WatchGuard Team

WatchGuard Team has written 28 posts for Smart Security

Top 8 Security Predictions for 2014


Click on the image to download the “2014 Security Predictions Infographic.”


After all the headline-grabbing cyber attacks this year, don’t you wish you could gaze into future headlines and project the next big cyber threat? While we may not have that superpower just yet, we can make our 2014 security predictions.

At the end of every year, WatchGuard reflects on the threat landscape and analyzes past information security incidents, in order to forecast next year’s security trends and major threats. Our hope is to provide a little insight into the future, so you can prepare your defenses in advance.

Last year was quite eventful, from NSA leaks to a huge Adobe data breach, and we expect the fast pace of security incidents to continue to grow next year.


Here’s a quick high-level list of WatchGuard’s eight security predictions. Want more detail… keep scrolling down to the bottom for a complete breakdown of each topic:

1. Hackers Harass U.S. Healthcare Hangout – WatchGuard anticipates that the U.S. HealthCare.gov site will suffer at least one data breach in 2014.

2. Increased Cyber Kidnappings Raise Attacker Profits – In 2014, WatchGuard expects many other cyber criminals will try to copy CryptoLocker’s success by mimicking its techniques and capabilities.

3. A Hollywood Hack – In 2014 a major state-sponsored attack may bring a Hollywood movie hack to life that exploits a flaw against critical infrastructure.

4. Bad Guys Break the Internet of Things (IoT) – Next year, WatchGuard expects white and black hat hackers to spend more time cracking non-traditional computer devices such as cars, watches, toys and medical devices.

5. 2014 is the Year of Security Visibility – WatchGuard anticipates that in 2014 more organizations will deploy security visibility tools to help identify vulnerabilities and set stronger policies to protect crucial data.

6. A High-profile Target Suffers a Chain-of-Trust Hack – As advanced attackers go after harder targets, expect to see more “chain-of-trust” cyber breaches in 2014, where hackers hijack partners in order to gain access to high level organizations.

7. Malware Gets Meaner – Plan for an increase in destructive viruses, worms and Trojans in 2014.

8. Network Attackers Become Cyber Shrinks – In 2014, expect attackers to focus more on psychology than technology, with techniques like convincing phishing emails and leveraging pop culture, to target the weakest link – the user.

Click on the image below to download the entire predictions infographic or read the press release here.

In-Depth Review:

Hackers Harass U.S. Healthcare HangoutWatchGuard anticipates that the U.S. HealthCare.gov site will suffer at least one data breach in 2014. Between its topical popularity, and the value in its data store, Healthcare.gov is an especially attractive cyber attack target. In fact, this has already happened to some extent. Security researchers have already pointed out minor security issues like evidence of web application vulnerabilities and an attempted Denial-of-Service (DDoS) attack.

The Deep Dive: The United States’ (US) new Patient Protection and Affordable Care Act (PPACA), colloquially known as Obamacare, hinges on the use of online healthcare insurance exchanges, which are essentially cyber marketplaces where patients can purchase healthcare at discounted group rates. Healthcare.gov is the glue connecting US citizens to all the state exchanges and the oracle that helps you navigate your way through the new healthcare and health insurance process. Unfortunately, its key position also makes Healthcare.gov an especially attractive cyber attack target in 2014.

First, as the online cornerstone of the new US healthcare system, heathcare.gov will certainly garner a lot of attention over the next year. It is already the topic of heated political debate, which puts it in the news quite regularly. This increased media coverage will certainly draw the attention of white and black hat hackers alike. Imagine you’re a hacktivist trying to make a big political message… what better place to capture the notice of millions?

Second, in order to do its job the site needs to ask citizens for some pretty personally identifying information (PII). For instance, you have to share your social security number with the site for identity purposes. This makes Healthcare.gov, and all the online exchanges under it, a pretty important overseer for some pretty sensitive data, which obviously also makes it an attractive target to malicious hackers.

Between its topical popularity, and the value in its data store, we believe both good and bad hackers will target Healthcare.gov in 2014. None of this is to say you should avoid healthcare.gov, or that it’s any worse than any of the millions of other websites we share our valuable data with. In fact, its current high-profile means that the folks managing it will likely focus heavily on its defense. We’d argue that in time the Healthcare.gov will likely be more secure than the majority of sites out their. However, we also know things sometimes have to get a bit worse before they get better. That’s why we forecast that Healthcare.gov will suffer at least one data breach in 2014.

Increased Cyber Kidnappings Raise Attacker ProfitsRansomware, a class of malicious software that tries to take a computer hostage, has grown steadily over the past few years, but a particularly nasty variant emerged in 2013: CryptoLocker. This year, it has affected millions and it is suspected that the authors have made a high return in their criminal investment. In 2014, WatchGuard expects many other cyber criminals will try to copy CryptoLocker’s success by mimicking its techniques and capabilities. Plan for a surge of ransomware in 2014.

