Watchguard Firewall — Software

Using a combination of full-pattern and in-the-cloud scanning, GAV scans HTTP, SMTP, POP3, FTP, and HTTPS traffic. It strips malware before it reaches endpoints. The proxy-based architecture means you can block even encrypted threats if you’ve enabled HTTPS inspection.

Main office has a Firebox M-series. Remote lawyers use the IKEv2 VPN client with MFA (AuthPoint). The DLP policy blocks any attempt to email client Social Security numbers without encryption. The firm also runs a Firebox Cloud instance in AWS for their case management system, connected back to the main office via an IPSec tunnel.

Are you looking for:

But Fireware alone is just the foundation. The real power comes from the subscription-based security services that run on top of it.

The classic Windows-based management suite. Includes: watchguard firewall software

Standard subscription tiers:

A hidden gem in the Web UI: Policy Tracer lets you simulate traffic (source IP, destination, port, protocol) and see exactly which firewall rule it will hit. This is a lifesaver for complex rulebases with hundreds of policies. Main office has a Firebox M-series

This means you can have identical security policies on a branch Firebox T-series and a cloud-hosted Firebox Cloud instance. The management software (WatchGuard Cloud or System Manager) treats them as identical nodes.