//
archives

UTM appliance

This tag is associated with 6 posts

How a Leading K-12 School Protects Student Data and Controls Web Access with UTM

Today we announced that a leading K-12 school in the Dominican Republic is using WatchGuard’s Unified Threat Management (UTM) solutions, and WatchGuard Dimension, to secure its network, keep student data safe, control web access, and more.

You can read the entire press release here, access the full-length case study here, or check out the mini case study graphic below.

In addition, if you missed the recent post titled, “5 Ways UTM Security Can Help Schools,” click here to learn more about bandwidth usage, reporting, wireless and more.

CMS_case_study_web

How Does an Agile Software Dev Company Use UTM?

It’s always interesting to hear unique customer stories. Today, we wanted to share how an Agile software development company, called Synerzip, is using WatchGuard’s UTM platforms combined with WatchGuard Dimension, our new cloud-ready visibility tool.

Check out the mini-graphic below to learn more.

If you’d like to read the entire case study, click here.

Synerzip_case_study_web

5 Ways UTM Security Can Help Schools

sc5Schools contain. Educators teach. Students learn.  Simple, right?  Well you’d think so, but as modernization occurs right in front of us, the methods of teaching are evolving. Students face new distractions in the form of always-connected devices, technology in their pockets, and social sharing applications that consume endless hours of time.  But, these same tools that make today’s students the communication generation (thanks parents) are also the tools teachers are increasingly using to help educate.

This new influx of technology into schools has turned what used to be fairly simple networks, into advance networks that need to protect student data, manage access, and deliver performance for in-class technology applications.  Security is a big part of this network ecosystem.  And, as districts roll out new technology, security is moving beyond just protecting, allowing administrators to strategically manage access so students can get the information they need to be successful, while eliminating the distractions.

Gone are the days of the guy with the big key ring watching over the school grounds.  Today, technology is a major component when working to keep kids productive and safe. In the security appliance world, Unified Threat Management (UTM) platforms hold the keys to success.  Here are five things to consider when selecting a UTM solution and why they matter:

  1. Bandwidth Problems – Three to four devices per student can have a dramatic impact on bandwidth and create bottlenecks. With each student carrying a notebook, smart phone, and iPad, the UTM firewall is the first point of control for getting access to that bandwidth. If it can’t handle the amount of traffic, you have your first problem – bottlenecks. Increasing the size/bandwidth of your firewall will greatly help with the flow of data, bonus points for a multi-core design appliance working in parallel. Say goodbye to legacy firewalls.
  2. Operating Systems – Windows, Mac, Android, etc., a network security system must be OS agnostic, just like the real-world.
  3. Information Overload – Distractions are everywhere on a school campus, but in the virtual world, the problem is ten-fold. UTM solutions give schools the ability to limit online access with Access Controls, enabling students to access the sites and applications they need to learn (and what educators need to do their job and protect them from legal issues).
  4. Wireless Access – Today’s students expect wireless access at all times. Gone are the days of the telephone wire, the cable box, and RJ45 cable. Updating and improving the wireless infrastructure of a campus goes hand-in-hand with increasing the bandwidth of your firewall.  Having seamless access point integration with your UTM can deliver student location recognition, help identify problem areas, and help you better plan out coverage.
  5. Dynamic Reporting – Real-time visibility is key to understanding what trends and problems might be happening on the network, and useful reporting options help keep teams informed and help shape new policy creation. A UTM solution should help you see, instantly, who your bandwidth hogs are, see where people are “going,” see which access points are the most heavily used and more. Make sure your solution can turn logs of data into security intelligence, so you don’t have to spend hours digging through information.

It’s clear that UTM solutions can help educators to better assist students in their learning career.  Don’t take my word for it, check out the small excerpt below from a recent case study with the Walker School District in Georgia:

wcs

Because of the increase in classroom productivity due to WatchGuard’s innovative technology, students are learning more and performing better on exams.

