2. Index
•Why we need Watch Guard?
•Network diagram
•Security Solution
•Logs and report
3. Companies Increasingly “Like” Social Media
Robert Half Technology. “SOCIAL WORK? More Companies Permit Social Networking on the
Job”. May 26, 2011. Retrieved from: http://rht.mediaroom.com/2011SocialMediaPolicies
4. Users and Applications are Out
of Control!
1. Retrieved from: http://www.allfacebook.com/facebook-games-statistics-2010-09
2. Retrieved from http://www.freemusictodownload.eu/p2p-statistics.html
3. Sources: X-Force, Websense, Whitehat Security, Imperva, 7Scan
6. You Can’t Control What You Can’t See
• Traditional port-based firewalls lack the ability to
see, let alone control, many apps
• Productivity Loss
• Bandwidth-hungry apps slow networks
• Data Loss / Attack Vector
• Social networks breed a culture of trust
• Rife with technical vulnerabilities
7. WatchGuard Solves Your Problem
See the Restrict
Enable secure
applications in unproductive,
& productive
use on your insecure &
business use of
network bandwidth
applications
draining usage
8. How WatchGuard Solves Your Problem
Identification, control, and reporting on
1800+ applications and sub-functions
Applications easy to find – organized by
category and searchable by query
Broad and granular control of applications
Integration with firewall policy table
9. Network Visibility is Essential
• Rich reporting on App usage, users, categories, blocked
applications, top clients, and more!
10. Intuitive Organization Simplifies
Your Workflow
• Find applications by category (e.g. Social Network) OR
• Query search by application name (e.g. Facebook)
11. Security Your Way – Broad
Control
• Establish policy broadly across application category
12. Security Your Way – Granular
Control
• Exercise control by user, category, application, &
application sub-function
13. Why WatchGuard Wins with
Application Control
vs. Palo Alto
vs. Fortinet vs. Cisco vs. SonicWall Networks
• 1800 applications vs. • WatchGuard has • Application rules • Part of UTM bundle
1200 for Fortinet Application Control; integrated with main (AV, spamBlocker, etc.)
• Ease of configuration Cisco ASA does not! policy table • 1800 applications vs.
(search; rules for • Application Control 1300 for PaloAlto
multiple applications) ease of use (e.g. • Application Control in
• Integrated application search) appliance line,
reporting including tabletops
Watch Application Control Video
http://www.watchguard.com/latest/appcontrol-demo.asp
14. XTM Defense-In-Depth In
Action
WatchGuard vs. Web 2.0 Security Issues
• Snags malware, scareware, spyware and
GAV malicious scripts
IPS • Prevents drive-by-download attacks
• Cloud-based service protects you from
RED legitimate sites infected with malware
• Enables granular control by user, group, or
Application
IP; and separate control over actions for
Control view, post, chat, apps, games, and video
15. Cornerstone – The Application
Proxy
Packet Reassembly – since 1996
An Application Proxy checks Source IP, Destination IP, Port, Protocol
If a matching rule (or service) is found:
The proxy then performs deep inspection on the content of the
packet, including application layer data.
This is the key to finding threats that OTHER FIREWALLS MISS!
16. Fireware XTM: Making the Most of
Your Network
QoS and Traffic Shaping
• High-priority traffic gets bandwidth
• Low-priority traffic gets available bandwidth
Multi-WAN Support
• Up to 4 WAN connections supported
• Traffic can use multiple WAN connections
simultaneously or on a failover
VPN Failover
• Mission-critical VPN traffic keeps flowing if a remote
site becomes unavailable
• Traffic automatically fails-over to another gateway
IPv6 Readiness
• IPv6 Ready Gold Logo validates IPv6 routing
• All XTM appliances will support IPv6
17. Managing XTM Solutions:
Flexibility
Choose from three user interface options: Administer your way
Command Line Interface
WatchGuard Systems
Manager Interface
Web Interface
18. Suite of tabbed tools deliver
Managing XTM Solutions: Real-
information needed to monitor
and react to network status Take instant remediative
Time Visibility action, such as adding a
site to a blocked sites list
Real-time monitoring lets you take instant action to
protect your network.
19. XTM Multi-Box Management
Saves Time
Simultaneously manage from 2 to 100’s of boxes.
Implementing the
WatchGuard solution
was a breeze. The policy
setting and system
configuration is easy
Align security policies across because it is all very
an organization – or apply logical and
modifications between boxes straightforward.