Criminal hackers are always looking for surprising new ways to increase their profits. Ransomware is a class of malicious software that tries to take your computer hostage, or “kidnaps” your important files; making it so you can’t access your data or use your computer. Criminals then try to extort you for a relatively small sum of money in order for you to regain access to your computer or its files.

But, a particularly nasty variant emerged in 2013 – Cryptolocker. It arrives in various ways, including as an attachment to a phishing email, or through websites hosting malicious drive-by downloads. It encrypts many of your important files, including Office documents, pictures, and digital certifications. Then it tries to get you to pay $300 to get them back.

However, Cryptolocker is much smarter and much more aggressive in its techniques. It uses industry-standard encryption to ensure you can’t reclaim your files; it uses domain generation algorithms (DGA) to make sure it can always reach its master, and it uses Bitcoin to make it harder for authorities to track these illegal payments. In short, Cryptolocker has affected millions and we suspect its authors have made quite the return in their criminal investment.

A Hollywood Hack In 2014 a major state-sponsored attack may bring a Hollywood movie hack to life that exploits a flaw against critical infrastructure. Even if these systems are kept offline, the often-cited Stuxnet proved that motivated cyber attackers could infect non-networked infrastructure, with some potentially disastrous results.

You’ve seen it in the movies. A big hack that drains the Federal Reserve Bank, shuts down power in all the big cities, or causes a critical dam to fail and flood a town downstream.  These types of cyber attacks sound like science fiction, and so far they have mostly stayed in that realm. However, our critical infrastructure really does rely on computers and—despite best practices saying otherwise—we are slowly putting some of this infrastructure online.

As a result, researchers have spent the past few years discovering and studying the vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) solutions, and their findings aren’t great… These systems have many holes.

We think a malicious actor or nation-state might realize a Hollywood-like hack next year, by exploiting a flaw against critical infrastructure.

Bad Guys Break the Internet of Things (IoT) There are computers in everything!

Ok… Not literally, but some days it sure seems that way. We have computers in our cars, pace makers, televisions, watches, kids toys, cameras, baby monitors, and we are even trying to strap them to our head inside a pair of eyeglasses. Furthermore, most of these non-traditional computers include all kinds of interesting, information gathering sensors, including GPS, accelerometers, altimeters, photodetectors, and good old fashion cameras (video and still). Finally, most of them can connect wirelessly, and they treat security like an afterthought.

When you add this all up, it’s like Christmas for hackers – white hat and black hat alike. The Internet of Things (IoT) provides a playground of connected devices for curious and malicious computer experts to have fun with.  Want to make a car think it’s flying? You can! How about trolling a baby over the Internet? It’s been done. However, things can also take a dark turn as well, with an ex-vice president disabling his implanted defibrillator’s wireless feature to avoid assassination.

Security experts have warned about securing the IoT for a while now. However, the market is just now catching up with the expectation, with more and more embedded computing devices showing up in stores everyday. Next year, WatchGuard expects white and black hat hackers to spend more time cracking non-traditional computer devices such as cars, watches, toys and medical devices. While security experts have warned about securing these devices for the past few years, the market is just now catching up with the expectation. WatchGuard suspects that good and bad hackers will focus heavily on finding holes in these IoT devices in 2014.

2014 is the Year of Security Visibility In the past few years, cyber attackers have successfully breached many big companies, despite the victims having common security defenses, like firewalls and antivirus. Furthermore, many of these victims didn’t even realize they were compromised until it was much too late.

So what’s the problem? Do our cyber security controls not work or are we doing something wrong? We think the issue is threefold:

  1. Most businesses still rely on legacy defenses, such as stateful packet filtering firewalls, which don’t help against today’s threats.
  2. They don’t configure their security controls properly, and often don’t enable their best defenses, or accidentally bypass them. (In fact, Gartner says 95% of firewall breaches are due to misconfigurations),
  3. And they are drowning in oceans of security logs, making it impossible for them to recognize the important security events that they need to react too.

WatchGuard anticipates that in 2014 more organizations will deploy security visibility tools to help identify vulnerabilities and set stronger policies to protect crucial data. Expect 2014 to be the year of security visibility.

A High-profile Target Suffers a Chain-of-Trust Hack Cyber attackers have clearly gotten more sophisticated over the years; especially those associated with state-sponsored hacking. These advanced hackers also target a higher level of victim, regularly going after government and military organizations, critical infrastructure providers, and Fortune 500 businesses.

These top-level victims tend to have a higher security pedigree, and do NOT pose soft targets. Yet, they still can fall to the persistent, advanced attacker who preys on the weakest link in a victim’s chain of trust—your partners and contractors.

