Advanced Network Security for Dummies
Updated October 16, 2024

Advanced Network Security for Dummies

John Delaney | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with WatchGuard Network Security

WatchGuard Network Security is our gateway from the internet and between our offices and colocation facilities. We do our own web hosting, IP PBX, WiFi, VPN access, and TDR with WatchGuard devices as our firewalls. All our WatchGuard units handle site-to-site VPNs to our offices and CoLogcations and route our different VLANs. We also utilize their wireless access points for office wifi access and WIPS.

Pros

  • Firewall Protection
  • Customer Support
  • Cloud Management
  • Training sessions
  • Cloud Management

Cons

  • Migration from premise management to cloud management is painful and not worth the trouble
  • Cloud management is not yet a complete product
  • poor support for older products
  • Panda Endpoint Security product line and integration with existing products is confusing
  • Fast and Automated updates to AV and IPS to address new threats if you apply the savings of lower amounts of security incidents to your ROI
  • The complete lack of support for previous access points once a new model is released. Making a recent acquisition of some WIFI 5 units means they become garbage when we upgrade to WPA3 and WiFI6/7
  • Firmware and software updates have never had an issue or altered a rules, so no additional or prolonged outages for maintenance.
  • Their communication has gotten better with the release of monthly emails on the current and resolved issues, making searching for information less time-consuming.
We worked with eMazzanti Technologies and it was great. They know there stuff.
We haven't noticed value other than being secure. There message has gotten muddy recently with the acquisition of Panda and trying to merge everything into a unified system. They unified web platform still isn't great as the product names and renaming is very confusing. You need a really good WatchGuard certified VAR like eMazzanti to navigate it all.
Remote, scheduled firewall firmware updates are a breeze now. Remote logs are nice, but we use their Dimension product. We can't transition our firewall configs to the cloud as not all features are supported and there is no migration process. Its a wipe and start new style migration, if you can call it that. If your a business that does not deal with offering public Wi-Fi, get your WAPs elsewhere.
We work with eMazzanti on all our WatchGuard purchases. I can't express enough how great they have been. They take all our questions, big and small, and get answers to them. They don't care if you are a small customer or a huge customer, all are treated as important. They will bring in WatchGuard subject matter experts and sales engineers should their expertise not be able to answer our questions and concerns and are not afraid to have them on a call with us. They have even escalated our WatchGuard issue that has open tickets to help us.
We used to pick and choose some of the advanced features based on need and device. So for example, we would only get ATP Blocker on the devices that screened files, such as email servers. Now we are forced to get everything, used or not. While a little is more costly, this isn't necessarily a bad thing. Now we budget the full cost and if needs change during the year, there is no need to get emergency funding to enable a feature or replace a box. We also end up getting things like EDR, that we would not have considered otherwise, expanding our security.
WatchGuard wins hands down in its simplicity. All the predefined service profiles, support, ability to migrate from one device to another with the same configuration make them a complete win. Sure you can get stupid complex configurations with a Cisco, but you can really get into that with WatchGuard if you wanted, it's just not needed. People think of WatchGuard devices like a firewall, but it's not. It's a real router, BGP, STP, and all that. It handles multiple interfaces from different sources. It's a VPN device with multiple VPN implementations available that are not vendor-locked. It can log, it can log to a free WatchGuard virtual reporting machine (Dimension) and to the cloud. It can integrate with some helpdesk software for automatic ticket creation on failures. They have single sign-on, MFA and so much more. You need to take a look at your needs, and your future potential needs, and then you can really see what WatchGuard Network Security has to offer.

Do you think WatchGuard Network Security delivers good value for the price?

No

Are you happy with WatchGuard Network Security's feature set?

Yes

Did WatchGuard Network Security live up to sales and marketing promises?

Yes

Did implementation of WatchGuard Network Security go as expected?

Yes

Would you buy WatchGuard Network Security again?

