unified threat management

This tag is associated with 10 posts

It’s Better To Be A Security Platform, Here’s Why

The security industry does a great job scaring its customers. We talk about threats becoming ever more threatening. The perimeter dissolving. The plethora of risks from inside and outside the company. Villains trying the defenses. It’s all a bit scary, as it should be.

If we’re right, which we think we are, there’s really just one way to deliver the protections needed: as a platform. The security industry is fundamentally a cat-and-mouse game. Historically, protection has gotten better, attacks have been fended off, but villains continue to get smarter, new attacks emerge and result in damages, and the cycle continues and never ends. The air-tight protection of yester-year becomes as leaky as a fish net. How can we deliver true protection and keep up with the cycle?

Here comes Security as a Platform (SaaP). It has three elements:

  • A software architecture to bring in new services easily.
  • A “single pane of glass” management framework, so customers are not confused when new services are introduced.
  • A hardware foundation that delivers the level of performance needed to support these services and software now, and sufficient performance headroom for the future.

This SaaP defines WatchGuard’s approach to unified threat management (UTM). We focus on building the best platform so we can introduce new, world-class security services quickly. We have a friendly and uniform management framework that allows all security services to work together and provide reporting data seamlessly. And, our platforms have sufficient head room so as we add new services you don’t need to upgrade hardware. But, if you do need a bigger box due to other growth factors, everything is compatible for easy upgrades.


On the surface, WatchGuard looks just like a standard multi-function box. Underneath, it packs uncompromising world-class security services and unparalleled performance. We can make this promise because of how we’re architected.

What should you do if you’re thinking of upgrading your gateway security? Here are some tips to consider when evaluating vendor solutions:

  1. List all the security services you need today.
  2. Find the box that has all of them, turn all of those services on, measure the performance.
  3. Check the CPU and memory utilization and make sure there is at least 30 percent of head-room left.
  4. Repeat for all candidate boxes.
  5. During the process, evaluate how easy it is to manage those services. If multiple of those devices are needed, check the ease-of-use for centralized management.
  6. Choose the best one within your budget.

For more information on our UTM platforms, click here.  To look at an independent evaluation of our performance from Miercom, click here.

IDC & WatchGuard Reveal Top 3 Security Challenges Facing Midsize Organizations: How Can UTM Help?

As 2013 comes to an end, Unified Threat Management (UTM) has grown up. What used to be an SMB security solution has now matured into a powerful platform for the midsize enterprise. The holy grail of defense-in-depth no longer requires costly point solutions, disparate management consoles, and hundreds of engineering hours to sift through log data.  No, times have changed. Today, UTM is helping midsize enterprises overcome the complexity, performance and management challenges associated with protecting the corporate network.

But, don’t take our word for it, the proof is in the data. According to IDC, from 2007 to 2017 UTM is predicted to grow 95 percent, and UTM revenue from mid-market and enterprise has grown 53 percent since 2008. Even more interesting, if you look below at the IDC graph from its most recent Network Security Forecast, it shows that UTM is the largest growing sub-function of the forecast (with the others having small or flat growth).


Below we’ll outline some of the challenges facing midsize enterprise, but you can also watch our recent IDC webinar with John Grady (research manager for security products and services) on this topic, or download our new IDC infographic, sponsored by WatchGuard Technologies, on UTM in the mid-market entitled “Protecting Your Midsize Enterprise with UTM.”

There are three key issues midsize organizations face today when it comes to network security:


1. Complexity – As the security perimeter has evolved, attack mechanisms have become increasingly sophisticated, and as solutions to solve these problems have multiplied, security professionals are overwhelmed with the complexities of securing the network. Mobile devices, virtualization, and cloud applications – all of these create architectural concerns for midsize enterprises. And, since these organizations traditionally have less staff and budget, the realities of integrating complex point security solutions to address these problems become more unrealistic.


