5. Hackers Shake the Web
September 28, 2011
Source: http://www.usatoday.com/NEWS/usaedition/2011-
09-28-Webpage-hackers-PR INT0_ST_U.htm
6. Smaller-sized Companies Increasingly Under Attack
….”Cyber security is not just for big businesses. "That's one of the
myths we come across — 'I am too small,'" said Stan Stahl, head of
a Los Angeles cyber-security company Citadel Information Group
Inc. and president of the Los Angeles chapter of the Information
Systems Security Assn., a trade group”
Source: http://www.latimes.com/business/la-fi-smallbiz-security-20110523,0,5494792.story
7. Data Breach Costs Continue to Plague Organizations
Organizational Cost of a Average Cost Per Record
Data Breach Breached
$225
$7,500,000
$7,000,000 $200
$6,500,000
$175
$6,000,000
$5,500,000 $150
$5,000,000
$125
$4,500,000
$4,000,000
$100
2005 2006 2007 2008 2009 2010
2005 2006 2007 2008 2009 2010
Source: Ponemon Institute
8. You Can’t Control What You Can’t See
• Traditional port-based firewalls lack the
ability to see, let alone control, many apps
• Productivity Loss
• Bandwidth-hungry apps slow networks
• Data Loss / Attack Vector
Social networks breed a culture of trust
Rife with technical vulnerabilities
9. XTM Defense-In-Depth In Action
WatchGuard vs. Web 2.0 Security Issues
• Snags malware, scareware, spyware and
GAV malicious scripts
IPS • Prevents drive-by-download attacks
• Cloud-based service protects you from
RED legitimate sites infected with malware
• Enables granular control by user, group, or
Application
IP; and separate control over actions for
Control view, post, chat, apps, games, and video
10. Cornerstone – The Application Proxy
Packet Reassembly – since 1996
An Application Proxy checks Source IP, Destination IP, Port, Protocol
If a matching rule (or service) is found:
The proxy then performs deep inspection on the content of the
packet, including application layer data.
This is the key to finding threats that OTHER FIREWALLS MISS!
11. Fireware XTM: Making the Most of Your Network
QoS and Traffic Shaping
• High-priority traffic gets bandwidth
• Low-priority traffic gets available bandwidth
Multi-WAN Support
• Up to 4 WAN connections supported
• Traffic can use multiple WAN connections
simultaneously or on a failover
VPN Failover
• Mission-critical VPN traffic keeps flowing if a remote
site becomes unavailable
• Traffic automatically fails-over to another gateway
IPv6 Readiness
• IPv6 Ready Gold Logo validates IPv6 routing
• All XTM appliances will support IPv6
12. Managing XTM Solutions: Flexibility
Choose from three user interface options: Administer your way
Command Line Interface
WatchGuard Systems
Manager Interface
Web Interface
13. Suite of tabbed tools deliver
information needed to monitor
and react to network status Take instant remediative
action, such as adding a
Managing XTM Solutions: Real-Time Visibility blocked sites list
site to a
Real-time monitoring lets you take instant action to
protect your network.
14. Managing XTM Solutions: Satisfy Auditors
65 pre-defined reports included. Drill-down for
the data you need — when you need it.
15. XTM Multi-Box Management Saves Time
Simultaneously manage from 2 to 100’s of boxes.
Implementing the WatchGuard
solution was a breeze. The policy
setting and system configuration
is easy because it is all very
logical and straightforward.
Align security policies across Francis Lim, IT
an organization – or apply Manager, Eurokars Group
modifications between boxes
16. Securely Connecting Users: VPN
• Create VPN by simple drag and drop
• Connect any location with Internet access
• Select from IPSec, SSL, PPTP
• Choose your device: laptop, smartphone, tablet
• Define flexible rules to restrict data access to
authorized individuals only
• Use client or clientless options
I can’t remember the last time I had to call
someone with a security problem. With
WatchGuard, we are always connected.
Lucas Goh, Head of IT Operations for
Asia, Berg Propulsion
17. XTM 33 XTM 33-W XTM 330
Industry-Leading Performance at Each Price Point
Firewall Throughput 850 Mb/s 850 Mb/s 850 Mb/s
XTM 2050
XTM Throughput 45 Mb/s 45 Mb/s 70 Mb/s
XTM 1050
Concurrent Connections 40,000 XTM 8 Series
40,000 40,000
(bi-directional)
XTM 5 Series
Performance
BOVPN 50 50 50
XTM XTM 3 Series
3 Series
MUVPN (IPSec) 5/50 5/50 5/55
XTM 2 Series
MUVPN (SSL) 55 55 55
Local User Database 500 500 500
Small Business Midsize Business Service Providers / Headquarters
Max. 1- 50 Users 50 - 250 Users 250 – 500 Users 500 – 1,000 Users 1,000+ Users
Model Upgrade No No No
18. What is “Next-Generation”?
“Firewalls need to evolve to be more proactive in
blocking new threats, such as botnets and targeted
attacks. Enterprises need to update their network
firewall and intrusion prevention capabilities to
protect business systems as attacks get more
sophisticated.”
(XTM = Next-Generation UTM) “XTM platforms will take
security appliances beyond traditional boundaries by
vastly expanding security features, networking capabilities
and management flexibility.”
20. Industry-Leading Value
“The company is
strong, the products
able, and the pricing can’t
be beat.”
Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
23. Why WatchGuard Wins
vs. Palo Alto
vs. Fortinet vs. Cisco vs. SonicWall
Networks
• General purpose CPU • Application Control • Simpler admin. task • Gateway AntiVirus
beats ASIC for security • HTTPS inspection flows detects malware in all
• Real-time visibility • Tightly integrated • Application Control compressed file
tools security services ease of use (e.g. formats
• 65 bundled reports • UTM performance search) • Email security and anti-
vs. only 2 • 2.5 million AV spam capabilities
• Simple VPN setup
• Multi-WAN signatures vs 25,000 • Comprehensive
• Model upgrades by appliance
• Traffic shaping
license key line, including
• VPN setup wizard tabletops
Watch Video Comparisons
http://www.watchguard.com/latest/us-vs-them.asp
24. Moving Security Forward with Watchguard XTM
• “Best-in-class” security for comprehensive protection
• Recognized security “Trend Setter”, industry “Champion”,
and “Leader”
• 65 reports included at no extra cost
• Real-time monitoring
• Intuitive set-up wizards
• Multi-WAN support
• ICSA Firewall & IPSec certification
• Market-leading value
