Download - © 2009 WatchGuard Technologies Securing the Future with WatchGuard XTM Network Security Solutions
© 2009 WatchGuard Technologies
Securing the Future with WatchGuard XTM Network Security Solutions
© 2009 WatchGuard Technologies
Meeting Today’s Business Security Needs
IP Networking Technology is Converging
More clients, more traffic hits the network than ever before!
VoIP
Wireless LAN
PC Computing
PowerMobile Computin
g
Internet
New Applications
Network Speed is Accelerating
Broadband for Small Business (US)Comcast: 6 to 50 Mbps
16 Mbps for $99/mo.Quest: up to 20 MbpsVerizon: up to 50 Mbps
Threats are Rapidly Evolving!
Most Common “Child” MalwareMicrosoft Security Intelligence Report 2009
Bot Client (Trojan) Most Popular Payload
Most Common “Parent” MalwareMicrosoft Security Intelligence Report 2009
Malware Volume Out of Control
x3 x6 ???
Malware Delivery More Dynamic/Agile
Between their increased reliance on botnets and the introduction of new evasion techniques, the servers that deliver malware have become much more dynamic and agile
“European cyber-gangs target small US firms”
• Fortune 500 companies are not the only targets– Attackers use malware planted on corporate computers to
initiate fraudulent wire transfers– Cyber criminals stole $750,000 from a small school district
near Pittsburgh– Unique Industrial Product Co., a plumbing equipment
supply company in Texas, lost $1.2 million– JM Test, an electronics calibration co., lost over $90,000
Businesses are More Accountable Than Ever!
• Regulations get tough on irresponsible handling of Personally Identifiable Information (PII).– Hefty fines for non-disclosure– Legal fees
• Businesses can’t operate without adequate network security.– PCI-DSS: comply or lose ability to process credit card
transactions– HIPAA: comply or lose license.
• Direct losses can be massive.
Within This Environment, You Need the Best Solution!
“We’re extremely satisfied with the WatchGuard products…switching to a single provider has made our internal IT department’s work considerably easier.´ Martin Korn, Head of IT & Central Service, Novoferm GmbH
WatchGuard is Bringing New Solutions…
Featuring XTM Series Network Security Appliances
WatchGuard XTM 2 Series
WatchGuard XTM 5 Series
WatchGuard XTM 8 SeriesWatchGuard XTM 1050
14
The Best Protection…
Proactively blocks viruses, worms, spyware, trojans, and blended threats
Out of the box
Over 600,000 appliances shipped since 1996
At the Best Value!
From a Leader in the Industry
Gartner Magic QuadrantSMB Multifunction Firewalls
© 2009 WatchGuard Technologies
WatchGuard XTM Products
XTM Series Target Markets
XTM 2 Series
XTM 5 Series
XTM 8Series 1050
WatchGuard XTM 1050 Solution
10 Gbps Firewall Throughput
2 Gbps VPN Throughtput
XTM Security Platform
Powerful, Flexible Management Tools
Optional Fiber Module Dual hot swap power
supplies and fans Affordable Enterprise-
Grade Security!
WatchGuard XTM 8 Series Solution
• Up to 5 Gbps Firewall Throughput
• Up to 1.2 Gbps XTM Throughtput
• XTM Security Platform
Best Price for the Performance!
Investment Protection A natural fit!
XTM 1050 and 8 Series Speed and Power!