2. Performance – The Internet continues to grow (IDC and EMC estimate in the IDC Digital Universe Study, sponsored by EMC in December 2012, an increase from 2.8 to 40 zettabytes from 2010-2020), as do shipments of mobile devices (19.8 percent by 2017). Organizations are using more applications, have unlimited sharing conduits, are using rich media, and are connected all the time – online activity has exploded. Roll in cloud applications and all of a sudden you have tremendous traffic coming in and out of your network. The gateway appliance can’t be the bottleneck. It must deliver higher throughput, better connection rates, be scalable, and offer layered security at the point of entry or exit (defense in depth).


3.  Management – IT is supposed to do more with less. That’s the mandate.  Innovate, while reducing operating costs. It’s a constant challenge. It’s why solutions need to do more for less. But, when it comes to network security…threats, regulations and complexity continue to increase, while IT security budgets lag – there’s a gap between organizations’ self-defense and the threats they face. To combat this issue, midsize organizations need security solutions that offer a single pane of glass for management, and solutions that simplify policy creation and integrate across multiple applications.

These three challenges are driving UTM adoption in the mid-market. By combining AV, IPS, firewall, application control, DLP and other security features, UTM can consolidate the visibility of threats, save the organization money, and can increase management and reporting efficiency.  And, as threats continue to evolve, UTM will evolve with it, adding new security services and giving organizations the ability to easily visualize their security data (instead of simply reviewing log reports).


For more information on this topic, please view the webinar, download the infographic, or visit our UTM product page.

Revving up Internet Security at the Tokyo Motor Show

Speed. Power. Beauty. Deep red paint. Futuristic styling.

As the media explores the 43rd Tokyo Motor Show this week, they won’t see any of those things. The WatchGuard XTM 2520 and XTM 870 boxes will be in the server cabinet doing what they do best: protecting the data of thousands of people.

WatchGuard is the official Unified Threat Management provider for one of the world’s largest auto shows. Held every other year, this marks the fourth consecutive show that WatchGuard’s UTM solutions have been a part of.

With more than 840,000 people projected to attend and more than 15,000 members of the global media corps alone, the bandwidth and content transmitted is mind blowing.

Network Usage at Tokyo Motor ShowThis chart shows the spikes in download traffic throughout a typical day at the show. The XTM 2520 is one of our most powerful appliances. It’s capable of handling 35GB/second of throughput and more than 2.5 million simultaneous connections. And just to be sure we were able to help the media covering this event file reports, share pictures and tell stories — we put two of them in. What’s a little bit more horsepower? WatchGuard XTM appliances feature twin turbos, integrated performance boosters and the latest in lightweight interior wiring designed to offer amazing performance.

WatchGuard XTM at Tokyo Motor ShowThe team on the ground at the show is using WatchGuard Dimension, the latest version of our integrated security platform. Showing real-time bandwidth usage, live threat maps and system performance in an easy-to-use management console, WatchGuard Dimension has been a great help at the show to give visibility into where resources need to be focused and what the greatest uses on the network are.


One reason we went with the souped-up hardware was because we know that when this many people are on what is essentially a public network, the risk of exposure and threats can quickly multiply. Phishing emails, network attacks and even dead drops of USB drives can very quickly expose every user on the network. By bundling the highest-performing hardware in the industry with a dashboard that makes the network easier to manage, we’re giving the visiting journalists a ride of a lifetime.

If you’re interested in how WatchGuard can fine-tune your network performance, you can learn more about WatchGuard Dimension now or sign up for a test drive.

How WatchGuard can save you more than half a million dollars

Assessing the potential value of an investment can be challenging. In the face of projections and assumptions, determining real value can require calculations that don’t always include all of the available variables.

So, when we were exploring the best way to provide the market with an economic analysis of our integrated security platform (XTM), we looked to Forrester Principal Consultant Dean Davison, who happens to be an expert on customer solution purchasing and deployment.

The engagement resulted in a comprehensive study of one of our customers, and a recent webinar, which you can view on-demand below. If you don’t have time to watch the video, skip further down for a brief breakdown of the paper and webinar.

