only traffic from the VPN users or thru the VPN tunnels with authentication and encryption.
Pros
- Intrusion detection & prevention.
- Gateway Antivirus, detecting and eliminating viruses.
- Remote VPN connectivity for external employees.
Cons
- Watchguard policy creation can really get complicated. When you create a policy you can create a proxy action which ties to a proxy action, per the protocol which ties to a proxy action for that protocol, which ties to the web blocker policy that can be adjusted per its own web blocker action. Each of these steps can be confusing especially if you don't have a consistent naming convention to tie back to the original policy. It does work though you just have to be consistent.
- I can't manage 3rd party certificates from the system manager because the function is not there. If you go to the help WatchGuard website it directs you to Firebox System Manager - View - Certificates and you can import certificates. Those instructions are outdated as the "view" option in not even available anymore. You can go to file - certificates, but that only brings up a window that say the system manager will retrieve the new certificates as needed. You can manage and import a 3rd party certificate from the web interface by going to system - certificates, but I prefer one pane of glass.
- In the Aliases section, Watchguard should include "in brackets" after each alias if it's in use or not. Within the Watchguard Policy Manager, if you go to setup - actions - proxies .. . WatchGuard already lists out which proxy actions are not in use by putting in brackets after the action (not used). Such a simple thing, but if you add this to aliases it would make cleanup of old aliases much easier instead of having to hunt thru every policy. Maybe make a report function that would list all the policies that an alias is in.
- The Watchguard firewall VPN feature has been very instrumental in allowing users to work from home during COVID thru VPN connections.
- The Watchguard firewall has also been very useful in keeping out any hackers from other countries and as well locally.
- The ability of the Watchguard firewall to monitor traffic as well as get updates regularly for IPS/IDS and antivirus has been very valuable to us.
We have worked with Gov Connection to purchase the WatchGuard firewall and licenses. Very good support from a sales perspective. We would buy from them again.
The simplified packaging and licensing have made registering and documentation much easier. I've made an excel sheet and just keep up with the expiration date of the licensing per device rather than per license.
I've found the Cisco ASA to be rather confusing to implement. Although the WatchGuard might have its own level of understanding needed I've found it to be easier overall to implement. I am CCNA certified and a Cisco fan but still prefer the WatchGuard over the ASA.
Do you think WatchGuard Network Security delivers good value for the price?
Yes
Are you happy with WatchGuard Network Security's feature set?
Yes
Did WatchGuard Network Security live up to sales and marketing promises?
Yes
Did implementation of WatchGuard Network Security go as expected?
Yes
Would you buy WatchGuard Network Security again?
Yes
Comments
Please log in to join the conversation