In many of the most sophisticated attacks, bad actors had to first infiltrate secondary or tertiary targets in order to gain access to some asset needed to compromise the intended victim. For instance, hackers targeting Lockheed Martin first needed to steal SecureID seed data from RSA (and their ultimate target may have been the US military, a customer of Lockheed Martin). We’re also seeing more and more cases where attackers hijack digital certificate providers, or steal the certificates from smaller companies, for use in a more specific targeted attack.

As advanced attackers go after harder targets, expect to see more “chain-of-trust” cyber breaches in 2014, where hackers hijack partners in order to gain access to high level organizations.

Malware Gets MeanerWhether it’s because we are more paranoid than the average bear, or just plain tinfoil hats, security professionals often like to imagine worst-case scenarios. You know, scenarios like some doomsday malware that deletes everyone’s hard drives, launches the world’s complete arsenal of nuclear weapons, and evolves into an evil, self-aware “Skynet” to enslave humankind.

While often amusing to imagine, and sometimes even theoretically possible, these worst-case scenarios are rarely seen in the real world. Most cyber attacks and malware are not purposely destructive. If you think about it from the attacker’s perspective, it typically just doesn’t make sense to destroy your victim’s resources. If you destroy your victim’s computer, you can’t spy on them and gain access to other resources. Not to mention, you also give yourself away.

However, changes in hacker profiles have resulted in more cases where cyber destruction might become a valid goal for network attackers. For instance, hacktivists or nation-states actors who want to send a brash message, or to disable an adversary’s systems, may turn to destructive attacks; like the case of the disk wiper malware seen in a South Korean attack. Cyber criminals may also realize the threat of imminent destruction could help increase cyber extortion success rates, as seemed to be the case with the countdown timer Cryptolocker used scare victims into compliance.

Whatever the reason, we think malware will get meaner in 2014, and you can expect to see more cases of destructive malware and attacks.

Network Attackers Become Cyber Shrinks The information security battle has always been like a pendulum, with the technical advantage swinging back and forth between the attacker and defender. As defenders develop new security technologies to get the leg up, attackers develop new evasion techniques and reclaim advantage—the cycle goes on ad infinitum.

Over the last few years, the attackers have had the advantage; leveraging more sophisticated attack techniques and using advanced evasion tactics to get past legacy defenses. However, the tide is turning. Next year, defenders will have more access to next generation security solutions and new advanced threat protection capabilities, swinging the technological security pendulum back in our direction.

While that’s good news, don’t expect cyber criminals to give up that easily; rather expect them to change their strategy.  There are two ways attackers can compromise our networks; they can exploit technical weaknesses or they can prey on sociological ones. As we regain the technical advantage, expect cyber criminals to refine their social engineering skills, and concentrate more on attacking flaws in human nature. In fact, they’ve already done a good job in this area. Their phishing emails are better written and more convincing, they’re masters at leveraging pop culture, and they know our worst habits.

In 2014, you should expect attackers to focus more on psychology than technology, and target your weakest link—the user.

IDC & WatchGuard Reveal Top 3 Security Challenges Facing Midsize Organizations: How Can UTM Help?

As 2013 comes to an end, Unified Threat Management (UTM) has grown up. What used to be an SMB security solution has now matured into a powerful platform for the midsize enterprise. The holy grail of defense-in-depth no longer requires costly point solutions, disparate management consoles, and hundreds of engineering hours to sift through log data.  No, times have changed. Today, UTM is helping midsize enterprises overcome the complexity, performance and management challenges associated with protecting the corporate network.

But, don’t take our word for it, the proof is in the data. According to IDC, from 2007 to 2017 UTM is predicted to grow 95 percent, and UTM revenue from mid-market and enterprise has grown 53 percent since 2008. Even more interesting, if you look below at the IDC graph from its most recent Network Security Forecast, it shows that UTM is the largest growing sub-function of the forecast (with the others having small or flat growth).


Below we’ll outline some of the challenges facing midsize enterprise, but you can also watch our recent IDC webinar with John Grady (research manager for security products and services) on this topic, or download our new IDC infographic, sponsored by WatchGuard Technologies, on UTM in the mid-market entitled “Protecting Your Midsize Enterprise with UTM.”

There are three key issues midsize organizations face today when it comes to network security:


1. Complexity – As the security perimeter has evolved, attack mechanisms have become increasingly sophisticated, and as solutions to solve these problems have multiplied, security professionals are overwhelmed with the complexities of securing the network. Mobile devices, virtualization, and cloud applications – all of these create architectural concerns for midsize enterprises. And, since these organizations traditionally have less staff and budget, the realities of integrating complex point security solutions to address these problems become more unrealistic.


2. Performance – The Internet continues to grow (IDC and EMC estimate in the IDC Digital Universe Study, sponsored by EMC in December 2012, an increase from 2.8 to 40 zettabytes from 2010-2020), as do shipments of mobile devices (19.8 percent by 2017). Organizations are using more applications, have unlimited sharing conduits, are using rich media, and are connected all the time – online activity has exploded. Roll in cloud applications and all of a sudden you have tremendous traffic coming in and out of your network. The gateway appliance can’t be the bottleneck. It must deliver higher throughput, better connection rates, be scalable, and offer layered security at the point of entry or exit (defense in depth).


