Call a Specialist Today! 800-886-4561
Free Shipping! Free Shipping!

WatchGuard Firebox Cloud Small
Extending the WatchGuard Security Perimeter to the Public Cloud


Firebox Cloud

WatchGuard Products
Firebox Cloud Small Series Support Bundles
Standard Support includes 24x7 support with unlimited incidents per year, 4 hour critical/high, 8 hour medium, 24 hour low targeted response times, advanced hardware replacement and software updates and patches.
Firebox Cloud Small with 1-Year Standard Support
#WGCSM001
Our Price: $1,110.00
Firebox Cloud Small with 3-Year Standard Support
#WGCSM003
Our Price: $1,405.00
Firebox Cloud Small Series Basic Security Suite Bundles
Basic Security Suites include Appliance, Standard Support (24x7), Application Control, WebBlocker, spamBlocker, Gateway Antivirus, Intrusion Prevention Service, Reputation Enabled Defense, and Network Discovery.
Firebox Cloud Small with 1-Year Basic Security Suite
#WGCSM031
Our Price: $1,500.00
Firebox Cloud Small with 3-Year Basic Security Suite
#WGCSM033
Our Price: $2,400.00
Firebox Cloud Small Series Total Security Suite Bundles
Total Security Suites include Appliance, Gold Support, Basic Security Suite, APT Blocker, Data Loss Prevention, Dimension Command, Access Portal, DNSWatch, and Threat Detection & Response
Firebox Cloud Small with 1-Year Total Security Suite
#WGCSM641
Our Price: $2,320.00
Firebox Cloud Small with 3-Year Total Security Suite
#WGCSM643
Our Price: $4,235.00
Firebox Cloud Small Competitive Trade In Program
Competitive Trade In to Firebox Cloud Small with 3-Year Basic Security Suite
*Special Pricing for qualifying competitive trade-in products.
#WGCSM083
Our Price: $1,765.00
Competitive Trade In to Firebox Cloud Small with 3-Year Total Security Suite
*Special Pricing for qualifying competitive trade-in products.
#WGCSM693
Our Price: $3,640.00

More pricing below, click here!

Overview:

It’s a fact – businesses are migrating services from on-premises servers into the cloud. Email servers, web servers, customer relationship management systems (CRMs), and file storage are migrating to cloud services. With so much sensitive data moving to the cloud, security is essential. WatchGuard’s Firebox Cloud allows network administrators to extend their security perimeter to protect servers running in public cloud environments.

While cloud service providers are responsible for the security of the cloud, protecting your sensitive data as it moves to and from the cloud falls to you. Under this shared responsibility model, it is crucial that administrators take every step possible to defend their data and deflect cyber criminals. WatchGuard Firebox Cloud brings the protection of WatchGuard’s leading Firebox Unified Threat Management (UTM) appliances to public cloud environments. Firebox Cloud can quickly and easily be deployed to protect servers in a public cloud from attacks such as botnets, cross-site scripting, SQL injection attempts, and other intrusion vectors.

Features & Benefits

  • Quickly and easily protect VPCs from attacks such as botnets, cross-site scripting, SQL injection attempts, and other intrusion vectors
  • Save time with a streamlined UI built for each cloud platform
  • Simplify the process of establishing secure connections to your public cloud environment
  • Increase visibility with WatchGuard’s leading network visibility solution, Dimension
  • Purchase your way, with multiple purchasing options available

Enhance Your Public Cloud Security

WatchGuard Firebox Cloud brings the protection of WatchGuard’s leading Firebox Unified Threat Management (UTM) appliances to public cloud environments. Firebox Cloud can quickly and easily be deployed to protect a Virtual Private Cloud (VPC) from attacks such as botnets, cross-site scripting, SQL injection attempts, and other intrusion vectors.


Available for AWS and Microsoft Azure

WatchGuard’s Firebox Cloud was built specifically to run within AWS and Microsoft Azure and provides a streamlined user interface (UI) that removes elements that aren’t relevant to the selected cloud environment. Firebox Cloud also simplifies the process of establishing secure connections to your public cloud environment by enabling WatchGuard-to-WatchGuard VPN tunnels.