It’s not often that a customer allows us to publicly dig into every element of a security deployment, and share ROI with the world. And, well, this time was no different… at least publicly. But fortunately, one of our customers was gracious enough to allow Forrester Consulting to dig deep into all the facts and figures associated with their XTM deployment, as long as it was anonymous. The end result: The Total Economic Impact of WatchGuard XTM for Managing Unified Threat Management.

How was it done? To determine the total cost, Dean worked with a global manufacturing company that deployed WatchGuard XTM to replace a system it had outgrown.

What Forrester found was that over three years, the company would save more than $580,000. In the words of the security manager that we interviewed:

“WatchGuard costs less than [the previous vendor], and the XTM products work like they are supposed to work. WatchGuard identifies the right threats, closes the right doors, and allows me to easily pinpoint the source of security threats.”

One of the benefits of using a true Unified Threat Management platform, such as WatchGuard, is that you are able to unify all of your threat management tools into a single-pane management console. This results in a more efficient management experience. Something our customer was able to prove with his experience. Over several years of using products from the previous vendor, the security manager observed that the its “integrated” products were really a collection of point products from different divisions or acquired companies. WatchGuard utilized a best-of-breed approach to UTM. We have developed a platform that enables you to utilize the best solutions in a simple, easy-to-navigate interface (that just got so much better) and manage your systems through that.

Instead of a UTM solution, the security manager describes getting a hodgepodge of point products that feigned integration but had gaps in features, functions, and capabilities, and that support teams spent more time pointing their fingers at other products or divisions than solving his core problem. This was a dramatic departure from his experience using WatchGuard’s UTM.

The security manager was spending 35 weeks per year (about 73% of his time) troubleshooting threats or intrusions or reacting to problems that — in the security manager’s opinion — should have been addressed by the previous system such as:

  • Receiving notices from broadband carriers about malware that went undetected on the customer’s network.
  • Encountering malware that forced the shutdown of production floors for an average of 20 hours per year.
  • Enduring finger-pointing and a lack of results from customer support teams at the LTV.

But there’s more to this story. We know that the value is in the platform. Simply unifying antivirus, antispam, IPS, URL filtering, app control and more into one box is where the previous vendor had fallen short. WatchGuard brings to the table a management and analysis console that integrates crystal clear data visualization and reporting tools to show threat sources, analyze bandwidth usage and determine security best practices.

Ready to learn how WatchGuard can save your company more than a half million dollars? Simply watch the total cost of ownership webinar now.

ACS Aviation uses WatchGuard to make its global connections

As the global economy continues to unify, the global demand for flights rose 7.5 percent in August compared to last year. As more travelers take to the air, the need for the airlines to be aligned on compliance issues and international standards continues to be in high demand.

This is why ACS Aviation Solutions has experienced tremendous growth. Along with that growth has come tremendous demand on its network that supports a global, remote staff of 70 field workers, analysts and consultants. ACS runs an enterprise-grade IT infrastructure and needed bulletproof security, powerful centralized management, and fail-over capability for always-on high performance.

It found that solution with WatchGuard’s XTM unified threat management (UTM) platform. ACS deployed XTM appliances across its global offices to support its staff. ACS needed a solution that was secure for employees, but also provided access to its customers to highly sensitive documents and reports. Given the nature of ACS’ work, all data is highly confidential and security is paramount as it routinely communicates with global regulatory bodies. Additionally, it needed to have the failover that large enterprises expect from a unified threat management system.

In fact, the WatchGuard system was quickly put to the test after being implemented. The domain controller in ACS’ Dublin office went down due to a hardware interruption. Because the server was not available, Dublin traffic was rerouted through Melbourne, enabling all staff to log on and operate as normal with no experienced downtime.

ACS plans to begin using WatchGuard’s UTM platform to manage VPN connections for remote users, ensuring validation of connections occurs at the firewall, rather than in the server. This is like a doorman who asks visitors to wait outside while he checks their credentials, rather than first inviting the stranger in. The upshot is that traffic is validated between the firewall and the server, rather than between the server and the user. It’s an important distinction as it provides yet another layer of protection for the network.

