Watchguard security proposal 2012


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Watchguard security proposal 2012

  1. 1. Security Proposalfor your network
  2. 2. Index•Why we need Watch Guard?•Network diagram•Security Solution•Logs and report
  3. 3. Companies Increasingly “Like” Social Media Robert Half Technology. “SOCIAL WORK? More Companies Permit Social Networking on the Job”. May 26, 2011. Retrieved from:
  4. 4. Users and Applications are Outof Control! 1. Retrieved from: 2. Retrieved from 3. Sources: X-Force, Websense, Whitehat Security, Imperva, 7Scan
  5. 5. Social Networks ThreatenProductivity
  6. 6. You Can’t Control What You Can’t See • Traditional port-based firewalls lack the ability to see, let alone control, many apps • Productivity Loss • Bandwidth-hungry apps slow networks • Data Loss / Attack Vector • Social networks breed a culture of trust • Rife with technical vulnerabilities
  7. 7. WatchGuard Solves Your Problem See the Restrict Enable secure applications in unproductive, & productive use on your insecure & business use of network bandwidth applications draining usage
  8. 8. How WatchGuard Solves Your Problem Identification, control, and reporting on 1800+ applications and sub-functions Applications easy to find – organized by category and searchable by query Broad and granular control of applications Integration with firewall policy table
  9. 9. Network Visibility is Essential• Rich reporting on App usage, users, categories, blocked applications, top clients, and more!
  10. 10. Intuitive Organization SimplifiesYour Workflow• Find applications by category (e.g. Social Network) OR• Query search by application name (e.g. Facebook)
  11. 11. Security Your Way – BroadControl• Establish policy broadly across application category
  12. 12. Security Your Way – GranularControl • Exercise control by user, category, application, & application sub-function
  13. 13. Why WatchGuard Wins with Application Control vs. Palo Alto vs. Fortinet vs. Cisco vs. SonicWall Networks• 1800 applications vs. • WatchGuard has • Application rules • Part of UTM bundle 1200 for Fortinet Application Control; integrated with main (AV, spamBlocker, etc.)• Ease of configuration Cisco ASA does not! policy table • 1800 applications vs. (search; rules for • Application Control 1300 for PaloAlto multiple applications) ease of use (e.g. • Application Control in• Integrated application search) appliance line, reporting including tabletops Watch Application Control Video
  14. 14. XTM Defense-In-Depth InActionWatchGuard vs. Web 2.0 Security Issues • Snags malware, scareware, spyware and GAV malicious scripts IPS • Prevents drive-by-download attacks • Cloud-based service protects you from RED legitimate sites infected with malware • Enables granular control by user, group, or Application IP; and separate control over actions for Control view, post, chat, apps, games, and video
  15. 15. Cornerstone – The ApplicationProxyPacket Reassembly – since 1996 An Application Proxy checks Source IP, Destination IP, Port, Protocol If a matching rule (or service) is found: The proxy then performs deep inspection on the content of the packet, including application layer data.This is the key to finding threats that OTHER FIREWALLS MISS!
  16. 16. Fireware XTM: Making the Most ofYour Network QoS and Traffic Shaping • High-priority traffic gets bandwidth • Low-priority traffic gets available bandwidth Multi-WAN Support • Up to 4 WAN connections supported • Traffic can use multiple WAN connections simultaneously or on a failover VPN Failover • Mission-critical VPN traffic keeps flowing if a remote site becomes unavailable • Traffic automatically fails-over to another gateway IPv6 Readiness • IPv6 Ready Gold Logo validates IPv6 routing • All XTM appliances will support IPv6
  17. 17. Managing XTM Solutions:FlexibilityChoose from three user interface options: Administer your way Command Line Interface WatchGuard Systems Manager Interface Web Interface
  18. 18. Suite of tabbed tools deliverManaging XTM Solutions: Real- information needed to monitor and react to network status Take instant remediativeTime Visibility action, such as adding a site to a blocked sites list Real-time monitoring lets you take instant action to protect your network.
  19. 19. XTM Multi-Box ManagementSaves Time Simultaneously manage from 2 to 100’s of boxes. Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy Align security policies across because it is all very an organization – or apply logical and modifications between boxes straightforward. Francis Lim, IT Manager, Eurokars Group
  20. 20. Securely Connecting Users:VPN• Create VPN by simple drag and drop• Connect any location with Internet access• Select from IPSec, SSL, PPTP• Choose your device: laptop, smartphone, tablet• Define flexible rules to restrict data access to authorized individuals only• Use client or clientless options I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected. Lucas Goh, Head of IT Operations for Asia, Berg Propulsion
  21. 21. What is “Next- Generation”? “Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks. Enterprises need to update their network firewall and intrusion prevention capabilities to protect business systems as attacks get more sophisticated.”(XTM = Next-Generation UTM) “XTM platforms will takesecurity appliances beyond traditional boundaries byvastly expanding security features, networking capabilitiesand management flexibility.”