Multiple Purchasing Options Available

WatchGuard has made it easy to get your Firebox Cloud instance up and running in the cloud by providing multiple ways to purchase. You can purchase a Bring-Your-Own-License (BYOL) from a WatchGuard Partner to ensure you benefit from the skills and expertise of a Partner you trust.

Big Data Visibility for Public Cloud Security

WatchGuard Firebox Cloud is completely compatible with WatchGuard Dimension, a cloud-ready network security visibility solution that comes standard with WatchGuard’s flagship Unified Threat Management and Next Generation Firewall platform. Dimension provides a suite of big data visibility and reporting tools that instantly identify and distill key security issues and trends, and deliver valuable insights to set meaningful security policies across all your environments.


Compare Models:


Firebox Cloud Small Firebox Cloud Medium Firebox Cloud Large Firebox Cloud XLarge
Throughput and Connections
Firewall throughput1 2 Gbps 4 Gbps 8 Gbps Unrestricted
Nodes Supported Unrestricted Unrestricted Unrestricted Unrestricted
VPN and Authentication
Branch Office VPN 50 600 6,000 10,000
Mobile VPN with SSL 50 600 6,000 10,000
Mobile VPN with IPSec 50 600 6,000 10,000
Authenticated Users 500 3,000 6,000 Unrestricted

1 Throughput rates will vary based on environment & configuration.


Management

  • Management Platform
    WatchGuard Web UI
  • Alarms and Notifications
    SNMP v2/v3, Email, Management System Alert
  • Server Support
    Logging, Reporting, Quarantine, WebBlocker, Management
  • Web UI
    Supports Windows, Mac, Linux, and Solaris OS
  • CLI
    Includes direct connect and scripting

Security

  • Firewall
    Stateful packet inspection, deep application inspection, proxy firewall
  • Application Proxies
    HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323
  • Intrusion Protection
    Blocks DOS, DDOS, PAD, port scanning, spoofing attacks, address space probes, and more
  • Security Subscriptions
    Application Control, Reputation Enabled Defense, WebBlocker, Gateway AntiVirus, Intrusion Prevention Service, APT Blocker, Data Loss Prevention, Threat Detection & Response

VPN & Authentication

  • Encryption
    DES, 3DES, AES 128-, 192-, 256-bit
  • IPSec
    SHA-2, MD5, IKE/IKEv2 pre-shared Key, 3rd party cert import
  • SSL
    Thin client
  • PPTP
    Server & Passthrough
  • VPN Failover
    Yes
  • Single Sign-On
    Transparent Active Directory Auth.
  • XAUTH
    Radius, LDAP, Windows Active Directory
  • Other User Authentication
    VASCO, RSA SecurID, web-based, local

Networking

  • Operating System
    Fireware
  • IP Address Assignment
    DHCP Client
  • Routing
    Static, dynamic (BGP4, OSPF, RIP v1/v2), policy-based
  • QoS
    8 priority queues, diffserv, modified strict queuing
  • NAT
    Static, dynamic, 1:1, IPSec NAT traversal, policy-based, virtual IP for server load balancing
  • Other Networking
    Port independence

Feature Differences:

Because Firebox Cloud is optimized to protect servers in an AWS virtual private cloud, some setup requirements, configuration options, and available features are different from other Firebox models. This section summarizes the differences between Firebox Cloud and other Fireboxes.

Administration

You must use Fireware Web UI to administer your instance of Firebox Cloud. You can use WatchGuard Dimension to monitor the traffic and security status of the networks your Firebox protects.

You cannot use a WatchGuard Management Server, Policy Manager, or Dimension to administer your instance of Firebox Cloud.