Since implementing WatchGuard’s UTM platform, ACS has been able to experience the benefit of a secure network that hosts the company intranet, supports collaboration due to ease of document sharing, and provides reliable, robust disaster recovery capability.

WatchGuard XTM is a great fit for any business and our extensive lineup of appliances means that there is one that fits your needs. If you’re ready to learn how WatchGuard can fit into your business, learn more about WatchGuard now. You can also read the full details of the case study here.

Following a Devastating Tornado, Walker Schools Rebuilds Network to Offer Secure Access to Key Educational Resources

When a tornado tore through Walker School District’s data center in 2011, the devastation took 95% of the district’s technology infrastructure. Turning tragedy into opportunity, the administrators worked to rebuild and support the district’s commitment to creating amazing educational opportunities for their students. This meant technology that could support key educational resources, and provide access to online and internal applications, while keeping students and staff secure.

In regard to key applications, the school has partnered with NASA to bring online a lunar observatory at its Science and Technology Center, where students can use and learn from NASA technology. In addition, to teach students about sustainable food growth, Walker Schools has created a ground breaking k-12 aquaponics program, the first curriculum of its kind in a U.S. school system.

In order to meet the technical demands of the district’s 11,000 users, Walker Schools deployed WatchGuard XTM 2520, WatchGuard XTM 1050 and WatchGuard XTM 525 integrated security platforms to power its network.

The Walker School District needed a high-performing Unified Threat Management solution and found it in WatchGuard.

The Walker School District needed a high-performing Unified Threat Management solution and found it in WatchGuard.

The key element for the Walker administrators was being able to implement a system within a tight budget, yet still deliver speed, easy administration, and cutting-edge security, which they found in WatchGuard.

This commitment to providing a solid technology backbone for the various programs the district offers has resulted in the district achieving higher test scores since implementing WatchGuard’s solutions. In fact, the improved student performance have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.

Investing in WatchGuard’s unified security solution ensures Walker Schools will receive tremendous long-term value through high-quality hardware. Walker Schools has seen
a vast increase in speed and bandwidth capability as well as a reduction in malware and virus outbreaks. The new solution has been able to handle heavy network traffic seamlessly, increasing response time within the student information system. Choosing WatchGuard is predicted to benefit the district with continued use for the next five to ten years.

The district has assured its students a solid platform to build their futures and WatchGuard is pleased to be a part of that growth and development.

You can read the official Walker School District Case Study here. And as always, you can contact us with questions or drop a comment below.

Unified Cloud by Microsoft. Unified Threat Management by WatchGuard.

This post is by Roger Klorese, director of product management at WatchGuard.


No, I didn’t flunk second-grade math. I’m talking about the phenomenon that when you put good things together, you can get great things – a sum that is more than its parts.

The WatchGuard XTM solution for Unified Threat Management is a great example of this: when you take multiple best-of-breed security solutions and unify them behind a single policy engine and management console, you get a defense-in-depth approach to protection that’s even better.

The same phenomenon holds with cloud computing platforms: using Microsoft Hyper-V (in Windows Server 2008 R2 and Windows Server 2012) enables IT organizations to deploy powerful, flexible private clouds. And Windows Azure services are the key for more businesses to leverage public cloud infrastructure. By unifying them – building a hybrid cloud – businesses can combine on-premise control with dynamic capacity and agility.

Today we get to announce a true first (the lawyers even checked): the first Unified Threat Management solution for the Windows Azure Cloud Platform.

All WatchGuard XTM security appliances (both hardware devices and XTMv virtual devices) now offer full support for secure VPN access to the Windows Azure Virtual Network service. Businesses can create secure VPN tunnels linking on-premise networks and cloud environments.

Windows Azure is one of the top cloud infrastructures out there. Earlier in 2013, Microsoft announced that half of the Fortune 500 had deployed Windows Azure services into their organizations. The inclusion of WatchGuard’s virtual UTM offerings can enable businesses of any size to utilize this public cloud infrastructure with the security and peace of mind of a global leader in information security platforms.