Yes

If you are a small office or a managed service provider, WatchGuard is 100% the way to go. The cloud management is ready for new deployments and it's very easy to pick up for new users, but can still be configured to handle complex tasks. There support department is quick to respond to issues and that includes complex setups and end-user misconfigurations. Larger companies at some point are going to want to switch to a Cisco or other product, not because WatchGuard can't do it, but because they are likely already a Cisco or other product shop. If you are an existing user and want to migrate to the cloud, WatchGuard can be painful unless you can prepare for some long downtime or rip and replace it with new units. Anyone should expect to budget annual money for service subscriptions and upgrades of equipment. Some people mistake smaller WatchGuard devices as a home router device, where you buy it, get security updates and toss it when it's time to upgrade.

WatchGuard Network Security Feature Ratings

Identification Technologies
8
Visualization Tools
5
Content Inspection
10
Policy-based Controls
10
Active Directory and LDAP
8
Firewall Management Console
10
Reporting and Logging
8
VPN
10
High Availability
10
Stateful Inspection
10
Proxy Server
8

Using WatchGuard Network Security

30 - They all use firewalled email and VPN access to secure systems.
1 - You need firewall and network design knowledge to support these units. The online documentation alone will not get you there,
  • SSLVPN support
  • 2 form factor security
  • email system protection
  • we can use the WatchGuard appliances as a vlan router instead of an additional router or high end switch.
  • IPS
  • general network traffic monitoring
When they get all the product names, features, migrations, offerings and branding tied together as a single unified set, this platform should be unbeatable, but until then, just a 7

Evaluating WatchGuard Network Security and Competitors

  • Cloud Solutions
  • Scalability
  • Ease of Use
The WatchGuard solution has the flexibility to go with just one of there products and then expand to any of the other offerings without feeling locked into there entire portfolio.
We would have demanded premise to cloud transition demos.

WatchGuard Network Security Implementation

Change management was a minor issue with the implementation - Deploying SSL based VPN is hard as there is no MSI installer or ARM support.
  • SSL VPN Deployment
  • Setting Outbound IP address rules for email
  • lack of transition to cloud based management from local
They are getting everything slowly moved into the cloud, and their cloud implementation has a lot of benefits over previous management tools. Unfortunately, it's just not all there, yet. Be sure to get a trusted, official WatchGuard reseller so all the support you need is available. WatchGuard has a lot more to offer than you expect and a good partner will help you navigate it and be willing to sell you it in bits and pieces, as going all-in can be daunting. While they would like you to, we do not subscribe to putting all our security needs in one vendor, so our workstation endpoints use a different security solution for antivirus and such.

WatchGuard Network Security Support

The people there really know their stuff. our experience is this is not just some farmed out call center with people reading scripts, but knowledgeable technicians. It would be a 10, but you never know what time zone your support rep is in.
We acquired only the support that comes with with the security package we acquire. So total security provides 24x7 Gold support and on some of our older boxes, we get standard 24x7 support as they don't support the advanced features in total security.
Yes - Over the years, I have reported a few bugs. They were all resolved, but if its important, you need to call them. Opening a web ticket can result in getting support staff far outside your time zone and playing pass the baton with different support staff
We had a fan go bad in one of our units. So we opened a case and the next day a brand new unit was delivered to us for replacement. We didn't expect next day delivery for a fan failure when the device had multiple fans. Most services department make you send logs, get proof a fan is bad, take a week to replace, etc. We were impressed.
ProsCons
Quick Resolution
Knowledgeable team
Kept well informed
No escalation required
Immediate help available
Support cares about my success
Quick Initial Response
Poor followup
Problems left unsolved

Using WatchGuard Network Security

ProsCons
Like to use
Easy to use
Quick to learn
Convenient
Feel confident using
Unnecessarily complex
Requires technical support
Not well integrated
Inconsistent
Lots to learn
  • SSLVPN is quick and easy
  • Basic firewall configuration is also quick and easy
  • No MSI installer for SSLVPN client.
  • No ARM support
  • complex operations of firewall
  • No reverse NAT/SNAT
There message has gotten muddy recently with the acquisition of Panda and trying to merge everything into a unified system. They unified web platform still isn't great as the product names and renaming is very confusing. You need a really good WatchGuard certified VAR like eMazzanti to navigate it all.

Comments

More Reviews of WatchGuard Network Security