“Since all the kids are staying on the ball with what they’re supposed to be doing in the classroom, our testing scores have gone up. We’ve had some of our highest testing scores this last year that we’ve ever had,” said Bob Swanson, Walker School District Network Administrator.

Test scores reports have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.

Check out the entire case study at http://www.watchguard.com/tips-resources/casestudies/watchguard-network-security-solution-provides-safe-environment-for-walker-schools.asp

Some additional education case studies include:

Leeds College

Catholic Regional College

Cascade Schools

This post was written by Mark Romano, director of field marketing at WatchGuard Technologies.

It’s Better To Be A Security Platform, Here’s Why

The security industry does a great job scaring its customers. We talk about threats becoming ever more threatening. The perimeter dissolving. The plethora of risks from inside and outside the company. Villains trying the defenses. It’s all a bit scary, as it should be.

If we’re right, which we think we are, there’s really just one way to deliver the protections needed: as a platform. The security industry is fundamentally a cat-and-mouse game. Historically, protection has gotten better, attacks have been fended off, but villains continue to get smarter, new attacks emerge and result in damages, and the cycle continues and never ends. The air-tight protection of yester-year becomes as leaky as a fish net. How can we deliver true protection and keep up with the cycle?

Here comes Security as a Platform (SaaP). It has three elements:

  • A software architecture to bring in new services easily.
  • A “single pane of glass” management framework, so customers are not confused when new services are introduced.
  • A hardware foundation that delivers the level of performance needed to support these services and software now, and sufficient performance headroom for the future.

This SaaP defines WatchGuard’s approach to unified threat management (UTM). We focus on building the best platform so we can introduce new, world-class security services quickly. We have a friendly and uniform management framework that allows all security services to work together and provide reporting data seamlessly. And, our platforms have sufficient head room so as we add new services you don’t need to upgrade hardware. But, if you do need a bigger box due to other growth factors, everything is compatible for easy upgrades.

sslfam-mainprod

On the surface, WatchGuard looks just like a standard multi-function box. Underneath, it packs uncompromising world-class security services and unparalleled performance. We can make this promise because of how we’re architected.

What should you do if you’re thinking of upgrading your gateway security? Here are some tips to consider when evaluating vendor solutions:

  1. List all the security services you need today.
  2. Find the box that has all of them, turn all of those services on, measure the performance.
  3. Check the CPU and memory utilization and make sure there is at least 30 percent of head-room left.
  4. Repeat for all candidate boxes.
  5. During the process, evaluate how easy it is to manage those services. If multiple of those devices are needed, check the ease-of-use for centralized management.
  6. Choose the best one within your budget.

For more information on our UTM platforms, click here.  To look at an independent evaluation of our performance from Miercom, click here.

Five Traits Your UTM System Needs to Deliver Real Network Protection

Coined by IDC analyst Charles Kodology in 2003, the term, UTM, or Unified Threat Management applies to multi-function firewalls that combine many security technologies into one easy-to-manage appliance. Today’s UTM appliances typically consolidate firewall and VPN capabilities along with URL filtering, spam blocking, intrusion prevention, gateway antivirus, application control, and a centralized management, monitoring and logging function. Traditionally, these discrete functions were handled by multiple point solutions. The multi-layered security approach of UTM appliances provides broad protection against all kinds of network threats.

So now you’re in the market for a smart UTM system that can deliver broad protection, but what to look for… A UTM appliance can vary significantly from vendor-to-vendor, which can only make an accurate evaluation somewhat cloudy. While UTM security vendors may seem to offer a similar checklist of core technologies and features (firewalling, IPS, etc.), when evaluating vendors, recognize that there is enormous disparity between UTM solutions in the following five critical areas:

1. Quality of the features/capabilities. The most prevalent approach among UTM vendors is to rely primarily on homegrown technologies for their gateway AV, URL filtering, application control (if they have any), anti-spam, and other security services. However, we believe that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multi-layered security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to even choose a UTM solution for their security. It’s also why we here at WatchGuard use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Mailshell for anti-spam, and so on.