WatchGuard is unique delivering powerful threat prevention for network, email, web and content across any combination of cloud, network and virtualized environment.

What will combining the 1+1=3 value propositions of the Microsoft hybrid cloud and WatchGuard XTM security do for you? Do the math.

Interested in building a hybrid cloud? Contact us or head over to the Windows Azure page to learn more. Or if you’re already an Azure user, here’s how to connect remotely.

The benefits of WatchGuard XTM for distributed enterprises

When South Korean retailer Ministop needed to build a network with centralized connectivity and manageability for seamless communication between its 2,000 retail locations and corporate headquarters, there was only one clear option: WatchGuard.

Ministop, which operates a franchise of convenience stores across South Korea, wanted to ensure that any system it put out was a partnership between the stores and headquarters. Ministop chose WatchGuard’s Extensible Threat Management platform for its Unified Threat Management needs based on several critical factors: price, functionality and performance.

Ministop deployed WatchGuard XTM solutions at its operation headquarters, logistics center, and stores, creating a safe, integrated network environment, while improving work and management efficiency.

Ministop deployed WatchGuard XTM solutions at its operation headquarters, logistics center, and stores, creating a safe, integrated network environment, while improving work and management efficiency.

WatchGuard streamlines operations

After implementing the WatchGuard solution, Ministop now has a centralized security policy management system. When new policies are created, Ministop can immediately apply them across the entire network.

This means that potentially harmful external security threats including Active-X, malicious JavaScript codes and video file downloads can be centrally blocked. Additional steps to mitigate the risk of internal data leakage, which prevents the damage from data loss, have been implemented as well. As a result of increased business efficiencies, Ministop Korea managed to reduce the costs associated with network failures by 30%.

The previous procedure required the monitoring center to be notified of any abnormalities before any action could be taken. Now, WatchGuard’s XTM utilizes real-time monitoring of any changes in internal traffic, this allows for immediate confirmation and response without delay.

Ministop has also seen an improvement in overall network performance, which is inline with recent performance testing of WatchGuard’s UTM solutions.

The full case study that details which WatchGuard XTM solutions Ministop implemented as well as the business results it is seeing can be found here.

WatchGuard unified threat management solutions meet the “need for speed” for small and medium size enterprises

With the potential to reduce network security cost by nearly 50 percent, it’s no wonder unified threat management (UTM) has climbed up the Gartner hype cycle at a feverish pace. But many companies have held out for fear that a UTM solution’s standard features would slow network performance to a crawl in order to protect the volume of data they produce.

The reality is that small and mid-sized enterprises don’t need to sacrifice performance to protect their networks. In fact, Miercom, a leading independent testing lab, took a deep dive into several industry leaders in UTM and found that WatchGuard’s UTM solution outperformed all other competitors, offering nearly 3.5 times the speed and performance while all UTM features were enabled, allowing customers to benefit from the highest level of security with a high level of performance (figure 1).

Miercom Results of WatchGuard testing.

Figure 1 – Miercom’s test results show that WatchGuard provides the highest level of security with the best performance when compared to other leading UTM solutions.

Miercom evaluated the performance of similar-priced UTM solutions from WatchGuard, Fortinet, SonicWall and Sophos. The performance of each was evaluated when all standard UTM features were flipped on including not only basic firewall packet filtering, but also deep packet inspection and/or proxies, intrusion prevention and anti-virus – which is critical in catching modern malware’s multi-vectored threats.

WatchGuard XTM Solutions.

Blended Threats Require Blended Solutions: Miercom Recognizes WatchGuard XTM Platform for Superior Performance

These multi vectored or blended threats require a solution that provides multiple layers of security, offering more opportunities to catch suspicious activity, but also delivering superior performance. And for small and mid-sized enterprises, a balance of performance and the ability to quickly scale is vital. With WatchGuard, our customers they can benefit from the security cost savings of UTM, and know that the performance they need is there to support their performance service level agreements.

