Purpose of this Presentation –To provide an overview of WatchGuard’s XTM solutions –Presenter...
-
Upload
meghan-farmer -
Category
Documents
-
view
217 -
download
1
Transcript of Purpose of this Presentation –To provide an overview of WatchGuard’s XTM solutions –Presenter...
• Purpose of this Presentation– To provide an overview of WatchGuard’s XTM solutions– Presenter may build upon this deck depending on objectives and
audience
• Target Audience– Suitable for a broad range of audiences (customer, partner, analyst,
media)– Loosely scripted Speaker Notes are provided to guide you in speaking
about a slide and may provide supplemental information not displayed on a slide
• What You Need to Do as a Presenter– Personalize your target audience on the title page– Translate as necessary, delete this instructional slide, add slides
as needed– Review the slide notes before presenting. Optimize the notes to
suit your speaking style, objectives, audience. – Familiarize yourself with any builds and special animations
Please Remove This Page Before Presenting/Forwarding
1
Smart Security with WatchGuard XTM & XTMv
Name/Title
3
Evolving Business
Security Needs
IP network growth (VoIP, WLAN, etc.)
Demand for SaaS / Cloud
services
New applications
Emerging threats and
attack vectors
Compliance & accountability
New Technologies & Threats Shape Security Needs
4
Businesses Have Complex Security Needs
Enforce Policy Simplify Security Protect Data Secure Wireless & Remote Networking
Broad Security Needs - Varying Budgets & Facilities
5Retrieved from (2-28-13) http://money.cnn.com/2013/01/09/technology/security/infrastructure-cyberattacks/index.html
6
…And Steal Headlines
7
….”SMBs don't know how defenseless they've become, especially to automated and industrialized attack methodologies by organized crime," Christopher Porter, Verizon RISK Team.
Retrieved from (2-28-13): http://www.pcworld.com/article/252302/why_hackers_set_their_sights_on_small_businesses.html
8
You Can’t Control What You Can’t See
• Traditional port-based firewalls lack the ability to see, let alone control, many apps
• Productivity Loss– Bandwidth-hungry apps slow networks
• Data Loss / Attack Vector– Social networks breed a culture of trust– Rife with technical vulnerabilities
9
XTM Defense-In-Depth In Action
WatchGuard vs. Web 2.0 Security Issues
• Snags malware, scareware, spyware and malicious scriptsGAV
• Prevents drive-by-download attacksIPS
• Cloud-based service protects you from legitimate sites infected with malware
RED
• Enables granular control by user, group, or IP; and separate control over actions for view, post, chat, apps, games, and video
Application Control
10
Security Implications of Virtualization
Physical Network
Firewall sees & protects all traffic between servers
Virtual Network
Physical security is blind to traffic between virtual machines
VM 1 VM 2 VM 3
Hypervisor
VS
Host
11
Virtualization Poses New Security ChallengesTr
adit
ion
al S
ecu
rity
• Perimeter enforcement is fundamental
• Security implemented by interposing physical devices on the wire
Vir
tualiz
ati
on
• Blurs notion of “perimeter”
• Applications may not run on same physical servers
• Security and auditability required between entities of share virtual infrastructures
• Physical appliances cannot offer in-line protection
• Shared infrastructure susceptible to malware infections via mobile users
12
Visibility of Virtual Networks is Key
“…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you'd use on a physical server, inside that network, you don't see what's going on." Neil MacDonald, security and infrastructure analyst at Gartner.
13
Secure Your Virtualized World with XTMv
• Easy to download, enable, deploy, and manage (WSM, web, CLI)
• Leverages vSphere and Hyper-V flexibility and availability
• Multiple models for organizations of all sizes • Per-customer, -department, or -app
deployment• Delivers same best-in-class security of XTM
devices to the virtual environment
14
Secure Your Wireless Networks with WatchGuard Access Point Devices
• Extend XTM best-in-class security to the WLAN• Harness the power of mobile devices without
jeopardizing your network• Apply security policies to wired and WLAN
resources• Leverage XTM tools for ease of administration
15
An Application Proxy checks Source IP, Destination IP, Port, Protocol
If a matching rule (or service) is found:
The proxy then performs deep inspection on the content of the packet, including application layer data.
Cornerstone – The Application Proxy
Packet Reassembly – since 1996
This is the key to finding threats that OTHER FIREWALLS MISS!
