This category contains 53 posts

WatchGuard Secures Leading Convenience Store Chain, Ensures PCI Compliance

Last week, WatchGuard announced that one of Mexico’s leading convenience store chains, Super Kiosko, is securing more than 200 stores across four Pacific states using the company’s UTM solutions.

WatchGuard enables Super Kiosko to leverage the layered defense and best-of-breed services of its UTM solutions to protect its remote retail locations, secure confidential customer and company data, meet PCI compliance standards, and centralize overall security management.

You can read the entire press release here, or check out the mini graphic case study below for more details.


Combating Advanced Malware More Effectively with WatchGuard APT Blocker

In the current information-security landscape, new breeds of malware have emerged that are more advanced and resistant to conventional defenses such as signature-based AntiVirus solutions. Attackers have also evolved over time and are better than ever at evading detection.

But, today the defense against modern malware got much stronger. WatchGuard announced the launch of its new Advanced Persistent Threat (APT) solution, APT Blocker, which provides real-time, advanced-threat visibility for Unified Threat Management (UTM) and Next-Gen Firewall appliances.

Real-time visibility, next-generation sandboxing

APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox powered by partner Lastline, where the actual code is virtually executed and analyzed, using one of the industry’s most sophisticated platforms for detecting APTs and zero-day malware. Why is this important? Because nearly 88 percent of today’s malware can morph to avoid detection by signature-based antivirus solutions.*

APT Blocker also integrates with WatchGuard’s visibility tool, WatchGuard Dimension, providing an instant, single-pane view of advanced threats, along with other top trends, applications and threats covered by WatchGuard security technologies.

The end result with APT Blocker: protection in minutes, not hours.

APT - 5

WatchGuard Dimension with APT Blocker

Today’s advanced threats 

APTs can be difficult to detect because they are unknown threats. Advanced attackers either create custom malware, that has never been seen before, or use different techniques to morph existing malware so that it avoids traditional detection. And, while many companies rely on AntiVirus solutions alone to catch malware, they can often only detect known threats using signature-based solutions. This leaves companies without APT protection almost completely vulnerable.

APT Characteristics

APT Characteristics

Modern malware uses advanced techniques such as encrypted communication channels, kernel-level rootkits, and sophisticated evasion capabilities to get past a network’s defenses.

Persistence is another feature of modern malware. It is stealthy and carefully hides its communications, and it “lives” in a victim’s network for as long as possible, often cleaning up after itself (deleting logs, using strong encryption, and only reporting back to its controller in small, obfuscated bursts of communication).

Many attacks are now blended combinations of different techniques. Groups of highly skilled, motivated attackers represent significant threats because they have very specific targets and goals in mind.

Historically, APT targets were exclusively governments and large enterprises whose critical infrastructures were stymied by the likes of Stuxnet and Duqu. But, today, advanced threats have evolved to target much smaller organizations and corporations to similarly devastating effect.


Examples of an APT 

APT Blocker is now available and comes pre-installed with a free 30-day trial with the launch of version 11.9 of WatchGuard’s Fireware security platform, which includes other best-of-breed services such as: AntiVirus, AntiSpam, Application Control and DLP.

For more information check out our new APT infographic or download the APT whitepaper.


*Malwise—An Effective and Efficient Classification System for Packed and Polymorphic Malware, Deakin University, Victoria, June 2013

Protect Where You Connect: Bringing Enterprise-Level UTM to SOHO Users

The creation and management of a company’s most valuable asset — its intellectual property (IP) — increasingly is done from small office home office (SOHO) environments.

  • Frost & Sullivan reports1 that 70 percent of high-value employees work from home once a week.
  • They also find that 75 percent of corporate IP is housed in email and messaging system.
  • And, recent global WatchGuard research2 shows that 82 percent of companies allow their employees to access the corporate network from a small office home office (SOHO) environment.

But, are these SOHO environments safe? Unfortunately, WatchGuard’s survey also found that nearly 30 percent do not require a gateway security device at all. For those that do, only 23 percent require users to go beyond simple firewall capabilities included in their router to leverage UTM services similar to those used in the corporate headquarters, with features such as Intrusion Prevention, AntiVirus, Data Loss Prevention, Application Control, AntiSpam, and more. (See the complete infographic here.)


