From Firewall Specialist to Full-Stack Security Powerhouse: How BOC IT-Security Built a Business on WatchGuard
Bernd Och founded BOC Computersysteme GmbH in 1992, selling everything from servers to switches and when WatchGuard began selling firewalls in Germany, Bernd was there from the very first minute. While they started by reselling a broad range of products, he eventually realized a decision needed to be made: focus the entire business on a single vendor. In 2007, Bernd founded BOC IT-Security GmbH as a spin-off, going 100% all-in with WatchGuard and never looking back. Every product sold, every certification earned, every customer conversation held has been rooted entirely in the WatchGuard ecosystem. Under the leadership of Maik Lumler, that unwavering commitment has transformed BOC IT-Security from a firewall-focused reseller into one of Germany’s most specialized and fastest-growing cybersecurity practices, with WatchGuard Endpoint at the center of its most powerful growth story yet.
Too Many Vendors, Not Enough Depth
Before fully committing to WatchGuard, BOC IT-Security faced a challenge familiar to many MSPs: a fragmented vendor portfolio that created operational drag and made it nearly impossible to build deep expertise.
“It’s really hard to keep track of all the technical improvements and developments if you have 50 different vendors in your portfolio,” said Lumler. “And in Germany, we have a really hard time with a shortage of IT workers with a lot of experience. Solutions that help us with easy configuration and an efficient way to get things installed and running, those are the game changers.”
The tight IT labor market made the case for simplification even more urgent. BOC IT-Security needed a platform that a lean, highly trained team could deploy quickly, support confidently, and scale without friction. WatchGuard fit that need, and BOC IT-Security decided to go all in.
Why WatchGuard Endpoint Stood Apart
When WatchGuard acquired Panda Security and launched its endpoint portfolio, BOC IT-Security moved quickly. The integration between network and endpoint, with true XDR communication in a single console, was exactly what Lumler had been waiting for. “I don’t know so many vendors that have both firewalls and endpoint and have integrated them so they can speak together with real XDR communication,” he said. “WatchGuard already has that. And that’s very important for us.”
Having previously used ESET, Lumler knew the endpoint market well. What set WatchGuard apart wasn’t just consolidation, but also the architecture.
“The thing that is really different with WatchGuard endpoint is the 100% application whitelisting with Zero Trust,” Lumler said. “In every case, even if you authorize a software to run, the software is checked in WatchGuard Cloud through all the different engines. It’s really hard to configure an example where nothing is checked. A lot of vendors claim they do Zero Trust, but WatchGuard strictly keeps that promise.”
That conviction shaped how BOC IT-Security positions the product to customers. When a client came to BOC IT-Security following a security incident, already running WatchGuard Fireboxes but lacking endpoint protection, the immediate response was to deploy WatchGuard Endpoint Security 360 (previously EPDR) across all systems and use lock mode to prevent reinfection. “With WatchGuard endpoint protection, you can prevent re-infection very easily,” Lumler noted. “You put it in lock mode, that works really, really well.”
Scaling Endpoint Across the Customer Base
Today, endpoint security represents more than 30% of BOC IT-Security’s total business, a figure that has grown steadily and shows no signs of slowing. Additionally, nearly 50% of all endpoint licenses BOC IT-Security sells are bundled with patch management, a module Lumler considers essential for customers needing to meet compliance requirements under frameworks like NIS2.
A key driver of that growth has been the simplicity of deployment. BOC IT-Security has built a standardized best practice installation process that gets endpoint protection up and running in two hours at a flat rate of 280 EUR, regardless of whether the customer has 5 or 500 employees.
“We need two hours to configure our best practice and get the solution running in your company,” Lumler said. “I don’t see any other vendor with a solution that would be able to be so fast and efficient. It’s really nice with WatchGuard products to get fast to the point where it is running, and you are safe.” The only example I can think of where it’s even faster would be MDR, with a turnaround time of 30 minutes from the time the order is placed.
That speed of deployment also creates a powerful sales motion. When engaging customers who have never used WatchGuard, BOC IT-Security can offer product training alongside implementation, giving administrators the confidence to manage their environment from day one.
“I often say to customers: if you have a new trainee in your team, give me two hours with them, and I can teach them the important features — patch management from start to finish, deploying new endpoints, hardening the environment,” Lumler said. “That perhaps shows the differences from some competitors. They are sometimes really massive and complex to install.”
Expanding the Platform and Partnership
Endpoint was the entry point, but it opened the door to a much broader platform conversation. Network Access Enforcement has become another cornerstone of BOC IT-Security’s endpoint conversations, particularly for customers who have been resistant to MFA adoption. “It’s almost only a checkbox to save, and you have a second factor, which is the endpoint on the device,” Lumler said. “That’s super simple and highly effective. I love that feature.”
MDR is the newest frontier. BOC IT-Security currently has approximately 3,500 MDR seats deployed and is targeting 5,000 by year end, drawn in part by WatchGuard’s willingness to support MDR for customers with as few as 15 seats.
“I’m really on fire with the MDR products,” Lumler said. “WatchGuard is a solution where you can start with MDR in smaller environments, but there are competitors that don’t touch you if you have less than 100 seats. WatchGuard is the solution for small and mid-sized companies, and it’s perfect.”
A Team Built for Depth
BOC IT-Security’s growth from 10 employees in 2020 to 23 today reflects a deliberate philosophy: every person on the team holds every WatchGuard certification relevant to their role. No handoffs, no knowledge gaps.
“I want every support technician to have all the knowledge of all the WatchGuard products,” Lumler said. That depth of expertise means customers typically reach a certified specialist in under 60 minutes, a differentiator that drives both retention and new customer acquisition from competitors offering slower, less specialized support. The result is a business that has more than doubled in revenue over five years, reaching €8.84 million in 2025, a 124% year-over-year growth rate.
A Message for Other Partners
For MSPs that still think of WatchGuard primarily as a firewall company, Lumler has a direct message: “Sometimes technicians are a little too comfortable with their old solutions,” he said. “Give (WatchGuard’s) endpoint a chance. It’s not a product that requires weeks of studying. The things you must have to be compliant with NIS2 or any EU requirements are all in the products, and it’s really, really fast and effective to set up.”
For BOC IT-Security, the decision to go all in on WatchGuard and expand fully into endpoint security wasn’t just a technology choice. It was the foundation of a business model built around depth, trust, and the kind of expertise that customers call first and competitors can’t replicate. It has proven to be a decision that continues to pay off not only in business growth but also in building a valuable partnership between BOC IT-Security and WatchGuard.