3.  Management – IT is supposed to do more with less. That’s the mandate.  Innovate, while reducing operating costs. It’s a constant challenge. It’s why solutions need to do more for less. But, when it comes to network security…threats, regulations and complexity continue to increase, while IT security budgets lag – there’s a gap between organizations’ self-defense and the threats they face. To combat this issue, midsize organizations need security solutions that offer a single pane of glass for management, and solutions that simplify policy creation and integrate across multiple applications.

These three challenges are driving UTM adoption in the mid-market. By combining AV, IPS, firewall, application control, DLP and other security features, UTM can consolidate the visibility of threats, save the organization money, and can increase management and reporting efficiency.  And, as threats continue to evolve, UTM will evolve with it, adding new security services and giving organizations the ability to easily visualize their security data (instead of simply reviewing log reports).


For more information on this topic, please view the webinar, download the infographic, or visit our UTM product page.

Avoid the Top Five Holiday Shopping Cyber Threats

To rephrase the ominous premonition of the Stark family, “The winter sales are coming!”

Perhaps you’re the type of person who gathers all the ads on Thanksgiving morning, planning how your family can synchronously hit three different stores to reap all their door-buster deals. Maybe you’re that guy who scours the Internet for early leaked copies of Monday’s sales, programming your scripts to ensure you’re the first to click buy. Or perchance—like me—you’d rather sleep in with a full belly and let others battle it out. Whichever profile fits you, Black Friday and Cyber Monday are coming, launching us into the busiest shopping season of the year… and bringing the cyber criminals scurrying out of the cracks in droves.

Criminal hackers follow the money. They track big trends and know when the biggest shopping seasons occur. Plus, like all good social engineers, they’re masters of human psychology, preying on our behavioral weaknesses to get what they want. You can bet criminal hackers are just as excited about the holiday sales season as the discount-seeking shoppers. For that reason, it’s important you enter this period with a little awareness and your eyes wide open. To help with the former, here are the top five cyber threats to watch out for during the shopping season:

  1. Seasonal email phishing scams – Attackers know you have your eye out for emails containing the latest sales and discounts and that you may have packages in transit from recent purchases. This makes it a great time for them to leverage some seasonal phishing scams to try and lure you to malicious sites or malware. Some of the most common malicious emails during the holidays are fake UPS, FedEx, or DHL messages claiming a delivery failed, bogus flight notices, and even phony secret Santa messages. All of these seasonal scams prey on common trends for the season, such as holiday vacations and trips, and people ordering more stuff online. To give you a specific example, right now a nasty new ransomware variant called Cryptolocker is spreading using the fake FedEx or UPS trick, and has cost many victims a lot of money. Avoid clicking links and attachments in unsolicited emails.
  2. Fake product giveaways – Every year the holiday shopping bonanza brings us at least one or two “must-have” items for the holiday season, whether they be Tickle-Me Elmo dolls or the latest gaming console. Cyber criminals always seem to recognize these popular consumer items early, and use them to lure unsuspecting victims to their trap. This year, two such items are the latest video game consoles—the PlayStation 4 and Xbox One. We’ve already seen phishers trying to steal personal information from victims by tricking them into filling out details to win one of these next-generation consoles. While some of these giveaways might be legit, you should be careful where you share your information, and what type of information you’re willing to give up.
  3. Dastardly Digital Downloads – During any special event or holiday, malicious hackers often pull out old reliable tricks of the trade. One such trick is the free screensaver, ringtone, or e-card offer. The attackers can easily theme their free download offers from whatever holiday or pop culture event they want, be it Thanksgiving, Christmas, or whatnot. If it sounds too good to be free, it probably is. As always, be careful what you download.
  4. Fraudulent e-commerce sites – The bad guys are great at faking web sites. They can fake your banking site, your favorite social network, and even online shopping sites that have suspiciously good deals for that one hot ticket item you’re looking for during the upcoming sales.  Of course, if they can lure you to their replica sites, they can leverage your trust in them to steal your personal information, swipe your credit card number, or force you into a drive-by download malware infection. Pay close attention to the domain names you visit, and vet your online retailers before ordering from them.
  5. Booby-trapped Ads and Blackhat SEO – Bad guys are always looking for new ways to attract you to their fake or malicious web sites. Phishing emails, instant messages, and social network posts with appealing links work, but they always experiment with new lures. Two popular new techniques are malicious online advertisements and evil search engine optimization (SEO) tricks. By either buying online ad space, or hacking online ad systems, hackers can inject fake advertisements into legitimate web sites, which redirect back to malicious sites. They can also leverage various SEO tricks to get their web sites to show up in the top results for popular searches. Are you searching for Lululemon yoga pants sales for your girlfriend this holiday? If criminals think that’s a popular gift, they can poison search results and hijack ads to use your interest against you. As you consider clicking ad links or following search results, be aware of the domains and URLs you click on.