Intel Multi-Core Processor 10-12 Copper 1-Gb Interfaces 2 USB, 1 Serial DB9 2 Gb SDRAM Memory 1 GB Flash Memory 1U – 2U Rack Mounts Complies with NRTL/C, CB, RoHS, WEEE,
REACH Security Certifications in progress: ICSA,
FIPS 140-2, EAL4
Reaching New Heights is a Family Affair! XTM 810 XTM 820 XTM 830 XTM 1050
Firewall Throughput 3 Gbps 4 Gbps 5 Gbps 10 Gbps
XTM Throughput 900 Mbps 1.1 Gbps 1.3 Gbps >1.4 Gbps
1-Gig Interfaces 10 10 10 12
Concurrent Connections (bi-directional)
500,000 750,000 1,000,000 >1,250,000
BOVPN 1000 2000 6000 7000
MUVPN (IPSec) 600 to 2000 700 to 6000 800 to 8000 15,000
MUVPN (SSL) 1000 4000 6000 15,000
VLANs 200 300 400 500
Management with Logging/Reporting
WatchGuard System Manager
WatchGuard System Manager
WatchGuard System Manager
WatchGuard System Manager
Model Upgrade Yes Yes No No
Security Platform Fireware XTM Pro
Fireware XTM Pro
Fireware XTM Pro
Fireware XTM Pro
WatchGuard XTM 5 Series Solution
• Uncompromised performance with 2.3 Gb/s Firewall and 800 Mb/s XTM.
• 7 Ethernet ports including 6 GbE• 4 models from which to choose the best fit.• Runs Fireware XTM 11.2.1 or higher• Managed with WSM 11.2.1 or higher• Market leading value!
Not All Mid-Size Companies are the Same!
XTM 505* XTM 510 XTM 520 XTM 530Firewall Throughput 850 Mb/s 1.4 Gb/s 1.9 Gb/s 2.3 Gb/s
XTM Throughput 275 Mb/s 400 Mb/s 600 Mb/s 800 Mb/s
Concurrent Connections (bi-directional)
40,000 50,000 100,000 350,000
BOVPN 65 75 200 600
MUVPN (IPSec) 5/75 25/100 50/300 400/1000
MUVPN (SSL) 1/65 1/75 1/300 1/600
Local User Database Max. 500 500 1000 2500
Management with Logging/Reporting
WSM 11.2.1 WSM 11.2.1 WSM 11.2.1 WSM 11.2.1
Model Upgrade Yes Yes Yes No
Security Platform Fireware XTM 11.2.1
Fireware XTM 11.2.1
Fireware XTM 11.2.1
Fireware XTM 11.2.1
*XTM 505 is sold with bundled UTM only
Leading Value for Rack Mount Appliances!
5 Series Package Contents
• 1 XTM appliance• 1 rack mount kit• 2 ethernet cables• 1 management cable (RJ-45)• 1 power cord• Getting Started Guide• Hardware warranty card• LiveSecurity Service activation card• 4 rubber pads for the bottom of the device.
WatchGuard XTM 2 Series Solution
• Powerful tabletop appliance with XTM security – perfect for small business.
• 6 Ethernet ports total including 3 GbE
• Wireless-N dual-band (802.11 a/b/g/n)
• Performance to max out your pipe – up to 190 Mb/s firewall and 40 Mb/s XTM.
• Rich networking and management features!
The Network Edge has Range!
XTM 21 XTM 22 XTM 23Firewall Throughput 110 Mb/s 150 Mb/s 190 Mb/s
XTM Throughput 18 Mb/s 30 Mb/s 40 Mb/s
VPN Throughput 35 Mb/s 55 Mb/s 55 Mb/s
Concurrent Connections (bi-directional)
10,000 20,000 30,000
MUVPN (IPSec) 1/11 5/25 5/55
MUVPN (SSL) 1/11 1/25 55/55
Wireless 802.11 a/b/g/n (XTM 21-W)3G Extend Accessory
802.11 a/b/g/n (XTM 22-W)3G Extend Accessory
802.11 a/b/g/n (XTM 23-W)3G Extend Accessory
Management with Logging/Reporting
WSM 11.2.1 WSM 11.2.1 WSM 11.2.1
Model Upgrade Yes Yes No
Security Platform Fireware XTM 11.2.x Fireware XTM 11.2.x Fireware XTM Pro 11.2.x
A WatchGuard XTM Product for Everyone!