Licensing and Services

All supported features and services are included with Firebox Cloud. Firebox Cloud supports these WatchGuard subscription services:

  • Application Control
  • WebBlocker
  • Gateway AV
  • Geolocation
  • Intrusion Prevention Service (IPS)
  • Reputation Enabled Defense
  • Botnet Detection
  • Data Loss Prevention
  • APT Blocker
  • Threat Detection

For the Bring Your Own License option, you must activate a license key for Firebox Cloud on the WatchGuard website, and add the feature key to your instance of Firebox Cloud.

For Firebox Cloud with a Pay As You Go license, the Threat Detection and Response service does not include Host Sensor licenses.

Network Interfaces

Firebox Cloud supports two to eight interfaces. It supports one external interface (eth0), and up to seven private interfaces (eth1–eth7). All Firebox Cloud interfaces use DHCP to request an IP address. You assign an Elastic IP (EIP) address to the external interface. The internal IP addresses are assigned based on the private networks assigned to your AWS instance.

Because AWS assigns the network interface IP addresses to the instance of Firebox Cloud, you cannot configure the network interfaces in Fireware Web UI. The Network > Interfaces configuration page is not visible in Fireware Web UI for Firebox Cloud.

Default Firebox Configuration

When you launch an instance of Firebox Cloud, it automatically starts with a default configuration. For Firebox Cloud with a BYOL license, you must get a feature key to enable configuration of all features.

The Firebox Cloud Setup Wizard runs the first time you connect to Fireware Web UI. In the wizard you accept the End User License Agreement and choose new passphrases.

After you run the setup wizard, the default configuration for Firebox Cloud is different from other Firebox models in these ways:

  • All interfaces use DHCP to obtain an IPv4 primary IP addresses
  • Firebox Cloud allows more than one Device Administrator to connect at the same time
  • You can connect to any interface for administration with Fireware Web UI
  • The default policies allow management connections and pings to Firebox Cloud, but do not allow outbound traffic from private subnets through Firebox Cloud
  • Licensed subscription services are not configured by default

Feature Differences

Firebox Cloud supports most policy and security features available on other Firebox models. It supports a subset of networking features appropriate for the AWS environment. For supported features, the available configuration settings are the same as for any other Firebox. Most features and options that are not supported for Firebox Cloud do not appear in Fireware Web UI.

Networking features not supported:

  • Drop-in mode and Bridge mode
  • DHCP server and DHCP relay
  • PPPoE
  • IPv6
  • Multi-WAN (includes sticky connections and policy-based routing)
  • Static ARP entries
  • Link Aggregation
  • VLAN Bridge interface
  • Modem
  • FireCluster
  • Gateway Wireless Controller
  • Mobile VPN with SSL Bridge VPN Traffic option

Policies and Security Services not supported:

  • Explicit-proxy and Proxy Auto-Configuration (PAC) files
  • Quotas
  • spamBlocker and Quarantine Server
  • Network Discovery
  • Mobile Security

Authentication features not supported:

  • Hotspot
  • Single Sign-On (SSO)

System Administration features not supported:

  • Dimension (Dimension for monitoring is supported)
  • Management by WatchGuard Management Server or Policy Manager
  • Logon disclaimer for device management connections
  • USB drive for backup and restore

Features you cannot configure from Fireware Web UI:

  • Change the logging settings for default packet handling options
  • Edit the name of an existing policy
  • Add a custom address to a policy
  • Use a host name (DNS lookup) to add an IP address to a policy
  • Add or edit a secondary PPPoE interface
In Fireware Web UI, it is possible to configure some features, such as IPv6 routes, that are not supported for Firebox Cloud. This does not enable the unsupported feature, and does no harm.

Fireware Web UI Differences

For Firebox Cloud, some pages in Fireware Web UI includes information about the Firebox Cloud EC2 instance.

The Front Panel Dashboard

For Firebox Cloud, Front Panel dashboard includes this information about the Firebox Cloud EC2 instance:

  • Instance ID
  • Instance Type
  • Availability Zone
The VM Information System Status Page

The VM Information System Status page in Fireware Web UI includes more details about the Firebox Cloud EC2 instance. To go to the VM Information page, select System Status > VM Information.