To read more about the results, you can view the full Miercom report here and let us know if you are interested in a WatchGuard demo.

Five Traits Your UTM System Needs to Deliver Real Network Protection

Coined by IDC analyst Charles Kodology in 2003, the term, UTM, or Unified Threat Management applies to multi-function firewalls that combine many security technologies into one easy-to-manage appliance. Today’s UTM appliances typically consolidate firewall and VPN capabilities along with URL filtering, spam blocking, intrusion prevention, gateway antivirus, application control, and a centralized management, monitoring and logging function. Traditionally, these discrete functions were handled by multiple point solutions. The multi-layered security approach of UTM appliances provides broad protection against all kinds of network threats.

So now you’re in the market for a smart UTM system that can deliver broad protection, but what to look for… A UTM appliance can vary significantly from vendor-to-vendor, which can only make an accurate evaluation somewhat cloudy. While UTM security vendors may seem to offer a similar checklist of core technologies and features (firewalling, IPS, etc.), when evaluating vendors, recognize that there is enormous disparity between UTM solutions in the following five critical areas:

1. Quality of the features/capabilities. The most prevalent approach among UTM vendors is to rely primarily on homegrown technologies for their gateway AV, URL filtering, application control (if they have any), anti-spam, and other security services. However, we believe that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multi-layered security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to even choose a UTM solution for their security. It’s also why we here at WatchGuard use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Mailshell for anti-spam, and so on.

You’ll also want to be sure that your account for security needs if you’re working in a virtualized environment. As Neil McDonald of Gartner said, “…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you’d use on a physical server, inside that network, you don’t see what’s going on.”

2. Security performance or UTM performance. A high performance packet throughput device, even one with custom ASIC processors, can fail over when a full suite of unified threat management tools are enabled. Many security vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Once you activate the UTM security functions—such as those necessary for PCI DSS compliance (AV, IPS, etc.)— the performance evaporates in many competitor firewalls. By the way, our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.

3. Manageability and ease of use. We see it all too often with competitor solutions–poorly integrated management processes needlessly introduce complexity to administration. Improperly configured gear undermines security. Why not just make a security solution that’s as easy as possible for administrators of all skill sets to manage. One that provides state-of-the-art centralized management capabilities and innovative ease-of-use technologies, features that help administrators:

      • dramatically cut down on errors
      • quickly hone in on problem areas
      • save hours of time
      • rapidly enact policy changes and firmware updates across hundreds of XTM appliances

Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.

4. Flexibility. Security vendors differ conspicuously in the flexibility of the solution they market to customers. For instance, some UTM products can only add security services by physically bolting on software cartridges, or blades. Such an architecture only provides a limited number of slots for which to add in security services, forcing you to tradeoff one security function for another when enabling UTM capabilities. We believe lack of flexibility is a serious shortcoming of many of the competitor firewall solutions on the market. Many UTM/NGFW vendors have taken a short-sighted route of designing a security appliances to tackle only the threats of the current day.

Flexibility should also extend to ownership. Through firmware updates and software upgrades, UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.

5. Reporting and Visibility. Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.

Network security poses one of the most preponderant challenges confronting organizations today. Spyware, spam, viruses, Trojans, web exploits, and blended threats evolve and spread with alarming speed and regularity. Moreover, the emergence of new business enablement technologies exposes new attack surfaces. We see it with the growth in IP networks and proliferation of web 2.0 applications, devices (BYOD), and web technologies in the workplace. We see it with increasing reliance on cloud-based infrastructures (SAAS, PAAS, IAAS). Along with the exciting potential to cultivate work efficiencies and business opportunities, these technologies also generate more potential headaches for IT administrators.

Boosting your network security solutions with a UTM appliance is smart! Ensuring these five UTM appliance traits are part of your UTM appliance selection is even smarter. Also be sure to check out our whitepaper – Defining, Evaluating, and Designing Best-In-Class Network Security.