Throughput in Mb/s
WorldWide Certifications for All XTM Series
© 2009 WatchGuard Technologies
WatchGuard XTM Software and Services
WatchGuard XTM Ecosystemis Common to All XTM Series
Fireware XTM OS Security
All in one security for hassle-free, layered protection.– VPN– Authentication– Stateful Firewall– Deep Packet Inspection
(Proxy Architecture)– VoIP Security– Additional Content Security
Keys to WatchGuard Technology
Hardware
Dedicated, custom
hardware for max
performance and value
Full-Featured
Management
Proxy-based for
inspection at all OSI
layers
XTM Security enables layered
protection in a single
device
Fireware XTM OS Networking
Networking flexibility for easy implementation, consolidation and maximum uptime– Static IP, DynDNS, PPPoE, DHCP (server, client, relay)– NAT: Static, Dynamic, 1:1, IPSec NAT Traversal, Policy-based NAT,
Virtual IP– Static and Dynamic Routing (BGP, OSPF, RIP v1/v2)– QoS: 8 priority queues, diffserv, modified strict queueing– VLAN: bridging, tagging, routed– High Availability, active/active (FireCluster) and active/passive– Port independence– WAN failover– Load balancing– Transparent mode and drop-in mode.
Fireware XTM Pro
•Fireware XTM Pro includes advanced networking features•Fireware XTM Pro comes standard on XTM 23, XTM 8 Series and XTM 1050•An upgrade from Fireware XTM to Fireware XTM Pro is available for other XTM 2 Series and XTM 5 Series models.
WatchGuard System Manager
No hidden charges – rich management experience out-of-the-box or advanced multi-box management features for just a little more.– Rich reporting out of the box– Interactive realtime management– Log, report, quarantine, WebBlocker and management servers with self-
health monitoring.– Alarms and Notifications: SNMP, email,
system alerts– Role-based Access Control– Web-based report services– Drag-and-drop VPN creation saves hours
Top Client and Per-Client Reports
WatchGuard Servers
WatchGuard Security Subscriptions
WatchGuard Gateway AntiVirus
• What it is:– Blocks Viruses, Worms, Trojans, Spyware, Adware
• Inbound and outbound coverage• HTTP, HTTPS, FTP, SMTP, POP3, TCP-UDP
– Signatures and Behavioral Techniques• Static and dynamic heuristics (code emulation)
• Value– Complements server and desktop solutions– Stop malware before it gets to the corporate network– Prevents corruption and loss of data
• Signature updates checked every hour
• Full compressed file support– ZIP, RAR, TAR, GZIP,
ARC, CAB etc.– Multiple levels
• WatchGuard System Manager and Web UI configuration– Status Dashboard
AntiVirus Features
43
•Securely, Simply, Detecting Mass Outbreaks in Real-time •How it works:
– Detects the repetitive component of each outbreak – Uniquely identifies the DNA of each outbreak– Compares incoming messages with spam DNA in real-time
RPD™ (Recurrent Pattern Detection) Patent Pending Technology
Analyzing Internet Traffic
DNA
Query
Classification
spamBlocker
Real time detection center
• What it is:– Unique, real time spam blocking service for Firebox X and
XTM appliances – Partnered with Commtouch, an industry leader in spam
prevention and mitigation
• Value:– Distinguishes legitimate communication from spam attacks,
blocking 98% of unwanted e-mails– Processing is done off the Fireware appliance so there is
minimal impact to other network traffic processing – Cost effective solution – no need for per user licensing or
separate hardware/appliance
Why WatchGuard spamBlocker
• Simple to setup
• WatchGuard System Manager
• Web UI
• Flexible enough to handle spam in several different ways
• Different Categories for mail
• Confirmed Spam
• Bulk
• Suspect
spamBlocker features
• Another layer of virus prevention– Uses RPD technology to detect email-borne malware outbreaks – Included with spamBlocker - Complements Gateway AntiVirus – New patterns are detected and added to the database in real-