Without an integrated, multi-function security appliance (layered defense) at these SOHO locations, employees working remotely are putting the corporate network and business-critical IP at risk.

The good news? Today, WatchGuard announced the WatchGuard Firebox® T10 Unified Threat Management (UTM) solution. Designed to protect enterprise users where they connect – in the small office home office – the appliance allows enterprises to extend powerful network security to the remote workforce.

The Firebox® T10 features WatchGuard’s cloud-based RapidDeploy capability, which enables unattended configuration of  the appliance once it is plugged in and connected to the internet. . WatchGuard UTM solutions feature  best-of-breed AntiSPAM AntiVirus, URL filtering technologies, and blended threat and DDoS attack protection, as well as full security visibility (with WatchGuard Dimension), data loss prevention and central management.

The Firebox® T10 offers the industry’s leading enterprise-level UTM solution with comprehensive services for the home office at only $395 USD (pricing may vary depending on region and regulation) – including one full year of UTM protection.

Want more details? Head over to the WatchGuard Firebox T10 page, click here.


1Frost and Sullivan SOHO study, GFI, Why Organizations need to archive emails

2WatchGuard Global IT Survey 2014

The Difference Between UTM and NGFW

I got a call from a potential customer the other day while driving in the car with my family.  After listening to the flood of TLAs (three letter acronyms) in the conversation, my daughter asked me what all that alphabet soup meant.  Many customers wonder the same thing.  What is DLP (data loss prevention) and why do you need it?  Is IPS (intrusion prevention system) the same as APT (advanced persistent threat) and which one should you use?  And so on.  One of the biggest questions we hear is “what is NGFW (next generation firewall) and how is it different from UTM (unified threat management.)  The real answer is that it isn’t as different as you might think.  Let me explain.

UTM was born in SMB (small-to-midsized business.)  It usually refers to a single box with multiple security technologies running on it (1). SMBs love it because it’s drop-dead simple to deploy and gives them every security feature they need in a single platform.  NGFW is a subset of functionality, typically only 2 or 3 of the modules running on a single box.  Yet, although it is less functional, many larger corporations tend to prefer to break up technology by location – they prefer to deliberately architect their security solutions to put the required security appliance close to the item it is protecting.  E.g. the IPS belongs at the perimeter, but A/V and SPAM filtering belong next to the email server, etc.

Regardless of company size, and certainly regardless of which solution people choose, UTM or NGFW, WatchGuard is a very strong believer in unifying multiple scan engines onto a single box.  It just makes sense.  You needn’t pay for additional hardware, OS licenses, maintenance contracts, etc.  In addition, it gives you the best chance of combatting today’s multi-vectored threats.  Rather than keeping security tools in silos, with a different box / console / policy for each one, unify your security into the form factor that makes the most sense.

Perhaps the promise of lower operating costs combined with increased levels of security is what’s driving the growth in the integrated security market right now.  Leading analyst firm IDC tracks the growth of the UTM market specifically at more than 13% this year.  That’s the single highest growth rate in the network security market.  When that many customers vote with their dollars, euros, pesos, and baht, WatchGuard notices and works even harder to give you the tools you need to succeed.

1. Gateway antivirus, SPAM blocking, URL filtering, Intrusion Prevention, Data Loss Prevention, Reputation Authority, etc.

It’s Better To Be A Security Platform, Here’s Why

The security industry does a great job scaring its customers. We talk about threats becoming ever more threatening. The perimeter dissolving. The plethora of risks from inside and outside the company. Villains trying the defenses. It’s all a bit scary, as it should be.

If we’re right, which we think we are, there’s really just one way to deliver the protections needed: as a platform. The security industry is fundamentally a cat-and-mouse game. Historically, protection has gotten better, attacks have been fended off, but villains continue to get smarter, new attacks emerge and result in damages, and the cycle continues and never ends. The air-tight protection of yester-year becomes as leaky as a fish net. How can we deliver true protection and keep up with the cycle?