The VM Information page includes this information:

  • Instance ID
  • Instance Type
  • Availability Zone
  • Public Hostname
  • Public IPv4 Address
  • Security Group
  • Public Key

The Interfaces Dashboard

The Interfaces Dashboard page in Fireware Web UI includes information about the AWS virtual network interfaces associated with each Firebox Cloud interface.

Screen shot of the Interfaces dashboard, Detail tab

The Interfaces page includes this information:

  • Interface ID — The elastic network interface (eni) ID
  • Public Hostname — The public DNS host name for the external interface
  • Public IPv4 address — The public IPv4 IP address for the external interface
  • Local Hostname — The private DNS host name for the network interface
  • Device Number — The interface number
  • VPC ID — The ID of the VPC where the instance of Firebox Cloud is deployed
  • Link Status — The link status of each interface (Up or Down)
  • DNS Servers — The list of the DNS servers that generate the IP address for the external interface

Use Cases:

The subsequent use cases describe some of the ways Firebox Cloud can add security to your AWS virtual networks.

Protect Servers Deployed on AWS

To provide protection to one or more virtual servers that are accessible from the Internet, you can install a Firebox Cloud instance. Your instance of Firebox Cloud is then the gateway for inbound connections to your servers from the internet. You configure policies and security services on your instance of Firebox Cloud to control traffic to your virtual servers.

Branch Office VPN Gateway

You can configure your Firebox Cloud as a branch office VPN (BOVPN) gateway endpoint so you can maintain a secure VPN connection between your AWS network resources and other networks protected by a Firebox or compatible VPN gateway endpoint. Firebox Cloud supports all the same VPN features as other Firebox models.

Mobile VPN Gateway

You can also enable Firebox Cloud to accept VPN connections from SSL, IPSec, and L2TP mobile VPN clients, and configure policies to control user and group access to your protected AWS network resources.

Please note: Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration.

* Firebox T10-D (DSL) is available in Europe & Australia. Supports ADSL2+VDSL2/ ADSL on WAN port with integrated modem.
**Not available on Firebox T10, T10-W, T10-D

Documentation:

Download the WatchGuard Firebox Cloud Datasheet (.PDF)

Pricing Notes:

