You Know You Need It. A Look Under the Hood of WatchGuard Security
December 27, 2021
You Know You Need It. A Look Under the Hood of WatchGuard Security
Score 10 out of 10
Vetted Review
Overall Satisfaction with WatchGuard Network Security
Scope: My client depended on me to design the security system from the ground up within their budget. This meant covering the workstations, laptops, and server room. Challenges: The client had outgrown their original design and was concerned that the old security setup was not meeting their needs. Emails were not filtered enough and staff were constantly reminded to be on their guard. In addition, malware and other threats were targeting the workstations. Not frequently, but enough to be on their radar. Staff was found to be browsing improper websites and the concern was that it was not being actively monitored. This led to concerns regarding the abuse of bandwidth for downloading other material not related to the business. WatchGuard Solutions: The network was redesigned and we selected the Firebox Appliance with Total Security Suite. This included gateway filtering for viruses and malware, website category blocker, firewall active log recording, and file download protection. We also added the VPN aspect for remote workers. RESULT - WatchGuard was implemented with very tight controls. At its best, it protected the network from a ransomware attack. We could not save the infected workstation, but the payload was not delivered, so the servers remained secure and untouched.
- Firewall - IPS active blocking
- Firewall - Geo blocking
- Firewall - authentication methods
- Firewall - real time log monitoring
- The best filtering is done using proxy scanning. It is also the hardest aspect to understand and least documented.
- Updating the firmware (so the threat signatures) should be scheduled or automated.
- Critical alerts and notifications for those on support programs, should not be optional. Patching or updating the firewall should be first priority.
- Protected it against a ransomware attack.
- Mitigates and reduces the attack surface on a daily basis by using geoblocking and strict policies.
- While hard to give a value, it has helped to contribute to a reduction of 70% in IT support costs over two years.
NA - we are a reseller / service provider to our clients.
Firewall cannot be chosen on simplicity. The packaged features are each accounted for and researched. IP policy port masking, geoblocking, and the use of updating the firmware as part of the operating system were crucial for us as they indicated a commitment to each product from WatchGuard. Supporting it further with sales discounts to change hardware every three years is also a positive consideration. In the end, it was more of a question of did it have everything we needed.
I have used the old checkpoint firewall and their appliances and cisco multi-devices. As we deal with many small businesses, I have come across many flavors of entry-level firewalls. Apart from cisco and checkpoint, WatchGuard is more expensive and the trick is to find something which is solid and affordable. Most people choose based on a budget. At the entry-level, this is a huge error. Not all firewalls are created equally. Additionally, running out of support after the first year and NOT renewing it, is also not a good idea. The decisions and choices are technical. Rely on someone who is certified (ask for their credentials and experience). You wouldn't ask your dentist for legal advice, would you?
Do you think WatchGuard Network Security delivers good value for the price?
Yes
Are you happy with WatchGuard Network Security's feature set?
Yes
Did WatchGuard Network Security live up to sales and marketing promises?
Yes
Did implementation of WatchGuard Network Security go as expected?
Yes
Would you buy WatchGuard Network Security again?
Yes