Here comes Security as a Platform (SaaP). It has three elements:

  • A software architecture to bring in new services easily.
  • A “single pane of glass” management framework, so customers are not confused when new services are introduced.
  • A hardware foundation that delivers the level of performance needed to support these services and software now, and sufficient performance headroom for the future.

This SaaP defines WatchGuard’s approach to unified threat management (UTM). We focus on building the best platform so we can introduce new, world-class security services quickly. We have a friendly and uniform management framework that allows all security services to work together and provide reporting data seamlessly. And, our platforms have sufficient head room so as we add new services you don’t need to upgrade hardware. But, if you do need a bigger box due to other growth factors, everything is compatible for easy upgrades.


On the surface, WatchGuard looks just like a standard multi-function box. Underneath, it packs uncompromising world-class security services and unparalleled performance. We can make this promise because of how we’re architected.

What should you do if you’re thinking of upgrading your gateway security? Here are some tips to consider when evaluating vendor solutions:

  1. List all the security services you need today.
  2. Find the box that has all of them, turn all of those services on, measure the performance.
  3. Check the CPU and memory utilization and make sure there is at least 30 percent of head-room left.
  4. Repeat for all candidate boxes.
  5. During the process, evaluate how easy it is to manage those services. If multiple of those devices are needed, check the ease-of-use for centralized management.
  6. Choose the best one within your budget.

For more information on our UTM platforms, click here.  To look at an independent evaluation of our performance from Miercom, click here.

Revving up Internet Security at the Tokyo Motor Show

Speed. Power. Beauty. Deep red paint. Futuristic styling.

As the media explores the 43rd Tokyo Motor Show this week, they won’t see any of those things. The WatchGuard XTM 2520 and XTM 870 boxes will be in the server cabinet doing what they do best: protecting the data of thousands of people.

WatchGuard is the official Unified Threat Management provider for one of the world’s largest auto shows. Held every other year, this marks the fourth consecutive show that WatchGuard’s UTM solutions have been a part of.

With more than 840,000 people projected to attend and more than 15,000 members of the global media corps alone, the bandwidth and content transmitted is mind blowing.

Network Usage at Tokyo Motor ShowThis chart shows the spikes in download traffic throughout a typical day at the show. The XTM 2520 is one of our most powerful appliances. It’s capable of handling 35GB/second of throughput and more than 2.5 million simultaneous connections. And just to be sure we were able to help the media covering this event file reports, share pictures and tell stories — we put two of them in. What’s a little bit more horsepower? WatchGuard XTM appliances feature twin turbos, integrated performance boosters and the latest in lightweight interior wiring designed to offer amazing performance.

WatchGuard XTM at Tokyo Motor ShowThe team on the ground at the show is using WatchGuard Dimension, the latest version of our integrated security platform. Showing real-time bandwidth usage, live threat maps and system performance in an easy-to-use management console, WatchGuard Dimension has been a great help at the show to give visibility into where resources need to be focused and what the greatest uses on the network are.


One reason we went with the souped-up hardware was because we know that when this many people are on what is essentially a public network, the risk of exposure and threats can quickly multiply. Phishing emails, network attacks and even dead drops of USB drives can very quickly expose every user on the network. By bundling the highest-performing hardware in the industry with a dashboard that makes the network easier to manage, we’re giving the visiting journalists a ride of a lifetime.

If you’re interested in how WatchGuard can fine-tune your network performance, you can learn more about WatchGuard Dimension now or sign up for a test drive.

Visibility is necessary to determine which information to secure

You can’t protect what you don’t know needs to be protected.

This may sound painfully obvious, but based on recent research, the market of information security professionals don’t have nearly enough visibility into the information they are tasked with securing. We know this because we worked directly with Frost & Sullivan researchers to determine the level of insight security professionals have into their data systems.

We presented the results in a webinar with Frost & Sullivan Principal Consultant Jarad Carleton. You can view the full webinar now to get the details on just how important visibility is to defending your data.

Finding the cuts in the locked gates

Defense in depth is important, but multiple systems with multiple dashboards increase the burden on overtaxed InfoSec professionals. By distributing where information lives and not having a way to connect the systems or servers that house a businesses’ lifeline, the risk of a hack or exposure through vulnerability can go unmitigated. Frost & Sullivan’s research shows that only 15 percent of IT spend is funneled toward detecting an intrusion or compromise.