WatchGuard Products
Firebox Cloud Small Series Support Bundles
Standard Support includes 24x7 support with unlimited incidents per year, 4 hour critical/high, 8 hour medium, 24 hour low targeted response times, advanced hardware replacement and software updates and patches.
Firebox Cloud Small with 1-Year Standard Support
#WGCSM001
Our Price: $1,110.00
Firebox Cloud Small with 3-Year Standard Support
#WGCSM003
Our Price: $1,405.00
Firebox Cloud Small Series Basic Security Suite Bundles
Basic Security Suites include Appliance, Standard Support (24x7), Application Control, WebBlocker, spamBlocker, Gateway Antivirus, Intrusion Prevention Service, Reputation Enabled Defense, and Network Discovery.
Firebox Cloud Small with 1-Year Basic Security Suite
#WGCSM031
Our Price: $1,500.00
Firebox Cloud Small with 3-Year Basic Security Suite
#WGCSM033
Our Price: $2,400.00
Firebox Cloud Small Series Total Security Suite Bundles
Total Security Suites include Appliance, Gold Support, Basic Security Suite, APT Blocker, Data Loss Prevention, Dimension Command, Access Portal, DNSWatch, and Threat Detection & Response
Firebox Cloud Small with 1-Year Total Security Suite
#WGCSM641
Our Price: $2,320.00
Firebox Cloud Small with 3-Year Total Security Suite
#WGCSM643
Our Price: $4,235.00
Firebox Cloud Small Competitive Trade In Program
Competitive Trade In to Firebox Cloud Small with 3-Year Basic Security Suite
*Special Pricing for qualifying competitive trade-in products.
#WGCSM083
Our Price: $1,765.00
Competitive Trade In to Firebox Cloud Small with 3-Year Total Security Suite
*Special Pricing for qualifying competitive trade-in products.
#WGCSM693
Our Price: $3,640.00
WatchGuard Total Security Software Suite Renewal/Upgrade
Total Security Software Suites include Gold Support, Basic Security Suite, APT Blocker, Data Loss Prevention, Dimension Command, Access Portal, DNSWatch, and Threat Detection & Response.
WatchGuard 1 Year Total Security Suite Renewal/Upgrade for Firebox Cloud Small
#WGCSM351
Our Price: $1,370.00
WatchGuard 3 Year Total Security Suite Renewal/Upgrade for Firebox Cloud Small
#WGCSM353
Our Price: $3,275.00
WatchGuard Basic Security Software Suite Renewal/Upgrade
Basic Security Software Suites include Standard Support (24x7), Application Control, WebBlocker, spamBlocker, Gateway Antivirus, Intrusion Prevention Service, Reputation Enabled Defense, and Network Discovery.
WatchGuard 1 Year Basic Security Suite Renewal/Upgrade for Firebox Cloud Small
#WGCSM331
Our Price: $645.00
WatchGuard 3 Year Basic Security Suite Renewal/Upgrade for Firebox Cloud Small
#WGCSM333
Our Price: $1,545.00
WatchGuard Subscription for Firebox Cloud Small Models
WatchGuard APT Blocker 1-yr for Firebox Cloud Small
#WGCSM171
Our Price: $335.00
WatchGuard APT Blocker 3-yr for Firebox Cloud Small
#WGCSM173
Our Price: $800.00
WatchGuard Data Loss Prevention 1-yr for Firebox Cloud Small
#WGCSM161
Our Price: $160.00
WatchGuard Data Loss Prevention 3-yr for Firebox Cloud Small
#WGCSM163
Our Price: $385.00
WatchGuard WebBlocker 1-yr for Firebox Cloud Small
#WGCSM101
Our Price: $335.00
WatchGuard Gateway AntiVirus 1-yr for Firebox Cloud Small
#WGCSM121
Our Price: $335.00
WatchGuard Intrusion Prevention Service 1-yr for Firebox Cloud Small
#WGCSM131
Our Price: $335.00
WatchGuard Reputation Enabled Defense 1-yr for Firebox Cloud Small
#WGCSM141
Our Price: $335.00
WatchGuard Application Control 1-yr for Firebox Cloud Small
#WGCSM151
Our Price: $335.00
Standard Support Services
Standard Support includes 24x7 support with unlimited incidents per year, 4 hour critical/high, 8 hour medium, 24 hour low targeted response times, advanced hardware replacement and software updates and patches.
WatchGuard 1 Year Standard Support Renewal for Firebox Cloud Small
#WGCSM201
Our Price: $210.00
WatchGuard 3 Year Standard Support Renewal for Firebox Cloud Small
#WGCSM203
Our Price: $505.00
Trade up to WatchGuard Firebox Cloud Small
Trade up to WatchGuard Firebox Cloud Small with 3-yr Total Security Suite
*Special Pricing with the Trade Up Program
#WGCSM673
Our Price: $3,870.00
Trade up to WatchGuard Firebox Cloud Small with 1-yr Total Security Suite
*Special Pricing with the Trade Up Program
#WGCSM671
Our Price: $1,955.00
Trade up to WatchGuard Firebox Cloud Small with 3-yr Basic Security Suite
*Special Pricing with the Trade Up Program
#WGCSM063
Our Price: $2,070.00
Trade up to WatchGuard Firebox Cloud Small with 1-yr Basic Security Suite
*Special Pricing with the Trade Up Program
#WGCSM061
Our Price: $1,165.00
WatchGuard Upgrade to Gold Support
WatchGuard 1 Year Gold Support Renewal/Upgrade for Firebox Cloud Small
#WGCSM261
Our Price: $315.00
WatchGuard 3 Year Gold Support Renewal/Upgrade for Firebox Cloud Small
#WGCSM263
Our Price: $750.00
email subscribe

Enjoy Exclusive Weekly Deals from Virtual Graffiti