  22. 22. Next-GenerationSecurity Solutions Next-LiveSecurity® Generation FirewallApplication Control BundleIntrusion Prevention ServiceGateway AntiVirus Security BundleReputation Enabled Defense (RED)WebBlockerspamBlocker
  23. 23. Best-In-Class Security
  24. 24. XTM Performance & Value = Market Leadership Market Share Q3 2011 WatchGuard Check Point SonicWall McAfee Fortinet Cisco $0 $2,000,000 $4,000,000 $6,000,000 $8,000,000 $10,000,000 $12,000,000 $14,000,000 $16,000,000 $18,000,000 $20,000,000 Cisco Fortinet McAfee SonicWall Check Point WatchGuardMarket Share Q3 2011 $8,332,580 $10,575,907 $11,366,568 $13,537,362 $12,743,382 $17,306,073 Source: 2011 Infonetics, 3Q11 Network Security Appliance and Software Worldwide and Regional Market Share.
  25. 25. Industry-Leading Value “The company is strong, the products able, and the pricing can’t be beat.” Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
  26. 26. Why WatchGuard Wins vs. Palo Alto vs. Fortinet vs. Cisco vs. SonicWall Networks• General purpose CPU • Application Control • Simpler admin. task • Gateway AntiVirus beats ASIC for security • HTTPS inspection flows detects malware in all• Real-time visibility • Tightly integrated • Application Control compressed file tools security services ease of use (e.g. formats• 65 bundled reports • UTM performance search) • Email security and anti- vs. only 2 • 2.5 million AV spam capabilities • Simple VPN setup• Multi-WAN signatures vs 25,000 • Comprehensive • Model upgrades by appliance line,• Traffic shaping license key including tabletops• VPN setup wizard Watch Video Comparisons
  27. 27. Moving Security Forward withWatchguard XTM • “Best-in-class” security for comprehensive protection • Recognized security “Trend Setter”, industry “Champion”, and “Leader” • 65 reports included at no extra cost • Real-time monitoring • Intuitive set-up wizards • Multi-WAN support • Market-leading value
  28. 28. Why we need Watch guard•Manage users to access internet.•Filtering content and url of the website.•Filtering by keyword•Filtering and inspect HTTPS.•Web blocker has over 54 categories for IT manager to manage theinternet access.•Report and logs all content accessed by users.•Secure e-mail and web access.•Can be integrated to the Domain controller to apply the policy to manageusers. Watchguard is not only a simple firewall but also it is a good tools for IT Manager to manage their network.
  29. 29. Network and user management.E-mail security
  30. 30. Watchguard XTM features Application control
  31. 31. Watchguard – integated solutions. Protects networks by integrating best-in-class security technologies that enable businesses to manage risks, empower people and improve efficiencies.
  32. 32. Watchguard XTM features
  33. 33. WatchGuard: Industry LeaderGartnerNamed “Leader” in Magic QuadrantMultifunction FirewallsIDC“WatchGuard, one of the first securityappliance vendors, will remain aleader in this market going forward.”Frost & Sullivan“WatchGuard is on its track ofbecoming a major participant in theenterprise-UTM market.”“Measurements have indicated thatWatchGuard has chipped away the marketshare formally held by Fortinet, Cisco, andJuniper.”
  34. 34. Defense-in-Depth — XTM WatchGuard Extensible Threat Management VPN Stateful Content Firewall Security  Layered Security  SSL Deep Reputation IPSEC Packet Enabled Inspection Defense Gateway Antivirus Intrusion Centralized Prevention Spam Management Protection Rich Reporting URL Real-Time Filtering Monitoring Application Control
  35. 35. WatchGuard XTM Series: Unified Threat Management Sized for small businesses to the enterprise All-in-one network security Firewall Integrated with Advance networking features SSL and IPSec VPN (MUVPN/BOVPN) Reputation Enabled Defense (Cloud Security Services) WebBlocker (including full HTTPS inspection) SpamBlocker Gateway Anti-Virus/Intrusion Prevention Services Application Control (More than 1800 signatures!) Three management interfaces–console, web UI, CLI Reporting and real-time monitoring–at no extra cost Model-upgradeable within each series
  36. 36. WatchGuard XTM 5 Series Recommended for main offices/ headquarters with up to 1,500 users Performance driven security for growing mid-size businesses Up to 2.3 Gbps firewall throughput Full HTTPS inspection and VoIP support. Model-upgradeable
  37. 37. Logs and reports• Watchguard does not keep the logs and reports in the samebox.•Watchguard recommends customer to use another computerrunning Win XP to install logs and report managementsoftware to run as Report and Logs server.• This idea is really good for customer to manage and backupthe logs and report information.• Log information could be stored for many years.
  38. 38. Gain Visibility. Gain Insight. Gain Control.WatchGuard Application Control Thank You!