related presentation file (pdf)
TRANSCRIPT
-
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard Peter Johansson Regional Manager, Nordics, Baltics, Ukraine & Russia
-
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reserved
About WatchGuard Accolades Taken private in 2006: enabled strategic shift 2007-2009: 3-year effort to re-architect
platform, business model Firewall appliance pioneer HQ in Seattle, WA ~1,000,000 appliances shipped to business
customers worldwide 100% channel 5,000 partners (1,200
with advanced certification) in 120 countries Worldwide sales: 48% from Americas, 38%
EMEA and 14% APAC
2012
2006
Taken private in October
2007-2009
Re-Engineering of Product
2010 2011 2012
Launched re-architected product with
Best-of-Breed HW Best-of-Breed SW
Launched RED / Next
Gen Firewall
Virtual solutions: XTMv and XCSv,
Hardware Refresh
2013
Launched WatchGuard Dimension
-
AGENDA Brief threat landscape Cyber crime comes to main street Dimension DEMO Powerful new products from WatchGuard
August 25, 2015 3
-
117,339 INCOMING ATTACKS
EVERY DAY
Global Threat Landscape:
Threats rising!
-
Global Threat Landscape:
Threats rising! Total Number of Security Incidents Reported Grow 66% CAGR
42.8 million
28.9 million 24.9
million 22.7 million
9.4 million 3.4
million
2009 2010 2011 2012 2013 2014
117,339 INCOMING ATTACKS EVERY DAY The total number of security incidents detected by respondents climbed to 42.8 million this year, an increase of 48% over 2013. Thats the equivalent of 117,339 incoming attacks per day, every day.
-
7
Advanced Threats Timeline
GhostNet
Operation Aurora
Stuxnet
RSA/Lockheed
Duqu
Flame
Gauss
NYTimes
Adobe
Target
Mar. 2009
Jan. 2010
Jun. 2010
Mar. 2011
Sep.2011 May
2012 Dec. 2013
Jun. 2012
Jan. 2013
2009 2010 2011 2012 2013 2014
Oct. 2013
China-based C&C Spear Phishing Political Targets
IE 0day Comment Crew (CN) Stole Gmail and Src
Four 0day PLC Rootkit
Broke Centrifuges
0day Flash Flaw 0dayTrojan
Stole SecureID Info
0day Word flaw Iran, Sudan, Syrian Cyber Espionage
0day MS Cert Flaw Stole IP
Target Iranian Oil
Targeted Lebanon USB LNK Flaw
APT Bank Trojan
152M records 0day Coldfusion
Stolen source
China-based Spear phishing 0day malware
40M CCNs 0day malware Partner access
Nation-states / Political Criminals / Private
-
The Year of Headline Hacks 2014
Making malware costs time/money
Targeted attacks stay under the radar
But bigger victim pools offer higher ROI
Certain targets have higher value
WHY ATTACK BUSINESS VERTICALS?
-
Blended Threats Require Layered Defense Legacy firewalls & AV dont stop new threats SMBs need help managing layered defense
Sophisticated Threats Trickle Down APTs target every day businesses Evasive malware on the rise New threats bypass legacy defenses
Visibility is Defense Prevention is important, but not enough Most orgs discover breaches too late Focus shifts to discover and response
Global Security Trends:
Threats Evolve Sophisticated Threats Target SMBs
-
Snowden Effect
Influences Encryption
Encrypted Traffic is Surging Worldwide
After NSA revelations, sites like Facebook and Google now default to HTTPS.
In a global study, encrypted network traffic in North America alone has doubled in the past year.1
1. https://www.sandvine.com/downloads/general/global-internet-phenomena/2014/1h-2014-global-internet-phenomena-report.pdf
-
Global Threat Landscape: IoT Threats
There are computers in EVERYTHING
-
The Ashley Madison Hack
12
July 15: Ashley Madison learn of breach Attackers demand they to pull sites Aug. 18: Attackers leak Customer records Noel Biderman says it is fake Aug. 19: Attackers release source code Aug. 20: Attackers release Biderman email Criminals already using data for extortion Alleged attackers claimed to be in network
two years (VPN, pass1234)
Takeaways: Need better visibility tools Bad practices defeat good products Your services compliment our products
August 25, 2015
-
Four Common Modern Attacks
Spear Phishing
Drive-by Download
Watering Holes
Chain-of-Trust
October 28, 2015 13
RSA Lockheed Martin
US DoD?
-
February 5, 2014 14
-
Cyber Crime Comes to Main Street
-
16
-
5 Reasons Small is the New Big Target
1. Weak link Less protected, low hanging fruit
2. Chain-of-Trust window to larger fish Cyber criminals use SMBs to get to larger victims
3. Less likely to draw big attention Smaller targets draw less media or government
attention
4. SMBs have valuable data, too Small companies still have data worth big
money
5. Opportunistic attacks Automatized attacks look for ANY victim
The Target breach actually originated
through an SMB partner.
Visa Inc. reports that small businesses
represent more than
90% of the payment data breaches reported to
their company.
-
Small Business (50 150 employees)
No dedicated IT security staff How do you protect against todays
advanced malware?
Which security services are you running at the perimeter?
How do you see what is happening on the network?
Do you know if you have been breached?
Have you enabled all of the security services that you have purchased?