The top five threats above all have consumers in mind, but let me share one last holiday cyber threat that merchants need too look out for; Distributed Denial of Service (DDoS) attacks. Cyber criminals realize the holidays are a very important seasons for online retailers—especially days like Cyber Monday. They know that even an hour of downtime can translate into millions in lost sales for big retailers, and they want to steal a piece of your pie. Expect to see some DDoS attacks targeting online store during the holidays, followed by extortion letters asking for money to stop the attack.

One of the best defenses to cyber attacks is a bit of awareness and vigilance. Now that you know what types of threats and scams to expect this holiday season, you can look out for them, and avoid becoming a patsy. While I shared a few security tips already, let me summarize a few other steps you can take to make your holidays hacker free.

  • Patch your software – If you let Microsoft, Apple, and Adobe (and other products) automatic software updates patch your machine regularly, you will remain safe from most cyber criminal’s technical attacks.
  • Don’t click on unsolicited links or attachments – Enough said.
  • Look for the padlock while shopping online – Though it’s no a guarantee you’re on the right site, do not share your personal or financial info with an online retailer unless you see a green padlock in your web browsers URL dialog (the icon’s appearance may differ slightly depending on your browser).
  • Use password best practices on shopping sites – You should use different, strong (i.e. long) passwords on every site you visit. If you are not familiar with password security, this post has some good advice.
  • Vet online merchants before clicking buy – A little online research can go a long way. Do Internet searches on a merchant before buying from them, paying close attention to customer reviews. When people get scammed they tend to share, so a little research can help you identify fakes retailers.

The holidays should be about family and fun. Keep your eye out for these five top threats and follow my basic security tips and you’ll surely enjoy a happy holiday season, and hopefully nab a cool treat for you and your family during this shopping season.

Revving up Internet Security at the Tokyo Motor Show

Speed. Power. Beauty. Deep red paint. Futuristic styling.

As the media explores the 43rd Tokyo Motor Show this week, they won’t see any of those things. The WatchGuard XTM 2520 and XTM 870 boxes will be in the server cabinet doing what they do best: protecting the data of thousands of people.

WatchGuard is the official Unified Threat Management provider for one of the world’s largest auto shows. Held every other year, this marks the fourth consecutive show that WatchGuard’s UTM solutions have been a part of.

With more than 840,000 people projected to attend and more than 15,000 members of the global media corps alone, the bandwidth and content transmitted is mind blowing.

Network Usage at Tokyo Motor ShowThis chart shows the spikes in download traffic throughout a typical day at the show. The XTM 2520 is one of our most powerful appliances. It’s capable of handling 35GB/second of throughput and more than 2.5 million simultaneous connections. And just to be sure we were able to help the media covering this event file reports, share pictures and tell stories — we put two of them in. What’s a little bit more horsepower? WatchGuard XTM appliances feature twin turbos, integrated performance boosters and the latest in lightweight interior wiring designed to offer amazing performance.

WatchGuard XTM at Tokyo Motor ShowThe team on the ground at the show is using WatchGuard Dimension, the latest version of our integrated security platform. Showing real-time bandwidth usage, live threat maps and system performance in an easy-to-use management console, WatchGuard Dimension has been a great help at the show to give visibility into where resources need to be focused and what the greatest uses on the network are.


One reason we went with the souped-up hardware was because we know that when this many people are on what is essentially a public network, the risk of exposure and threats can quickly multiply. Phishing emails, network attacks and even dead drops of USB drives can very quickly expose every user on the network. By bundling the highest-performing hardware in the industry with a dashboard that makes the network easier to manage, we’re giving the visiting journalists a ride of a lifetime.

If you’re interested in how WatchGuard can fine-tune your network performance, you can learn more about WatchGuard Dimension now or sign up for a test drive.

Visibility is necessary to determine which information to secure

You can’t protect what you don’t know needs to be protected.

This may sound painfully obvious, but based on recent research, the market of information security professionals don’t have nearly enough visibility into the information they are tasked with securing. We know this because we worked directly with Frost & Sullivan researchers to determine the level of insight security professionals have into their data systems.

We presented the results in a webinar with Frost & Sullivan Principal Consultant Jarad Carleton. You can view the full webinar now to get the details on just how important visibility is to defending your data.

Finding the cuts in the locked gates

Defense in depth is important, but multiple systems with multiple dashboards increase the burden on overtaxed InfoSec professionals. By distributing where information lives and not having a way to connect the systems or servers that house a businesses’ lifeline, the risk of a hack or exposure through vulnerability can go unmitigated. Frost & Sullivan’s research shows that only 15 percent of IT spend is funneled toward detecting an intrusion or compromise.

