WATCHGUARD VS FORTINET

FIREWALL

NITHIN.V.S Network security consultant Secure Network solutions

Dear sir,

With reference to your requirement for UTM-Firewall would like to produce

before you what all advantages you can have ,,with a watchguard purchase over Fortigate

firewall. Also given a brief insight into features of watchguard.

POINTS OF SIGNIFICANCE:

1.)BETTER UTM PERFORMANCE

Performance of fortinet severly drops-down once utm features are in effect due its ASIC

architecture.

2.)INBUILT LOGGING & REPORTING

Watchguard offers In-built Logging & Reporting features.I.E you can have complete logs &

reports regarding network usage at no extra cost.In case of fortinet you would have to go for a

seperate device ―FORTI-ANALYZER‖(Around 80,000 extra).

3 ) ” SCALABILITY”

Watchguard is the only UTM vendor offering SCALABILITY.I.E suppose in 2 years your

network users increased in event of a new lab set-up etc,In case of fortinet the only option

would be to replace existing box and buy a new box.But with watchguard you can have

upgrade from existing box to any higher model in series by a ―SUBSCRIPTION

UPDATE‖.You thus save a box-purchase.

Nithin.V.S

Secure Network Solutions,

Kerala

WATCHGUARD ADVANTAGE

WatchGuard and Fortinet offer similar overall capabilities; however, WatchGuard offers an

unbeatable combination of performance, security, and ease of use. Fortinet’s UTM product

strategy is based heavily on its ASIC technology. The custom silicon allows their boxes to

run very fast for packet filtering and VPN, but at a considerable penalty for general-purpose

tasks such as AV and IPS scanning,I.e the entire box performance goes doen antivirus/IPS

enabled.

WATCHGUARD UTM BUNDLE

1.)GATEWAY-ANTIVIRUS

2.)SPAM BLOCKER

3.)WEB-BLOCKER

4.)APPLICATION CONTROL

5.)REPUTATION ENABLED DEFENSE

6.)INTRUSION PREVENTION

GATEWAY-ANTIVIRUS

Gateway AntiVirus (GatewayAV) is a fully integrated security subscription for

WatchGuard XTM appliances and comes from industry leader ―AVG‖. It works in tandem

with the application layer content inspection of the XTM to provide real-time protection

against known viruses, trojans, worms, spyware, and rogueware. Gateway AV scans traffic

on all major protocols, using continually updated signatures to detect and block all types of

malware. And because Gateway AV is integrated with WatchGuard XTM security

appliances, you have an easy-to-manage, cost-effective solution without additional hardware

to

purchase and maintain.

FEATURES:

Flexible administrator control

Have the flexibility to define the action to be taken when malware is identified – enabling the

network to allow, block, quarantine, or lock questionable traffic based on type, user/group, and

protocol.

You shall not pass

Scans all major protocols, including HTTP, HTTPS, FTP, TCP, SMTP, and POP3 to block all types

of malware.

Dynamic analysis Dynamic heuristic analysis uses code emulation to identify polymorphic viruses and dangerous

code that signatures don't catch.

Stronger security for web surfing

Multi-layered inspection of HTTP traffic indentifies spyware, adware, keyloggers, and dialers.

Compressed file scanning

Compressed and encoded files are decompressed for inspection, with comprehensive compression

format support.

Quarantine suspect traffic Suspect email can be flagged to go into quarantine, where administrator can restrict access or allow

users to review quarantined files through automatic email alerts.

Optimized for better network performance

Buffered scanning process ensures optimum performance for in-line HTTP scanning.

SPAM-BLOCKER

Spam-blocker in watchguard comes from industry leader ―COMMTOUCH‖ with patented

R.P.D technology and offers significant advantages over fortinet Spam detection.Later in

H.N.L we couldnt block incoming spam mails in your mail-server as fortinet offers only

means to ―TAG‖ spam mails.But with watchguard Spam-blocker we have options to

Block,quarantine,and also Tag spam mails.SpamBlocker provides real-time spam detection

for immediate protection from outbreaks. It's the best solution in the industry at

distinguishing legitimate communication from spam in real time, blocking nearly 100% of

unwanted emails. Spam accounts for up to 95% of global email and remains the most

common method of spreading viruses. It bogs down network traffic and leads unsuspecting

users to malicious web sites designed to steal sensitive personal and company information.

Pervasive as it is, you still have the ability to stop spam cold by adding a spamBlocker

subscription to your WatchGuard® XTM security solution

FEATURES:

Flexible administrator control Decide how messages will be processed, and which users and groups can receive bulk mail. Use

whitelists and blacklists to allow mail from trusted domains. Block, allow, and tag mail for easy

identification and forwarding to dedicated Exchange folders. Works on both SMTP and POP3.

Strong protection Best in the industry at distinguishing legitimate communication from spam outbreaks in real time,

blocking nearly 100% of unwanted email before it reaches the internal mail server.

Virus outbreak detection

New! A powerful layer of real-time anti-virus protection employs RPD technology to recognize

and stop malware with excellent accuracy.

Spam quarantine Users can create a safe, full-featured quarantine for spam, bulk mail, and suspect email messages.

Granular control allows for custom configuration.

Optimized for better network performance

Requires minimal bandwidth and CPU power because most of the processing is done outside the

Internet gateway.