You’ll also want to be sure that your account for security needs if you’re working in a virtualized environment. As Neil McDonald of Gartner said, “…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you’d use on a physical server, inside that network, you don’t see what’s going on.”

2. Security performance or UTM performance. A high performance packet throughput device, even one with custom ASIC processors, can fail over when a full suite of unified threat management tools are enabled. Many security vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Once you activate the UTM security functions—such as those necessary for PCI DSS compliance (AV, IPS, etc.)— the performance evaporates in many competitor firewalls. By the way, our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.

3. Manageability and ease of use. We see it all too often with competitor solutions–poorly integrated management processes needlessly introduce complexity to administration. Improperly configured gear undermines security. Why not just make a security solution that’s as easy as possible for administrators of all skill sets to manage. One that provides state-of-the-art centralized management capabilities and innovative ease-of-use technologies, features that help administrators:

      • dramatically cut down on errors
      • quickly hone in on problem areas
      • save hours of time
      • rapidly enact policy changes and firmware updates across hundreds of XTM appliances

Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.

4. Flexibility. Security vendors differ conspicuously in the flexibility of the solution they market to customers. For instance, some UTM products can only add security services by physically bolting on software cartridges, or blades. Such an architecture only provides a limited number of slots for which to add in security services, forcing you to tradeoff one security function for another when enabling UTM capabilities. We believe lack of flexibility is a serious shortcoming of many of the competitor firewall solutions on the market. Many UTM/NGFW vendors have taken a short-sighted route of designing a security appliances to tackle only the threats of the current day.

Flexibility should also extend to ownership. Through firmware updates and software upgrades, UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.

5. Reporting and Visibility. Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.

Network security poses one of the most preponderant challenges confronting organizations today. Spyware, spam, viruses, Trojans, web exploits, and blended threats evolve and spread with alarming speed and regularity. Moreover, the emergence of new business enablement technologies exposes new attack surfaces. We see it with the growth in IP networks and proliferation of web 2.0 applications, devices (BYOD), and web technologies in the workplace. We see it with increasing reliance on cloud-based infrastructures (SAAS, PAAS, IAAS). Along with the exciting potential to cultivate work efficiencies and business opportunities, these technologies also generate more potential headaches for IT administrators.

Boosting your network security solutions with a UTM appliance is smart! Ensuring these five UTM appliance traits are part of your UTM appliance selection is even smarter. Also be sure to check out our whitepaper – Defining, Evaluating, and Designing Best-In-Class Network Security.

A UTM Appliance Might be Your Network Security Muscle in 2013

In our last blog – What is UTM Security and is it Right for my Business? – we outlined the importance of a UTM appliance in combating today’s advanced persistent threats (APTs). Well since that blog went live, our own Corey Nachreiner, published a press release that revealed his top security predictions for 2013.

At the tail-end of a busy year for network security workers, Corey had this to say about 2013…

This is a year (2013) where the security stakes reach new heights, attacks become more frequent and unfortunately more damaging as many organizations suffer attacks before taking measures to protect themselves from the bad guys.

 Read the release for more detail, but here’s what he thinks might be in store for 2013:

    • A cyber-attack results in a human death
    • Malware enters the matrix through a virtual door
    • It’s the browser – not your system – that malware is targeting
    • The idea of ‘striking back’ gets a lot of lip-service, but does little good
    • We’ll pay for our lack of IPv6 expertise
    • Android pick-pockets try to empty mobile wallets
    • An exploit sold on the ‘vulnerability market’ becomes the next APT
    • Important cyber security-related legislation finally becomes law

If attacks such as these happen in 2013 as Corey predicts, then losses stemming from them will ultimately continue to rise and take their toll on not only small businesses, but enterprises as well.  Organizations that are serious about network security – protecting data, intellectual property (IP), and their reputation – are increasingly demanding best-in-class, multilayered solutions. These solutions centralize security controls in a single device, improving the IT organization’s control and simplifying management of network security.

Be sure to have the latest network security solutions in place as you head into 2013. These predictions are scary!