Businesses assume that by erecting a fence around their data, they are protected. But consider the fence around your data to be like the fence around 100,000 acres of rangeland. If cows start to disappear, finding the hole they’re escaping from can be a monumental task unless you have systems in place to detect those weak points. It’s no different in information security. If a leak happens with your data, you will only find out when it’s too late and your intellectual property or customer data has been exposed.

The webinar is an important teaching in how products like WatchGuard Dimension can offer the visibility into incoming threats, attack vectors and vulnerabilities to exposure as well as how to protect your business from dangerous viruses like CryptoLocker.

Analyze all the data

WatchGuard Dimension is capable of analyzing your networks inbound and outbound traffic in real time. It offers visibility into bandwidth usage, application control and other vital information for not only protecting your data, but also detecting potential data exposure.

The webinar recording features a live demonstration of how WatchGuard Dimension can actively identify the signatures of CryptoLocker. CryptoLocker is a form of ransom ware that is quickly spreading across the Internet through phishing and social engineering attacks. It encrypts the data on a computer’s hard drive and only offers the decryption key if the computer owner pays a significant fee.

Because of WatchGuard’s best-of-breed approach, our collaboration with key antivirus providers enables our customers to not only prevent the virus from rooting onto a computer, but also enables administrators the ability to identify at-risk users and targets to prevent them from falling victim to an attack.

We invite you to watch the recorded webinar now and learn how greater network visibility will enable you to protect your users and your data better. And, if you’re ready to try out WatchGuard Dimension, let us know now.

ACS Aviation uses WatchGuard to make its global connections

As the global economy continues to unify, the global demand for flights rose 7.5 percent in August compared to last year. As more travelers take to the air, the need for the airlines to be aligned on compliance issues and international standards continues to be in high demand.

This is why ACS Aviation Solutions has experienced tremendous growth. Along with that growth has come tremendous demand on its network that supports a global, remote staff of 70 field workers, analysts and consultants. ACS runs an enterprise-grade IT infrastructure and needed bulletproof security, powerful centralized management, and fail-over capability for always-on high performance.

It found that solution with WatchGuard’s XTM unified threat management (UTM) platform. ACS deployed XTM appliances across its global offices to support its staff. ACS needed a solution that was secure for employees, but also provided access to its customers to highly sensitive documents and reports. Given the nature of ACS’ work, all data is highly confidential and security is paramount as it routinely communicates with global regulatory bodies. Additionally, it needed to have the failover that large enterprises expect from a unified threat management system.

In fact, the WatchGuard system was quickly put to the test after being implemented. The domain controller in ACS’ Dublin office went down due to a hardware interruption. Because the server was not available, Dublin traffic was rerouted through Melbourne, enabling all staff to log on and operate as normal with no experienced downtime.

ACS plans to begin using WatchGuard’s UTM platform to manage VPN connections for remote users, ensuring validation of connections occurs at the firewall, rather than in the server. This is like a doorman who asks visitors to wait outside while he checks their credentials, rather than first inviting the stranger in. The upshot is that traffic is validated between the firewall and the server, rather than between the server and the user. It’s an important distinction as it provides yet another layer of protection for the network.

Since implementing WatchGuard’s UTM platform, ACS has been able to experience the benefit of a secure network that hosts the company intranet, supports collaboration due to ease of document sharing, and provides reliable, robust disaster recovery capability.

WatchGuard XTM is a great fit for any business and our extensive lineup of appliances means that there is one that fits your needs. If you’re ready to learn how WatchGuard can fit into your business, learn more about WatchGuard now. You can also read the full details of the case study here.

UTM Appliances and Securing 500 Banking Branches – What you Need to Consider

Achieving secure connectivity with failover, content-based Web filtering and centralized management of more than 500 locations is never an easy task for an IT team, but when it’s a financial institution with over 2,250 employees based globally it gets even more complex. This is what Adarsh Credit Co-Cooperative Society, a leading multi-state financial institution in India, was tasked with and they turned to our team here at WatchGuard for help.