Francis Lim, IT
Manager, Eurokars
Group
20. Securely Connecting Users:
VPN
• Create VPN by simple drag and drop
• Connect any location with Internet access
• Select from IPSec, SSL, PPTP
• Choose your device: laptop, smartphone, tablet
• Define flexible rules to restrict data access to
authorized individuals only
• Use client or clientless options
I can’t remember the last time I had to call
someone with a security problem. With
WatchGuard, we are always connected.
Lucas Goh, Head of IT Operations for
Asia, Berg Propulsion
21. What is “Next-
Generation”?
“Firewalls need to evolve to be more proactive in
blocking new threats, such as botnets and targeted
attacks. Enterprises need to update their network
firewall and intrusion prevention capabilities to
protect business systems as attacks get more
sophisticated.”
(XTM = Next-Generation UTM) “XTM platforms will take
security appliances beyond traditional boundaries by
vastly expanding security features, networking capabilities
and management flexibility.”
25. Industry-Leading Value
“The company is
strong, the products
able, and the
pricing can’t be
beat.”
Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
26. Why WatchGuard Wins
vs. Palo Alto
vs. Fortinet vs. Cisco vs. SonicWall
Networks
• General purpose CPU • Application Control • Simpler admin. task • Gateway AntiVirus
beats ASIC for security • HTTPS inspection flows detects malware in all
• Real-time visibility • Tightly integrated • Application Control compressed file
tools security services ease of use (e.g. formats
• 65 bundled reports • UTM performance search) • Email security and anti-
vs. only 2 • 2.5 million AV spam capabilities
• Simple VPN setup
• Multi-WAN signatures vs 25,000 • Comprehensive
• Model upgrades by appliance line,
• Traffic shaping
license key including tabletops
• VPN setup wizard
Watch Video Comparisons
http://www.watchguard.com/latest/us-vs-them.asp
27. Moving Security Forward with
Watchguard XTM
• “Best-in-class” security for comprehensive protection
• Recognized security “Trend Setter”, industry “Champion”,
and “Leader”
• 65 reports included at no extra cost
• Real-time monitoring
• Intuitive set-up wizards
• Multi-WAN support
• Market-leading value
28. Why we need Watch guard
•Manage users to access internet.
•Filtering content and url of the website.
•Filtering by keyword
•Filtering and inspect HTTPS.
•Web blocker has over 54 categories for IT manager to manage the
internet access.
•Report and logs all content accessed by users.
•Secure e-mail and web access.
•Can be integrated to the Domain controller to apply the policy to manage
users.
Watchguard is not only a simple firewall but also
it is a good tools for IT Manager to manage their
network.
31. Watchguard – integated solutions.
Protects networks by integrating best-in-class security
technologies that enable businesses to manage risks,
empower people and improve efficiencies.
33. WatchGuard: Industry Leader
Gartner
Named “Leader” in Magic Quadrant
Multifunction Firewalls
IDC
“WatchGuard, one of the first security
appliance vendors, will remain a
leader in this market going forward.”
Frost & Sullivan
“WatchGuard is on its track of
becoming a major participant in the
enterprise-UTM market.”
“Measurements have indicated that
WatchGuard has chipped away the market
share formally held by Fortinet, Cisco, and
Juniper.”
35. WatchGuard XTM Series: Unified Threat Management
Sized for small businesses to the enterprise
All-in-one network security
Firewall Integrated with Advance networking features
SSL and IPSec VPN (MUVPN/BOVPN)
Reputation Enabled Defense (Cloud Security Services)
WebBlocker (including full HTTPS inspection)
SpamBlocker
Gateway Anti-Virus/Intrusion Prevention Services
Application Control (More than 1800 signatures!)
Three management interfaces–console, web UI, CLI
Reporting and real-time monitoring–at no extra cost
Model-upgradeable within each series
36. WatchGuard XTM 5 Series
Recommended for main offices/
headquarters with up to 1,500
users
Performance driven security for
growing mid-size businesses
Up to 2.3 Gbps firewall
throughput
Full HTTPS inspection and VoIP
support.
Model-upgradeable
37. Logs and reports
• Watchguard does not keep the logs and reports in the same
box.
•Watchguard recommends customer to use another computer
running Win XP to install logs and report management
software to run as Report and Logs server.
• This idea is really good for customer to manage and backup
the logs and report information.
• Log information could be stored for many years.
38. Gain Visibility.
Gain Insight.
Gain Control.
WatchGuard Application Control
Thank You!