Businesses assume that by erecting a fence around their data, they are protected. But consider the fence around your data to be like the fence around 100,000 acres of rangeland. If cows start to disappear, finding the hole they’re escaping from can be a monumental task unless you have systems in place to detect those weak points. It’s no different in information security. If a leak happens with your data, you will only find out when it’s too late and your intellectual property or customer data has been exposed.

The webinar is an important teaching in how products like WatchGuard Dimension can offer the visibility into incoming threats, attack vectors and vulnerabilities to exposure as well as how to protect your business from dangerous viruses like CryptoLocker.

Analyze all the data

WatchGuard Dimension is capable of analyzing your networks inbound and outbound traffic in real time. It offers visibility into bandwidth usage, application control and other vital information for not only protecting your data, but also detecting potential data exposure.

The webinar recording features a live demonstration of how WatchGuard Dimension can actively identify the signatures of CryptoLocker. CryptoLocker is a form of ransom ware that is quickly spreading across the Internet through phishing and social engineering attacks. It encrypts the data on a computer’s hard drive and only offers the decryption key if the computer owner pays a significant fee.

Because of WatchGuard’s best-of-breed approach, our collaboration with key antivirus providers enables our customers to not only prevent the virus from rooting onto a computer, but also enables administrators the ability to identify at-risk users and targets to prevent them from falling victim to an attack.

We invite you to watch the recorded webinar now and learn how greater network visibility will enable you to protect your users and your data better. And, if you’re ready to try out WatchGuard Dimension, let us know now.

How WatchGuard can save you more than half a million dollars

Assessing the potential value of an investment can be challenging. In the face of projections and assumptions, determining real value can require calculations that don’t always include all of the available variables.

So, when we were exploring the best way to provide the market with an economic analysis of our integrated security platform (XTM), we looked to Forrester Principal Consultant Dean Davison, who happens to be an expert on customer solution purchasing and deployment.

The engagement resulted in a comprehensive study of one of our customers, and a recent webinar, which you can view on-demand below. If you don’t have time to watch the video, skip further down for a brief breakdown of the paper and webinar.

It’s not often that a customer allows us to publicly dig into every element of a security deployment, and share ROI with the world. And, well, this time was no different… at least publicly. But fortunately, one of our customers was gracious enough to allow Forrester Consulting to dig deep into all the facts and figures associated with their XTM deployment, as long as it was anonymous. The end result: The Total Economic Impact of WatchGuard XTM for Managing Unified Threat Management.

How was it done? To determine the total cost, Dean worked with a global manufacturing company that deployed WatchGuard XTM to replace a system it had outgrown.

What Forrester found was that over three years, the company would save more than $580,000. In the words of the security manager that we interviewed:

“WatchGuard costs less than [the previous vendor], and the XTM products work like they are supposed to work. WatchGuard identifies the right threats, closes the right doors, and allows me to easily pinpoint the source of security threats.”

One of the benefits of using a true Unified Threat Management platform, such as WatchGuard, is that you are able to unify all of your threat management tools into a single-pane management console. This results in a more efficient management experience. Something our customer was able to prove with his experience. Over several years of using products from the previous vendor, the security manager observed that the its “integrated” products were really a collection of point products from different divisions or acquired companies. WatchGuard utilized a best-of-breed approach to UTM. We have developed a platform that enables you to utilize the best solutions in a simple, easy-to-navigate interface (that just got so much better) and manage your systems through that.

Instead of a UTM solution, the security manager describes getting a hodgepodge of point products that feigned integration but had gaps in features, functions, and capabilities, and that support teams spent more time pointing their fingers at other products or divisions than solving his core problem. This was a dramatic departure from his experience using WatchGuard’s UTM.

The security manager was spending 35 weeks per year (about 73% of his time) troubleshooting threats or intrusions or reacting to problems that — in the security manager’s opinion — should have been addressed by the previous system such as:

  • Receiving notices from broadband carriers about malware that went undetected on the customer’s network.
  • Encountering malware that forced the shutdown of production floors for an average of 20 hours per year.
  • Enduring finger-pointing and a lack of results from customer support teams at the LTV.

But there’s more to this story. We know that the value is in the platform. Simply unifying antivirus, antispam, IPS, URL filtering, app control and more into one box is where the previous vendor had fallen short. WatchGuard brings to the table a management and analysis console that integrates crystal clear data visualization and reporting tools to show threat sources, analyze bandwidth usage and determine security best practices.

Ready to learn how WatchGuard can save your company more than a half million dollars? Simply watch the total cost of ownership webinar now.

ACS Aviation uses WatchGuard to make its global connections

As the global economy continues to unify, the global demand for flights rose 7.5 percent in August compared to last year. As more travelers take to the air, the need for the airlines to be aligned on compliance issues and international standards continues to be in high demand.

