//
archives

cloud-based security

This tag is associated with 2 posts

Introducing the future of security intelligence

Being able to assess incoming threats in real time, export reports that inform key decision makers and analyze network usage as it ebbs and flows is a vital tool for fighting the threats, vulnerabilities and attacks that businesses around the world face. In network security, visibility is protection.

Unfortunately, a recent survey by the SANS Institute shows that only 10 percent of respondents felt confident analyzing large data sets for security trends, even though 77 percent are collecting logs and monitoring data from various systems and security devices.

And, this lack of visibility gets worse. In a recent survey conducted by WatchGuard and Slashdot of security professionals, WatchGuard found that:

  • 51 percent of respondents reported having only limited or even zero visibility into which applications are consuming bandwidth.
  • 51 percent of respondents could not identify which geography a detected threat originates from.
  • 40 percent of those surveyed would take multiple hours or even multiple days to compile a compliance report for 48 hours of traffic.
  • 33 percent of respondents would either require more than an hour identify the source of a problem in their network or were unable to identify sources regardless of time frame, posing a huge security risk for their networks.

To date, security professionals have had to rely on log data and perhaps some basic geomaps (or use complex and costly SIEM solutions). At times, those logs can feel like drowning in a sea of data.

But, all of this is about to change.

Today, WatchGuard announces the availability of WatchGuard Dimension – free with the new WatchGuard OS 11.8 and standard on any new XTM appliance.

Analyze ALL THE DATA

WatchGuard Dimension

A recent report from Frost & Sullivan analyst Frank Dixon recommends that “reporting tools need to aggregate information across multiple security service to enable a singular view, allowing for ease in management and greater effectiveness of network security problem diagnosis.”

WatchGuard Dimension is a big data-style network security visibility solution that’s now standard on WatchGuard’s flagship XTM Unified Threat Management platform. To learn more about the importance of increased visibility in UTM systems, you can read this white paper that outlines the factors companies need to consider.

Get instant visibility to top-line security issues. Instantly grasp activity by top user, site or app. Home in on risk sources. Now you’re armed with actionable insight, delivered in a unified view. Here are the key features of WatchGuard Dimension:

Executive Dashboard: Provides a high-level view of the various data streams being monitored. With just a click, users can drill all the way down to individual log data, as needed.

WatchGuard Dimension Executive Dashboard

Executive Reporting: With the Executive Reporting function, users can choose from more than 70 comprehensive reports, with both summary and detail options tailored for C-level executives, IT directors, compliance officers and small business owners. Summary report options include specific HIPAA and PCI compliance reports, plus the ability to pre-schedule reports for delivery to key stakeholders in a user’s organizations. These reports can be exported to sharable PDFs.

WatchGuard Dimension executive reporting

Hierarchical TreeMap:WatchGuard Dimension’s TreeMap, called FireWatch, filters traffic in a way that instantly brings your eye to the most critical information on active users and connections, as well as who and what is using the most bandwidth. The TreeMap view also provides options to pivot, drill-down and filter.

WatchGuard Dimension Tree Map shows detailed security intelligence data.

Global ThreatMap: ThreatMap features multiple, interactive configurable views on a world map, making it possible to have real time views of threats per region. That information is critical to helping users identify and fine-tune defenses against those attacks.

WatchGuard Dimension Global Threat Map

Building a product like this is not just something we do lightly. We know there will be some adjustments to the new user interface. The survey data we mentioned earlier highlights the difficulty of utilizing raw data logs to quickly assess a threat or analyze data consumption to make assertive policy decisions.

WatchGuard Dimension is now available with WatchGuard’s 11.8 launch of its XTM security platform solution. But there’s more in the release too. We have added Data Loss Prevention to the platform and updated the Web user interface to make it responsive and compatible with mobile devices.

Ready to try it out? For complete Dimension information and features, please click here.

Web Security Solutions – 7 Benefits of Reputation Enabled Defense

Reputation services complement gateway antivirus and traditional desktop web security solutions by providing improved performance and an additional layer of protection. Unlike traditional gateway anti-virus solutions, which typically update signatures on an hourly or daily basis, reputation services provide the equivalent of real-time updates of malware intelligence. The broader and improved URL reputation data they provide result in greater protection from web security threats and faster, more productive web surfing. However, not all reputation services function in the same manner, so IT security professionals should exercise caution when evaluating potential solutions.

As a cloud-assisted service, Reputation Enabled Defense provides instantaneous web security that is updated continuously. Not only does it improve proactive security, it helps organizations take advantage of greater computing and processor power from servers hosted in the cloud. IT can save valuable processor resources on local appliances. As a result, more users can be served at higher rates of throughput – for less money.

We’ve seen Reputation Enabled Defense provide a broad set of security and performance benefits arising from the ability to perform proactive security measures in the cloud. Below are the seven most salient benefits that we see for IT and network administrators. Check them out and then be sure to check your ReputationAuthority score using our online tool.

Security

  1. Organizations can protect their valuable data by increasing efficacy and catch rate of every URL-based type of malware.
  2. Administrators can gain comfort in knowing that unsafe URLs face multiple levels of automated protection prior to gaining network access.
  3. The full power and knowledge of our user community is brought to bear on the network’s security stance through cloud-based security.
  4. Administrators can strike the ideal balance of web security and performance by monitoring scan results and modifying system configurations.

Performance

  1. Administrators can deliver higher performance to the business and raise user satisfaction levels by minimizing URL scanning and gaining higher throughput at the gateway.
  2. Administrators can reduce bandwidth and processing cycles with connection-level rejections of bad web sites.
  3. The most frequented URLs are regularly updated in the ‘ReputationAuthority’ database through intuitive learning.

Malware continues to spread across the web. The ability of a single organization’s IT staff to monitor and protect against all web security threats is eaten away by growing threat volumes and by new and ever-morphing threat variations. That is why we try to constantly push the envelope to improve methods for proactive and cloud-based security, taking into account the critical balance that must be maintained between security and performance.