//
archives

security appliance

This tag is associated with 3 posts

ACS Aviation uses WatchGuard to make its global connections

As the global economy continues to unify, the global demand for flights rose 7.5 percent in August compared to last year. As more travelers take to the air, the need for the airlines to be aligned on compliance issues and international standards continues to be in high demand.

This is why ACS Aviation Solutions has experienced tremendous growth. Along with that growth has come tremendous demand on its network that supports a global, remote staff of 70 field workers, analysts and consultants. ACS runs an enterprise-grade IT infrastructure and needed bulletproof security, powerful centralized management, and fail-over capability for always-on high performance.

It found that solution with WatchGuard’s XTM unified threat management (UTM) platform. ACS deployed XTM appliances across its global offices to support its staff. ACS needed a solution that was secure for employees, but also provided access to its customers to highly sensitive documents and reports. Given the nature of ACS’ work, all data is highly confidential and security is paramount as it routinely communicates with global regulatory bodies. Additionally, it needed to have the failover that large enterprises expect from a unified threat management system.

In fact, the WatchGuard system was quickly put to the test after being implemented. The domain controller in ACS’ Dublin office went down due to a hardware interruption. Because the server was not available, Dublin traffic was rerouted through Melbourne, enabling all staff to log on and operate as normal with no experienced downtime.

ACS plans to begin using WatchGuard’s UTM platform to manage VPN connections for remote users, ensuring validation of connections occurs at the firewall, rather than in the server. This is like a doorman who asks visitors to wait outside while he checks their credentials, rather than first inviting the stranger in. The upshot is that traffic is validated between the firewall and the server, rather than between the server and the user. It’s an important distinction as it provides yet another layer of protection for the network.

Since implementing WatchGuard’s UTM platform, ACS has been able to experience the benefit of a secure network that hosts the company intranet, supports collaboration due to ease of document sharing, and provides reliable, robust disaster recovery capability.

WatchGuard XTM is a great fit for any business and our extensive lineup of appliances means that there is one that fits your needs. If you’re ready to learn how WatchGuard can fit into your business, learn more about WatchGuard now. You can also read the full details of the case study here.

Australian Catholic Regional College Gives Students, Staff and Parents Safe and Secure Network Access

“Information security” is not just for businesses looking to safeguard their intellectual property, financial data or customer data. It is also a vital component of ensuring that students around the world maintain a positive learning environment. As we detailed in our last post, the ability to support numerous devices per student, enable access to public websites, and still maintain a commitment to student and teacher privacy is a battle school districts face globally.

As Catholic Regional College in Melton, Australia has found out, WatchGuard’s Unified Threat Management (UTM) platform enables it to offer its students secure browsing, but also delivers the performance to handle the bandwidth demands that are key in today’s learning environments.

The school, which serves more than 950 students, has committed itself to delivering a 1:1 student to computing device ratio for its students. Three years ago, the College network was much smaller and all activity was governed by Catholic Education Office rules. Making changes to policies or access control was difficult. But, recent growth in the College’s enrollment made a higher throughput option necessary to meet student and staff needs.

To meet these challenges, the school deployed two WatchGuard XTM solutions.

The flexibility and management WatchGuard delivers has enabled the school to support the introduction of new services for the school community. For example, parents were provided access to the school network, enabling them to view student grades and potentially sensitive welfare information. As any breaches of privacy could have legal ramifications, keeping this information secure is critical.

Now, everything running in and out of the network runs through the WatchGuard appliances, from data to the phone and security systems. With the System Manager and central console the school can see what’s going on in real time and take action.

Initially deployed just for its firewall capabilities, the team quickly deployed a second WatchGuard XTM 1050 at a central location to leverage the complete feature set available in the Unified Threat Management (UTM) platform, which includes IPS, AntiVirus, URL Filtering, AntiSpam, Application Control and more. The WatchGuard appliance also supports the school’s expanding range of IP addresses, increased throughput demands, and the need for Network Address Translation (NAT).

The folks at Catholic Regional College in Melton were kind enough to sit for a video interview, which you can view here. And as always, you can contact us with questions or drop a comment below.

8 Messaging Attributes to Trigger Email Encryption

Email encryption policies can be extremely granular and, once defined, applied automatically at the gateway. This ensures email encryption and email privacy is handled consistently, and eliminates the risk of user error by removing the need for senders to make decisions as to whether or not to secure an email and its content.

When encryption is enabled, you can use policy and content filtering features in your email security solution (in our case the XCS family of email security appliances) to scan for specific patterns in email messages that indicate the message must be encrypted, including:

  • Pattern Filters
  • Objectionable Content Filters
  • Content Scanning
  • Content Rules
  • Document Fingerprinting

For example, you can create a Pattern Filter to search for the word “[Encrypt]” in the subject field of a message. An end user can add this phrase to their message subject header to indicate the message must be encrypted before it is delivered.

Policies can be set to encrypt messages based on header, subject line, sender, recipient, content, attachments, and many other attributes of an email message, including:

  1. Header or Subject Line: Emails can be set to be encrypted based on keywords within the header or subject line.
  2. Sender or Recipient: Email encryption based on destination (e.g. auditors, Board of Directors, a specific business partner or supplier) or sender. For example, a policy can be set that defines that any emails from John Smith, the CFO of an organization, to the company’s auditor, Jane Doe at auditfirm.com are sent encrypted.
  3. User, Group, or Domain: Email encryption based on user, group, or domain, providing secure, enhanced flexibility of data-in-motion privacy without hindering the flow of data. For example, all emails sent out of the organization by the HR department can be set to be encrypted.
  4. Email Body: Searches for text in an outgoing message that identifies it as a message to be encrypted.
  5. Private Data and Objectionable Content: Searches from a pre-defined dictionary of words that is checked against a message to determine if the message should be encrypted. For example, you may require that any outgoing messages that contain certain confidential information, for example, credit card information or medical records, must be encrypted.
  6. Keywords and Regular Expressions: Keywords and regular expressions found in the subject line or content of messages as defined within the appliance content control policies.
  7. Attachment Type: Email encryption based on other message attributes such as attachment type. For example, you can set encryption to be triggered on all .xls or .csv documents.
  8. Attachment Content: Our XCS email security appliance has the ability to scan content of over 150 file types for keywords, phrases, or patterns which, upon detection of policy-based content can then trigger the email for encryption without user intervention.

Based on the growing volumes of confidential and sensitive information traversing networks on a daily basis, regulatory bodies and business executives have turned their concerns to ensuring messaging is protected from unauthorized viewing. Regulations such as Sarbanes-Oxley (SOX), PCI, HIPAA, GLBA and others have been introduced to mandate that email messages containing sensitive or confidential data are handled securely.

Email encryption has emerged as a vital aspect of an overall email security solution to secure confidential data and yet continue to allow the free flow of communications between colleagues, customers, and partners.