This is why ACS Aviation Solutions has experienced tremendous growth. Along with that growth has come tremendous demand on its network that supports a global, remote staff of 70 field workers, analysts and consultants. ACS runs an enterprise-grade IT infrastructure and needed bulletproof security, powerful centralized management, and fail-over capability for always-on high performance.

It found that solution with WatchGuard’s XTM unified threat management (UTM) platform. ACS deployed XTM appliances across its global offices to support its staff. ACS needed a solution that was secure for employees, but also provided access to its customers to highly sensitive documents and reports. Given the nature of ACS’ work, all data is highly confidential and security is paramount as it routinely communicates with global regulatory bodies. Additionally, it needed to have the failover that large enterprises expect from a unified threat management system.

In fact, the WatchGuard system was quickly put to the test after being implemented. The domain controller in ACS’ Dublin office went down due to a hardware interruption. Because the server was not available, Dublin traffic was rerouted through Melbourne, enabling all staff to log on and operate as normal with no experienced downtime.

ACS plans to begin using WatchGuard’s UTM platform to manage VPN connections for remote users, ensuring validation of connections occurs at the firewall, rather than in the server. This is like a doorman who asks visitors to wait outside while he checks their credentials, rather than first inviting the stranger in. The upshot is that traffic is validated between the firewall and the server, rather than between the server and the user. It’s an important distinction as it provides yet another layer of protection for the network.

Since implementing WatchGuard’s UTM platform, ACS has been able to experience the benefit of a secure network that hosts the company intranet, supports collaboration due to ease of document sharing, and provides reliable, robust disaster recovery capability.

WatchGuard XTM is a great fit for any business and our extensive lineup of appliances means that there is one that fits your needs. If you’re ready to learn how WatchGuard can fit into your business, learn more about WatchGuard now. You can also read the full details of the case study here.

As Online Banking Grows Worldwide, Unified Threat Management Platforms Meet the Data Security Challenge

Online banking is quickly becoming ubiquitous. This is a realization that Adarsh Credit Co-Operative Society, a leading multi-state Credit Co-Operative Society providing financial services to its members in India, is all too familiar with.

According to statistics from the Reserve Bank of India, the number of mobile banking transactions doubled to 5.6 million in January 2013 from 2.8 million in January 2012. The value of these transactions increased three-times to Rs 625 crore ($105.73 million USD) during the month from Rs 191 crore ($ 32.31 million USD). In the U.S., it’s not uncommon to see people using the Web to check account balances.

According to the Pew Research Center, more than half of all adults bank online. And, 32 percent of adults use their mobile devices for banking. A quick look at the Android marketplace shows that the app regional credit union here in Washington has more than 100,000 downloads alone. Chase Bank’s app has more than 10 million downloads.

This growing trend of supporting not only a technologically advanced customer base, but also the need for safe and secure transactions between its 500 locations and 2,250 employees across India led Adarsh to deploy a number of WatchGuard devices.

Adarsh has deployed WatchGuard XTM 8 and 5 Series appliances in its data centers, as well as XTM 2 Series appliances at all of its 500 branch locations. While banking accessibility was key, the organization also needed to restrict Internet usage at branch sites. Setting up the right IT security policies and ensuring uniform administration across these sites was a key driver in the selection process.

Additionally, Adarsh recently introduced the Core Banking application for its customers. This product, coupled with the geographic distribution across the country into rural areas, emphasized the importance for secure connectivity across its network.

The company was able to quickly deploy WatchGuard across its network and utilize the central management benefits almost immediately. Adarsh was able to utilize WatchGuard’s unique drag and drop VPN set up to
enable instant connectivity, even 
when dynamic IP addresses are in use.

WatchGuard offered Adarsh uninterrupted connectivity and smooth failover from one appliance to the other in case of an emergency while centralized management capabilities of the XTMs significantly reduced the cost of having to travel to support locations.

Adarsh is seeing real cost benefit since implementing WatchGuard. Are you ready to see how we can help your company? Contact us for more information on how we can or learn more about the XTM platform here. You can also read the Adarsh case study now.

The XCS 10 Forecast: Cloudy with 100% Chance of Content Security

Over the past decade, during the journey of server virtualization from primarily dev/test environments to mission-critical deployment on-premise and in the cloud, the applications that have led the way have been the email and web services that power most businesses. And as those business-critical uses keep growing so to do the need to keep them secure. But protection of virtualized and cloud-based deployments is difficult if you use solely traditional security appliances. That changes now with the arrival of WatchGuard XCS 10, the latest operating system for our enterprise content security platform.

In fact, if you’re a user of the XCS hardware and XCSv virtual appliances with a LiveSecurity subscription, you can upgrade now for free.

With new Microsoft Hyper-V® support, IPv6 support, and outbound anti-spam capabilities, XCS 10 streamlines the implementation and management of content security strategies for small, medium and large enterprises.