Struggling to cope with security complexity
-
Digital Explosion
Average connection speeds increased 21% YoY in 2014
23% yearly growth in all internet traffic
Applications Drive Bandwidth Requirements
Video / Audio Streaming Services
UltraHD video is coming with 4k bitrate streams, requiring between 1020 Mbps of bandwidth
Bandwidth demands are increasing
1: Akamai state of the internet report 2014 2: Cisco Global IP network forecast: http://www.cisco.com/c/en/us/solutions/collateral/service-provider/ip-ngn-ip-next-generation-network/white_paper_c11-481360.html 3: Sandvine Global Internet Phenomena: https://www.sandvine.com/downloads/general/global-internet-phenomena/2014/1h-2014-global-internet-phenomena-report.pdf
-
Advanced Threats Require Defense-in-Depth
Advanced threats, by definition, leverage multiple vectors of attack. No single defense will protect you completely from computer attacks
Firewall Intrusion Prevention System
AntiVirus AntiSpam
Reputation Services APT Protection
The more layers of security you have, the higher chance an additional protection might catch an advanced threat that other layers might miss.
-
UTM/NGFW is Defense-in-Depth
Application Control
URL Filtering
Anti SPAM
Gateway AntiVirus
Intrusion Prevention Service
Firewall
Data Loss Prevention
Advanced Persistent Threats
-
AntiVirus
URL Filtering
AntiSpam
IPS
App Control
Data Loss Prevention
APT
The Most Flexible Architecture Designed for UTM
WatchGuard Architecture
3 Year Effort Delivered the most flexible
architecture / platform for UTM
Highest Performance Leading UTM performance at
each price point
Management Console WatchGuard Dimension brings
powerful visualization tools to network security
UTM Firmware
Spanning across all hardware platforms
Modular Structure To support vendor agnostic
strategy
Hardware:
Multiple CPU partners for best fit to specific product line
Software: Always Best-of-Breed software
components, with speedy integration
Platform
-
Introducing Firebox M200 & M300 218% faster than competing appliances with full security:
385% faster with HTTPS inspection
Specifically engineered to protect small companies with enterprise-strength protection Powered by latest version of WatchGuards powerful Fireware OS v11.10
Features newest time and data, names not numbers configuration, gateway wireless controller capabilities
The same award-winning visibility available on more expensive boxes with WatchGuard Dimension Full access and full horsepower to run WatchGuards advanced malware and DLP solutions Available in both NGFW and UTM Recommended: M200 60 users ; M300 150 users
-
Boren: Firebox T30 and T50 Beta in September; Availability late Q4
2 models: 5 ports (T30) and 7 ports (T50); Both include one PoE port
802.11ac Wi-Fi models available
WatchGuard Confidential. Roadmaps are intended to offer general guidance and are not commitments. WatchGuard reserves the right to make changes without notice.
-
Cyber Kill Chain 3.0
Objectives/Exfiltration
Lateral Movement / Pivoting
Command and Control (C&C)
Infection/Installation
Compromise/Exploit
Delivery
Reconnaissance
-
WatchGuard Breaks the Kill Chain
Objectives/Exfiltration
Lateral Movement / Pivoting
Command and Control (C&C)
Infection/Installation
Compromise/Exploit
Delivery
Reconnaissance Packet Filtering
Proxies
IPS APT Blocker
Gateway AntiVirus
APT Blocker
Gateway AntiVirus
IPS Web Blocker
Packet Filtering
IPS APT Blocker
Gateway AntiVirus
DLP Application Control
Reputation Enabled Defense
Application Control
Packet Filtering
Web Blocker
IPS APT Blocker
Gateway AntiVirus
Reputation Enabled Defense
Packet Filtering DLP
-
Firebox M refreshes XTM 5 Series & XTM 330
Firebox M200 & M300 Up to 60 /150 Users
Up to 350 / 750 Users
Firebox M400 & M500
Firebox M440 Up to 500 Users
27 ports incl 8 PoE
Faster HTTPS with FireBox M Series
-
Visibility is Defense
February 5, 2014 28
Dimension 2.0 introduces control
-
Advanced malware protection for everyone
29
WatchGuard Brings Advanced Persistent Threat Protection to the Masses - Enterprise Networking Planet
August 25, 2015
-
Strong Security at a Great Price!
30 August 25, 2015
-
31 August 25, 2015
-
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard Peter JohanssonRegional Manager, Nordics, Baltics, Ukraine & RussiaAbout WatchGuardAGENDAGlobal Threat Landscape: Threats rising!Global Threat Landscape: Threats rising!Slide Number 6Advanced Threats Timeline2014Slide Number 9Snowden Effect Influences EncryptionSlide Number 11The Ashley Madison HackFour Common Modern AttacksSlide Number 14Slide Number 15Slide Number 165 Reasons Small is the New Big TargetSmall Business (50 150 employees)Digital ExplosionAdvanced Threats Require Defense-in-DepthSlide Number 21The Most Flexible Architecture Designed for UTMIntroducing Firebox M200 & M300Boren: Firebox T30 and T50Cyber Kill Chain 3.0WatchGuard Breaks the Kill ChainFaster HTTPS with FireBox M SeriesVisibility is DefenseAdvanced malware protection for everyoneStrong Security at a Great Price!Slide Number 31Slide Number 32