//
archives

UTM appliances

This tag is associated with 3 posts

Graduating to Next-Generation Network Security Firewalls

Growth is exciting! Growth brings opportunities! Growth can also be somewhat scary when you’re goal is providing network security to three large, city campuses while also providing secure remote access to 40,000 students and over 1,500 staff.

That’s what Dave Newsham, the ITSS Service Delivery Manager at Leeds City College in the UK, was challenged with recently and we were delighted he turned to us at WatchGuard for assistance. With help from their IT partner, Epic Net the IT folks at Leeds decided to standardize on the WatchGuard Unified Threat Management (UTM) platform.

The first WatchGuard XTM 1520 replaced a Cisco firewall at the Technology Campus to deliver greater performance and control; while a second appliance has been installed at the brand new Printworks Campus, opened for the first wave of students this September. The third XTM 1520 will be installed in the Park Lane Campus this October to complete the secure multi-site network.

Our UTM firewall appliances provide safe IPSEC or SSL VPN authorized secure remote access to the College network and resources for all staff and students from multiple Apple, Windows, or Android platforms. As well as support for the full Microsoft Office suite of applications, every student has an Office 365 email account and associated online collaborative workspace.

In addition to providing full Layer 7 firewall protection and intrusion prevention, Leeds City College now has a central point of management, with the ability for policies to be easily deployed across the network, along with simplified administration and centralized logging and reporting.

With up to 14Gbs throughput, our XTM firewall appliances will be able to handle anticipated bandwidth growth over the next five years as well as the addition of increasingly complex rule sets, without loss of performance; while the clustered hardware configuration provides 100% resilience.

Dave sums up his experience in his own words:

The expansion of the College posed significant security challenges, but the WatchGuard solution has allowed us to efficiently and comprehensively implement network security for staff and students wherever they are on the network. The WatchGuard XTM firewalls are both affordable and uncomplicated to deploy and maintain, helping us ensure we meet compliance standards, and can easily scale to accommodate future growth. Deployment was pain-free, and we now have a more centrally managed, secure, and easy to administer multi-site solution and we are able to track, monitor, and review real-time access and reporting.

UTM Appliances and Securing 500 Banking Branches – What you Need to Consider

Achieving secure connectivity with failover, content-based Web filtering and centralized management of more than 500 locations is never an easy task for an IT team, but when it’s a financial institution with over 2,250 employees based globally it gets even more complex. This is what Adarsh Credit Co-Cooperative Society, a leading multi-state financial institution in India, was tasked with and they turned to our team here at WatchGuard for help.

Adarsh deployed our XTM 8 and 5 Series UTM appliances in its data centers, as well as XTM 2 Series UTM appliances at all of its branch locations. While banking accessibility was vital, the organization also needed to restrict Internet usage at branch sites. Setting up the right IT security policies and ensuring uniform administration across these sites was a key driver in the selection process, as it should be!

Adarsh’s AVP of IT, Ramlal Arya, summed up his challenge and spoke of his experience…

We implemented the Core Banking application and needed to connect all the branches with the central location so it could be accessed seamlessly. When employees and members access the Core application, speed is important, but the bigger challenge is ensuring all transactions are secure.  Deploying WatchGuard helped achieve both goals. WatchGuard’s XTM also helps us achieve higher throughput, which results in faster application access across the board. Installation of the appliances in high-availability mode ensured uninterrupted connectivity and smooth failover from one appliance to the other. It proved fast and straightforward with the centralized policy management capabilities and has reduced our need for site-to-site travel. And, working with WatchGuard’s Expert Partner, TM Systems Pvt., made the entire process fluid. 

WatchGuard has given us a secure platform that allows us to connect all locations seamlessly and gives members and employees secure connectivity quickly to the applications they need. On the IT side, it gives us more control and the ability to easily manage these appliances and policies from a centralized location.

UTM security can play a role in solving many complex challenges, from banking to PCI DSS compliance to distributed retail environments. Whenever evaluating a UTM appliance you need to consider five core traits:

    1. Quality of the features and capabilities – Here at WatchGuard, we use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Commtouch for anti-spam, and so on.
    2. Security performance or UTM performance – Our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.
    3. Manageability and ease of use – Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.
    4. Flexibility – UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.
    5. Reporting and visibility – Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.

These five traits were paramount to Adarsh and their requirements for the ultimate in network security management. Be sure they’re on your consideration check-list when you’re looking to secure your network!

The Smart Firewall: Redefining Best-in-Class

Best-in-class… It’s an adjective that gets overused quite a bit; especially in marketing departments that are looking to give their product an edge, a perceived value that may or may not exist. Best-in-class UTM solution for the ultimate network security protection. It certainly has a nice ring to it.

Here at WatchGuard, we use best-in-class too in defining our UTM solution, but we do it based on its design. It’s actually how we built our UTM appliances. While the other UTM providers struggle to develop the many diverse security technologies in-house, we partner with the category leaders in each specialized technology sphere. This means that our customers get mature, highly vetted, best-in-class network security solutions from AVG, Websense, BroadWeb, MailShell, Kaspersky, and other leading technology specialists.

If you are going to consolidate a security feature typically provided by a point solution into a UTM appliance—we believe that the UTM security feature should be of comparable efficacy to truly deliver best-in-class network security solutions. We understand and accept that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multilayered network security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to choose UTM appliances for their security.

No other network security vendor incorporates the best-in-class mantra to the extent that WatchGuard does, nor does any other company match our effectiveness at seamlessly integrating the partner security service into the user interface (UI).

Our best-in-class approach means our customers do not have to make security tradeoffs in order to benefit from consolidating security services and management and reduced cost. Layer-by-layer, our XTM multi-function network security firewall provides superior security over what competitors’ combination of in-house technologies can possibly muster.

Does our best-in-class approach work? Well many vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Our UTM performance is up to 3 times faster than UTM appliance performance of corresponding models from the other guys. If you are using a network security firewall for security (as we expect most organizations are), UTM performance is the only firewall performance metric that matters.

This is why we use best-in-class to describe how our UTM appliance is built, and why we use The Smart Firewall to describe the actual UTM appliance itself.