WEB-BLOCKER

Web-blocker in watchguard comes from ―WEB-SENSE‖.It's a fully integrated security

subscription for all WatchGuard XTM appliances. It allows IT administrators to manage

web access and content for stronger security and control of web surfing. WebBlocker blocks

malicious sites to keep your network protected from risky web content. It helps conserve

network bandwidth, prevent legal liability from inappropriate content, and increase

employee productivity while it guards the network against malicious attacks from rogue

websites. And because WebBlocker is integrated with the WatchGuard security appliance,

you have an easy-to-manage, cost-effective solution with no additional hardware to buy.

FEATURES:

Strong administrative control

Configure up to 54 web categories to stop the sites and web tools you most want to block.

Daily incremental database updates

URL database is updated daily to give you the most current protection available.

Flexible configuration

Configure web access by users, groups, domains, time of day, and department requirements to meet

specific business and user needs.

Customizable open-access policies Create custom "Allowed" exception lists for certain web sites, host addresses, or URLs so you can

keep mission-critical access open.

Local override

Administrators can enter a password to temporarily override blocked sites.

Acceptable Use enforcement

Allows you to enforce your acceptable use policies to protect your business from legal liabilities.

Centralized logging and reporting Generate graphical reports of web access, usage, and time of day for the data you need to make

security policy decisions.

APPLICATION-CONTROL

Application-control enables IT administrators to monitor and control access to web and

business applications to enforce policy, and protect productivity and network bandwidth.

Application Control makes it simple to create and enforce acceptable use policies at your

company. With Application Control, you can selectively allow, block, or restrict access to

applications based on a user's department, job function, and time of day. Once you establish

your policy, Application Control allows you to see in real-time what's being accessed on

your network and by whom. You can use this information to demonstrate compliance,

evaluate employee need, and refine acceptable use policies.

FEATURES

Intuitive and Effective Exercise fine-grained control over more than 1,800 applications, organized by category. Application

Control lets you drill down from application category ("P2P") to application name ("Facebook")

and down to application function ("Facebook Chat")..

Signatures...and then Some Sophisticated Behavioral Analysis works overtime, regardless of destination address or L7 protocol,

to ensure applications that exhibit certain patterns of behavior don't escape the gaze of Application

Control — including encrypted applications that are specifically designed to bypass ordinary

security measures.

Dynamic Updates

New applications and new versions are released constantly. Application Control stays current

with regular application signature updates.

Reporting Out of the Box Real-time reporting and monitoring are included. That means no additional software to buy in order

to have complete visibility into network activity.

REPUTATION-ENABLED DEFENSE

Reputation scores from Kaspersky database.

INTRUSION PREVENTION SERVICE

Intrusion Prevention Service (IPS) is a fully integrated security subscription for all

WatchGuard XTM appliances. It works in tandem with the application layer content

inspection of the XTM to provide real-time protection against network threats, including

spyware, SQL injections, cross-site scripting, and buffer overflows. IPS scans traffic on all

major protocols, using continually updated signatures to detect and block all types of

threats. And because IPS is integrated with WatchGuard XTM security appliances, you

have an easy-to-manage, cost-effective solution without additional hardware to purchase

and maintain.

FEATURES Flexible administrator control Have the flexibility to define the action to be taken when malware is identified – enabling the

network to allow, block, or lock questionable traffic based on type, user/group, protocol, and

severity.

Comprehensive threat signatures Signatures cover a broad range of threats, including SQL injections, cross-site scripting (XSS),

buffer overflows, denial of service, and remote file inclusions.

Continually updated database Signatures are updated without interruption as new threats emerge, so you never have to leave your

network exposed.

Highly effective scanning

Scans all protocols, including HTTP, HTTPS, FTP, TCP, UDP, DNS, SMTP, and POP3 to

block network, application, and protocol-based attacks.

Granular control Assign specific actions to take depending on the level of the threat – each signature has a severity

assigned.

Automated source blocking

IP addresses identified as the source of an attack are automatically blocked to prevent further

malicious traffic from entering your network.

REAL-TIME TRAFFIC MONITORING TOOLS With watchguard unlike fortigate we can now have a complete understanding of what is

happening in your network.

TOOLS TO LOOK OUT 1.)Firebox system-Manager

a.)Traffic-Monitor

Can used for real-time network traffic-analysis and monitoring and is a powerful tool for

trouble-shooting.

b.)Bandwidth Meter Shows real-time bandwidth consumption of all interfaces.

c.)Service Watch

Shows real time traffic-usage of all services used(http,https etc).

2.)Host-watch

Shows real-time visualisaton of all connections from your network.

In Fortigate no possible way to have real-time analysis other than tedious

command-line monitoring.

WATCHGUARD LOGGING & REPORT SERVER Unlike Fortinet which requires expensive FORTI-ANALYZER for watchguard log &

report server are in-built.Every traffic in network is stored in log-server which report server

collects and prepares scheduled as well as On-demand reports.More than 55 categories of

reports are available .

Highlighting the one's of significance as far as H.N.L is concerned. 1.)PER-CLIENT BANDWIDTH USAGE

Reports the bandwidth usage of every internet connected systems in network.

APPLICATION-USAGE REPORTS

Displays appication usage trend in network.

PER-CLIENT AUDIT REPORTS

Displays complete list of all web-sites requested by every user in network.

10.0.1.16/IT-MANAGER

TRAFFIC-TREND REPORTS

Displays internet bandwidth usage and connections in a 24 hour interval/hour.

MAIL-SEND REPORTS

Displays complete list of mails send from the network,with recepient details,size of mail and

time of sending.

NOTE:For demonstration only,complete suite of reporting includes 58 type of reports.

For any queries please contact: Nithin.V.S

Network Security Consultant

Secure Network Solutions

Kerala,Ph:08129400133