Adarsh deployed our XTM 8 and 5 Series UTM appliances in its data centers, as well as XTM 2 Series UTM appliances at all of its branch locations. While banking accessibility was vital, the organization also needed to restrict Internet usage at branch sites. Setting up the right IT security policies and ensuring uniform administration across these sites was a key driver in the selection process, as it should be!

Adarsh’s AVP of IT, Ramlal Arya, summed up his challenge and spoke of his experience…

We implemented the Core Banking application and needed to connect all the branches with the central location so it could be accessed seamlessly. When employees and members access the Core application, speed is important, but the bigger challenge is ensuring all transactions are secure.  Deploying WatchGuard helped achieve both goals. WatchGuard’s XTM also helps us achieve higher throughput, which results in faster application access across the board. Installation of the appliances in high-availability mode ensured uninterrupted connectivity and smooth failover from one appliance to the other. It proved fast and straightforward with the centralized policy management capabilities and has reduced our need for site-to-site travel. And, working with WatchGuard’s Expert Partner, TM Systems Pvt., made the entire process fluid. 

WatchGuard has given us a secure platform that allows us to connect all locations seamlessly and gives members and employees secure connectivity quickly to the applications they need. On the IT side, it gives us more control and the ability to easily manage these appliances and policies from a centralized location.

UTM security can play a role in solving many complex challenges, from banking to PCI DSS compliance to distributed retail environments. Whenever evaluating a UTM appliance you need to consider five core traits:

    1. Quality of the features and capabilities – Here at WatchGuard, we use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Commtouch for anti-spam, and so on.
    2. Security performance or UTM performance – Our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.
    3. Manageability and ease of use – Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.
    4. Flexibility – UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.
    5. Reporting and visibility – Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.

These five traits were paramount to Adarsh and their requirements for the ultimate in network security management. Be sure they’re on your consideration check-list when you’re looking to secure your network!

As Online Banking Grows Worldwide, Unified Threat Management Platforms Meet the Data Security Challenge

Online banking is quickly becoming ubiquitous. This is a realization that Adarsh Credit Co-Operative Society, a leading multi-state Credit Co-Operative Society providing financial services to its members in India, is all too familiar with.

According to statistics from the Reserve Bank of India, the number of mobile banking transactions doubled to 5.6 million in January 2013 from 2.8 million in January 2012. The value of these transactions increased three-times to Rs 625 crore ($105.73 million USD) during the month from Rs 191 crore ($ 32.31 million USD). In the U.S., it’s not uncommon to see people using the Web to check account balances.

According to the Pew Research Center, more than half of all adults bank online. And, 32 percent of adults use their mobile devices for banking. A quick look at the Android marketplace shows that the app regional credit union here in Washington has more than 100,000 downloads alone. Chase Bank’s app has more than 10 million downloads.

This growing trend of supporting not only a technologically advanced customer base, but also the need for safe and secure transactions between its 500 locations and 2,250 employees across India led Adarsh to deploy a number of WatchGuard devices.

Adarsh has deployed WatchGuard XTM 8 and 5 Series appliances in its data centers, as well as XTM 2 Series appliances at all of its 500 branch locations. While banking accessibility was key, the organization also needed to restrict Internet usage at branch sites. Setting up the right IT security policies and ensuring uniform administration across these sites was a key driver in the selection process.

Additionally, Adarsh recently introduced the Core Banking application for its customers. This product, coupled with the geographic distribution across the country into rural areas, emphasized the importance for secure connectivity across its network.

The company was able to quickly deploy WatchGuard across its network and utilize the central management benefits almost immediately. Adarsh was able to utilize WatchGuard’s unique drag and drop VPN set up to
enable instant connectivity, even 
when dynamic IP addresses are in use.

WatchGuard offered Adarsh uninterrupted connectivity and smooth failover from one appliance to the other in case of an emergency while centralized management capabilities of the XTMs significantly reduced the cost of having to travel to support locations.

Adarsh is seeing real cost benefit since implementing WatchGuard. Are you ready to see how we can help your company? Contact us for more information on how we can or learn more about the XTM platform here. You can also read the Adarsh case study now.