Hackers Shake the WebSeptember 28, 2011Source: http://www.usatoday.com/NEWS/usaedition/2011-09-28-Webpage-hackers-PR INT0_ST_U.htm
Smaller-sized Companies Increasingly Under Attack ….”Cyber security is not just for big businesses. "Thats one of the myths we come across — I am too small," said Stan Stahl, head of a Los Angeles cyber-security company Citadel Information Group Inc. and president of the Los Angeles chapter of the Information Systems Security Assn., a trade group” Source: http://www.latimes.com/business/la-fi-smallbiz-security-20110523,0,5494792.story
Data Breach Costs Continue to Plague Organizations Organizational Cost of a Average Cost Per Record Data Breach Breached $225$7,500,000$7,000,000 $200$6,500,000 $175$6,000,000$5,500,000 $150$5,000,000 $125$4,500,000$4,000,000 $100 2005 2006 2007 2008 2009 2010 2005 2006 2007 2008 2009 2010 Source: Ponemon Institute
You Can’t Control What You Can’t See• Traditional port-based firewalls lack the ability to see, let alone control, many apps• Productivity Loss • Bandwidth-hungry apps slow networks• Data Loss / Attack Vector Social networks breed a culture of trust Rife with technical vulnerabilities
XTM Defense-In-Depth In ActionWatchGuard vs. Web 2.0 Security Issues • Snags malware, scareware, spyware and GAV malicious scripts IPS • Prevents drive-by-download attacks • Cloud-based service protects you from RED legitimate sites infected with malware • Enables granular control by user, group, or Application IP; and separate control over actions for Control view, post, chat, apps, games, and video
Cornerstone – The Application ProxyPacket Reassembly – since 1996 An Application Proxy checks Source IP, Destination IP, Port, Protocol If a matching rule (or service) is found: The proxy then performs deep inspection on the content of the packet, including application layer data.This is the key to finding threats that OTHER FIREWALLS MISS!
Fireware XTM: Making the Most of Your Network QoS and Traffic Shaping • High-priority traffic gets bandwidth • Low-priority traffic gets available bandwidth Multi-WAN Support • Up to 4 WAN connections supported • Traffic can use multiple WAN connections simultaneously or on a failover VPN Failover • Mission-critical VPN traffic keeps flowing if a remote site becomes unavailable • Traffic automatically fails-over to another gateway IPv6 Readiness • IPv6 Ready Gold Logo validates IPv6 routing • All XTM appliances will support IPv6
Managing XTM Solutions: FlexibilityChoose from three user interface options: Administer your way Command Line Interface WatchGuard Systems Manager Interface Web Interface
Suite of tabbed tools deliver information needed to monitor and react to network status Take instant remediative action, such as adding aManaging XTM Solutions: Real-Time Visibility blocked sites list site to aReal-time monitoring lets you take instant action toprotect your network.
Managing XTM Solutions: Satisfy Auditors65 pre-defined reports included. Drill-down forthe data you need — when you need it.
XTM Multi-Box Management Saves TimeSimultaneously manage from 2 to 100’s of boxes. Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy because it is all very logical and straightforward. Align security policies across Francis Lim, IT an organization – or apply Manager, Eurokars Group modifications between boxes
Securely Connecting Users: VPN• Create VPN by simple drag and drop• Connect any location with Internet access• Select from IPSec, SSL, PPTP• Choose your device: laptop, smartphone, tablet• Define flexible rules to restrict data access to authorized individuals only• Use client or clientless options I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected. Lucas Goh, Head of IT Operations for Asia, Berg Propulsion
XTM 33 XTM 33-W XTM 330 Industry-Leading Performance at Each Price PointFirewall Throughput 850 Mb/s 850 Mb/s 850 Mb/s XTM 2050XTM Throughput 45 Mb/s 45 Mb/s 70 Mb/s XTM 1050Concurrent Connections 40,000 XTM 8 Series 40,000 40,000(bi-directional) XTM 5 SeriesPerformanceBOVPN 50 50 50 XTM XTM 3 Series 3 SeriesMUVPN (IPSec) 5/50 5/50 5/55 XTM 2 SeriesMUVPN (SSL) 55 55 55Local User Database 500 500 500 Small Business Midsize Business Service Providers / HeadquartersMax. 1- 50 Users 50 - 250 Users 250 – 500 Users 500 – 1,000 Users 1,000+ UsersModel Upgrade No No No
What is “Next-Generation”? “Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks. Enterprises need to update their network firewall and intrusion prevention capabilities to protect business systems as attacks get more sophisticated.”(XTM = Next-Generation UTM) “XTM platforms will takesecurity appliances beyond traditional boundaries byvastly expanding security features, networking capabilitiesand management flexibility.”
Why WatchGuard Wins vs. Palo Alto vs. Fortinet vs. Cisco vs. SonicWall Networks• General purpose CPU • Application Control • Simpler admin. task • Gateway AntiVirus beats ASIC for security • HTTPS inspection flows detects malware in all• Real-time visibility • Tightly integrated • Application Control compressed file tools security services ease of use (e.g. formats• 65 bundled reports • UTM performance search) • Email security and anti- vs. only 2 • 2.5 million AV spam capabilities • Simple VPN setup• Multi-WAN signatures vs 25,000 • Comprehensive • Model upgrades by appliance• Traffic shaping license key line, including• VPN setup wizard tabletops Watch Video Comparisons http://www.watchguard.com/latest/us-vs-them.asp
Moving Security Forward with Watchguard XTM• “Best-in-class” security for comprehensive protection• Recognized security “Trend Setter”, industry “Champion”, and “Leader”• 65 reports included at no extra cost• Real-time monitoring• Intuitive set-up wizards• Multi-WAN support• ICSA Firewall & IPSec certification• Market-leading value