WatchGuard Technologies, Inc., a provider of network security solutions, has introduced new features to its Unified Threat Management (UTM) appliances. Additionally, WatchGuard introduced a new version of its management software that enables large deployments of Firebox X Edge security appliances to be centrally managed.

With the scope of attacks continuously expanding, it is critical for network security vendors to offer a broad set of real-time defences that provide the levels of protection needed to meet todays evolving threats. In addition to Zero Day protection that stops many malicious attacks without signatures, WatchGuard provides security services integrated on Fireware Pro, WatchGuards security and network operating system. These security services include:

• spamBlocker spamBlocker analyses Internet message patterns, not the message data, resulting in real-time spam detection in a fraction of a second before spam even enters the network. This is done in partnership with Commtouch, which developed Recurrent Pattern Detection (RPD) technology predicated on the fact that the fundamental characteristic of spam is mass distribution. Rather than evaluating message content, the RPD technology analyses large volumes of Internet traffic in real-time to identify outbreaks as soon as they emerge. The RPD approach blocks more than 97 per cenet of unwanted emails, with very low false positives. Since many phishing attacks, online scams, viruses and spyware are initiated through spam, the spamBlocker solution is the first line of defence against those threats. With processing done off the appliance, there is minimal impact on network performance.
  
• Gateway Anti-Virus/Intrusion Prevention with Spyware Protection (Gateway AV/IPS) Gateway AV/IPS is a signature-based integrated security service that identifies and blocks suspicious network activity and malicious code in real-time. Dangerous traffic presenting itself as harmless, but attempting to exploit system vulnerabilities, is stopped before it can damage information assets. Gateway AV/IPS provides an additional layer of protection against threats such as spyware, Trojans, buffer overflows, SQL injections, IM and peer-to-peer usage, and policy violations.
  

  Spyware is nefarious and WatchGuard provides protection through a variety of cooperative procedures. First, the IPS engine features Signature-based Content Inspection, which applies continuously updated attack signatures to identify and block incoming spyware downloads, including covert drive-by downloads. WatchGuard does not stop at offering only signature-based protection, but provides additional capabilities to combat spyware. The IPS engine identifies and blocks the initial configuration communication required by spyware applications to retrieve configuration data from the central server. Should an infected PC enter a secure network, the IPS engine will attempt to prevent spyware applications from using the network connection for additional spyware activities, such as transmitting keylogs or passwords. WatchGuards WebBlocker service also conducts Site Blocking, which blocks all traffic to and from known spyware sites and new sites as they are discovered.
  

  Combining these procedures, which inspect both incoming and outgoing traffic, with anti-spam and URL filtering services, WatchGuard provides comprehensive spyware protection.
  

• WebBlocker The WebBlocker service employs a daily, incrementally updated database of more than 12 million URLs and prevents users from accessing liable, malicious and inappropriate web sites - including more than 8,000 sites known to distribute spyware. WatchGuard now allows for fine-grained control of Internet usage by including up to 40 different website categories that can be restricted on a per user or per group basis.

WatchGuard System Manager (WSM)

In addition to enhanced security services, WatchGuard is introducing a new version of its management software used to configure and manage its Firebox X family of security appliances. WSM now enables centralised management of large multi-appliance and multi-customer deployments including multi-box policy and firmware management for Firebox X Edge appliances. With a unified management console, administrators can update groups of Firebox X Edge appliances, view all appliances at a glance, and launch monitoring and configuration tools for pinpoint control of any device or service.

WSM also eases the configuration process of WatchGuards advanced security services - Gateway AV/IPS, spamBlocker, and WebBlocker - for rapid set-up of these important services. VPN deployments are simplified through a Drag-and-drop VPN capability that works across multiple platforms and versions of WatchGuard appliance software. Additionally, WSMs centralised logging and reporting enables detailed analysis of appliances to easily gather insight into security, network and user activities.

Related links: (Open in a new window.)
www.watchguard.com

View printable version (opens in new window)
Back