time
Several options for Detected viruses
Virus Outbreak Detection
47
How it works
Real People around the globe
Researching the latest internet scams, spyware, and malicious sites
Global URL database - English, German, Spanish, French, Italian, Dutch, Japanese, Traditional Chinese, and Simplified Chinese sites
24 x 7 x 365 worldwide Internet scanning with people and automation
Reduces malicious Web content entering the network through 30 million blocked URLs and Reduces unproductive Web surfing and potential liability
Blocks access to IM/P2P download sites, WebMail and over 9,000+ spyware sites
Artificial Intelligence
Tracking URL/IP changes, new site content, and retired sites
+
Daily Incremental Updates
Fast and scheduled using minimal bandwidth
+
Block new scams and threats
Within hours=
WebBlockerWebBlocker
• What it is:
– URL filtering with 54 categories
– Incremental updates to increase productivity and ensure the latest URL filtering protection
– Configurable Exceptions (Whitelist / Blacklist)
– Reports of web access, attempted policy violations, and Internet usage
• Value:– Increase employee productivity and limit liability– Flexibility to block the specific site categories you require– Increased legal and regulatory protection– Pricing based on “Per Box” vs. “Per Seat”
Why WatchGuard WebBlocker
49
User must type the password to get access to the destination
WebBlocker – Local Override
• What is it:– Signature protection against known vulnerabilities– Signatures updated on regular basis
• Value:– Protects against SQL injection, cross-site scripting (XSS),
buffer overflows, remote file inclusions, worms– Protects against spyware– Prevents attackers from running system code, crashing, or
assuming control of systems behind Firebox or XTM appliance
Intrusion Prevention Service
• Specify action to take when signature matches
• Optional spyware signatures
• Option to scan http headers only to improve performance
• Signatures can be added to exclusion list
IPS Features
LiveSecurity® for XTM Series
Standard Plus Gold
XTM 1050XTM 8 SeriesXTM 5 Series
Appliance bundles and renewals
Security bundles and
renewals
NEW – single box coverage
avail. soon
XTM 2 Series Appliance bundles plus renewal SKUs
Not offered Not offered
Hours 12 x 5* 24 x 7 24 x 7
Incidents per year 5 5 No Limit
Target response time 4 hours 4 hours 1 Hour
Advanced Hardware Replacement
Software upgrades and patches
LiveSecurity® Alerts and Broadcasts
* (6 AM - 6 PM in your local time zone)
Purchase Together for Layered Security
• Free trials available• Individual Subscriptions• Security Bundle
– Best Value– Includes all 5 services– 1, 2, or 3 year bundles or renewals
Best Price for Performance in the
industry!Dedicated
appliances tuned for high throughput
Fireware XTM Pro with advanced
networking
LiveSecurity Service with 24/7 Technical Support
High Availability with FireCluster, VPN and
WAN Failover features
Fireware XTM OS with VPN, Auth, Proxy-driven DPI and XTM Services
(GAV, IPS, spamBlocker, WebBlocker)
You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series
WatchGuard XTM 2 SeriesWatchGuard
XTM 5 Series
WatchGuard XTM 8 Series
WatchGuard XTM 1050
New Threats?
More Traffic?Greater Network Complexity?
Productivity Losses?
Inexperienced IT Staff?
Shrinking IT Budgets?
Best Price for Performance in the
industry!Dedicated
appliances tuned for high throughput
Fireware XTM Pro with advanced
networking
LiveSecurity Service with 24/7 Technical Support
High Availability with FireCluster, VPN and
WAN Failover features
Fireware XTM OS with VPN, Auth, Proxy-driven DPI and XTM Services
(GAV, IPS, sB, WB)
You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series
WatchGuard XTM 2 SeriesWatchGuard
XTM 5 Series
WatchGuard XTM 8 Series
WatchGuard XTM 1050
Questions?
© 2009 WatchGuard Technologies
Thank You!