16
Fireware XTM: Making the Most of Your NetworkQoS and Traffic Shaping• High-priority traffic gets bandwidth• Low-priority traffic gets available bandwidth
Multi-WAN Support• Up to 4 WAN connections supported• Traffic can use multiple WAN connections simultaneously or
on a failover
VPN Failover• Mission-critical VPN traffic keeps flowing if a remote site
becomes unavailable• Traffic automatically fails-over to another gateway
IPv6 Readiness• IPv6 Ready Gold Logo validates IPv6 routing• All XTM appliances will support IPv6
17
Command Line Interface
Choose from three user interface options: Administer your way
Managing XTM Solutions: Flexibility
WatchGuard Systems Manager Interface
Web Interface
Turn Oceans of Data into Security Intelligence
WatchGuard Dimension – Launched Oct. 2013
18
Bring Big Data Visibility to Network Security
Real-time monitoring lets you take instant action
Many View Options:Drill-down in FireWatch TreeMap View to Hone in on Insights
20
Managing XTM Solutions: Satisfy Auditors65 pre-defined reports included. Drill-down for the data you
need.
21
XTM Multi-Box Management Saves TimeSimultaneously manage from 2 to 100’s of boxes.
Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy because it is all very logical and straightforward.Francis Lim, IT Manager, Eurokars Group
Align security policies across an organization – or apply modifications
between boxes
22
I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected.Lucas Goh, Head of IT Operations for Asia, Berg Propulsion
Securely Connecting Users: VPN• Create VPN by simple drag and drop• Connect any location with Internet access• Select from IPSec, SSL, PPTP• Choose your device: laptop, smartphone, tablet• Define flexible rules to restrict data access to
authorized individuals only• Use client or clientless options
23
Perf
orm
ance
Small Business 1- 50 Users 50 -
250 Users
Service Providers / Headquarters 1,000+ Users
Midsize Business250 – 500 Users 500 – 1,000 Users
XTM 3 Series
Industry-Leading Performance at Each Price Point
XTM 2 Series
XTM 5 Series
XTM 8 Series
XTM 1050
XTM 2050
XTM 3 Series
XTM 1500 Series
XTM 800 Series
XTM 2520
24
What is “Next-Generation”?
(XTM = Next-Generation UTM) “XTM platforms will take security appliances beyond traditional boundaries by vastly expanding security features, networking capabilities and management flexibility.”
“Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks. Enterprises need to update their network firewall and intrusion prevention capabilities to protect business systems as attacks get more sophisticated.”
25
WatchGuard UTM – Architected for Speed
26
Smart, Best-of-Breed Security
LiveSecurity®
Application Control
Intrusion Prevention Service
Gateway AntiVirus
Reputation Enabled Defense (RED)
WebBlocker
spamBlocker
Data Loss Prevention (DLP)
Next-Generati
on Firewall Bundle
Security
Bundle
27
Industry-Leading Value
“The company is strong, the products able, and the pricing can’t be beat.”
Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
Market Leadership in Mid-Sized Companies(1)
6%
3%
0%
(2%)
(2%)
2%
2012/11 Share Gain (Loss)
Note: For companies with greater than 10% market share. Source: Infonetics, 2012.(1) Mid-sized companies defined as 50-500 user segment ($1,500-$5,000 price band).
Fortinet Cisco McAfee SonicWALL Check Point WatchGuard
2012 12% 9% 11% 14% 17% 23%
2011 10% 11% 13% 14% 14% 17%
Market Share
28
In-House vs. Best-of-Breed Technology
AntiVirus
URLFiltering
AntiSpam IPS APP
Control DLP
XTM
In-house Unaddressed
✘
✘
✘✘✘
✘
✘29
Segment Leading Manageability
Competitor Value ComparisonTotal UTM Market: Global, 2010
Source: Frost & Sullivan Analysis(N=43)
“Through 2018, more than 95% of firewall breaches will be caused by firewall misconfigurations, not firewall flaws”
-Gartner “One Brand of Firewall is a Best Practice for Most Enterprise Firewalls”, 28 November 2012
30
31
Why WatchGuard Wins
vs. Fortinet
• General purpose CPU beats ASIC for security
• Real-time visibility tools
• 65 bundled reports vs. only 2
• Multi-WAN• Traffic shaping• VPN setup wizard• Multi-device
(physical/ virtual) management included
vs. Cisco
• Application Control• HTTPS inspection• Tightly integrated
security services• UTM performance• Simple VPN setup • Physical and virtual
switch agnostic
vs. SonicWall
• Simpler admin. task flows
• Application Control ease of use (e.g. search)
• 2.5 million AV signatures vs 25,000
• Model upgrades by license key
• DLP
vs. Palo Alto Networks
• Gateway AntiVirus detects malware in all compressed file formats
• Email security and anti- spam capabilities
• Comprehensive appliance line, including tabletops
• No firewall virtual appliance offered by Palo Alto
Watch Video Comparisons http://www.watchguard.com/latest/us-vs-them.asp
32
Smart Security with Watchguard XTM & XTMv
• “Best-of-breed” multilayered security for physical and virtual environments
• Recognized security “Trend Setter,” industry “Champion” and “Value Leader”
• 65 reports included at no extra cost• ICSA Firewall & IPSec certification• Real-time monitoring• Intuitive set-up wizards • Multi-WAN support• RapidDeploy capability
33
Thank You!