According to Gartner, nearly two-thirds of x86 architecture workloads have been virtualized on servers. The growth of virtualization in the SMB and mid-sized enterprise has been accompanied with the growth of Hyper-V market share. As email and Web being two of the most commonly virtualized enterprise applications, having the ability to protect them within the same cloud/virtualized environment in which they are deployed gives IT organizations increased flexibility and business continuity. This streamlines management as well as enables the system to scale.  And now they can take advantage of this power on Hyper-V as well as on VMware vSphere.

Unlike software-only solutions, customers do not need to install, maintain, and patch operating systems and other tools in order to deploy rich email and web security with data loss prevention.

WatchGuard XCS 10.0WatchGuard XCS 10 also brings support for the IPv6 standard. One of the side effects of the rise in virtualization and the digitization of the world’s workforces is that we have effectively run out of blocks of “classic” IP addresses. In fact, in some parts of the world, IPv6 is now mandatory. WatchGuard XCS 10 not only supports IPv6, but also enables mixed legacy environments to ensure global connectedness and security.

For complete release details, you can find the press release here, or visit the product page here.

Introducing the future of security intelligence

Being able to assess incoming threats in real time, export reports that inform key decision makers and analyze network usage as it ebbs and flows is a vital tool for fighting the threats, vulnerabilities and attacks that businesses around the world face. In network security, visibility is protection.

Unfortunately, a recent survey by the SANS Institute shows that only 10 percent of respondents felt confident analyzing large data sets for security trends, even though 77 percent are collecting logs and monitoring data from various systems and security devices.

And, this lack of visibility gets worse. In a recent survey conducted by WatchGuard and Slashdot of security professionals, WatchGuard found that:

  • 51 percent of respondents reported having only limited or even zero visibility into which applications are consuming bandwidth.
  • 51 percent of respondents could not identify which geography a detected threat originates from.
  • 40 percent of those surveyed would take multiple hours or even multiple days to compile a compliance report for 48 hours of traffic.
  • 33 percent of respondents would either require more than an hour identify the source of a problem in their network or were unable to identify sources regardless of time frame, posing a huge security risk for their networks.

To date, security professionals have had to rely on log data and perhaps some basic geomaps (or use complex and costly SIEM solutions). At times, those logs can feel like drowning in a sea of data.

But, all of this is about to change.

Today, WatchGuard announces the availability of WatchGuard Dimension – free with the new WatchGuard OS 11.8 and standard on any new XTM appliance.


WatchGuard Dimension

A recent report from Frost & Sullivan analyst Frank Dixon recommends that “reporting tools need to aggregate information across multiple security service to enable a singular view, allowing for ease in management and greater effectiveness of network security problem diagnosis.”

WatchGuard Dimension is a big data-style network security visibility solution that’s now standard on WatchGuard’s flagship XTM Unified Threat Management platform. To learn more about the importance of increased visibility in UTM systems, you can read this white paper that outlines the factors companies need to consider.

Get instant visibility to top-line security issues. Instantly grasp activity by top user, site or app. Home in on risk sources. Now you’re armed with actionable insight, delivered in a unified view. Here are the key features of WatchGuard Dimension:

Executive Dashboard: Provides a high-level view of the various data streams being monitored. With just a click, users can drill all the way down to individual log data, as needed.

WatchGuard Dimension Executive Dashboard

Executive Reporting: With the Executive Reporting function, users can choose from more than 70 comprehensive reports, with both summary and detail options tailored for C-level executives, IT directors, compliance officers and small business owners. Summary report options include specific HIPAA and PCI compliance reports, plus the ability to pre-schedule reports for delivery to key stakeholders in a user’s organizations. These reports can be exported to sharable PDFs.

WatchGuard Dimension executive reporting

Hierarchical TreeMap:WatchGuard Dimension’s TreeMap, called FireWatch, filters traffic in a way that instantly brings your eye to the most critical information on active users and connections, as well as who and what is using the most bandwidth. The TreeMap view also provides options to pivot, drill-down and filter.

WatchGuard Dimension Tree Map shows detailed security intelligence data.

Global ThreatMap: ThreatMap features multiple, interactive configurable views on a world map, making it possible to have real time views of threats per region. That information is critical to helping users identify and fine-tune defenses against those attacks.

WatchGuard Dimension Global Threat Map

Building a product like this is not just something we do lightly. We know there will be some adjustments to the new user interface. The survey data we mentioned earlier highlights the difficulty of utilizing raw data logs to quickly assess a threat or analyze data consumption to make assertive policy decisions.

WatchGuard Dimension is now available with WatchGuard’s 11.8 launch of its XTM security platform solution. But there’s more in the release too. We have added Data Loss Prevention to the platform and updated the Web user interface to make it responsive and compatible with mobile devices.

Ready to try it out? For complete Dimension information and features, please click here.