You may have noticed earlier in the week, WatchGuard Dimension was recognized by the Network Computing Awards as the Best New Product of the Year, and was a runner up for Best Product of the Year. This award was voted on by the readers of Network Computing, and last year there was more than 17,000 votes cast.
Released in late 2013, the cloud-based, zero-install Dimension has take the network security market by storm. By helping customers around the world (including Synerzip, Kiosko, Carol Morgan and Oasis Technologies) turn oceans of network data into real-time security intelligence, WatchGuard is bringing big data visibility to network security, without the associated cost or complexity. (You can read the entire press release here.)
In addition to the Network Computing Awards, and on the heals of Alex Thurber, WatchGuard’s vice president of sales, recently being named one of CRN’s 50 Most Influential Channel Chiefs, WatchGuard was also awarded a 5-Star Rating in CRN‘s 2014 Partner Program Guide.
The rating recognizes an elite subset of companies that offer solution providers the best partner elements in the channel programs. To determine the 5-Star recipients, CRN’s research team assessed each vendor’s application based on investment in program offerings, partner profitability, partner training, education and support, marketing programs and resources, sales support and communication.
It’s always interesting to hear unique customer stories. Today, we wanted to share how an Agile software development company, called Synerzip, is using WatchGuard’s UTM platforms combined with WatchGuard Dimension, our new cloud-ready visibility tool.
Check out the mini-graphic below to learn more.
If you’d like to read the entire case study, click here.
Schools contain. Educators teach. Students learn. Simple, right? Well you’d think so, but as modernization occurs right in front of us, the methods of teaching are evolving. Students face new distractions in the form of always-connected devices, technology in their pockets, and social sharing applications that consume endless hours of time. But, these same tools that make today’s students the communication generation (thanks parents) are also the tools teachers are increasingly using to help educate.
This new influx of technology into schools has turned what used to be fairly simple networks, into advance networks that need to protect student data, manage access, and deliver performance for in-class technology applications. Security is a big part of this network ecosystem. And, as districts roll out new technology, security is moving beyond just protecting, allowing administrators to strategically manage access so students can get the information they need to be successful, while eliminating the distractions.
Gone are the days of the guy with the big key ring watching over the school grounds. Today, technology is a major component when working to keep kids productive and safe. In the security appliance world, Unified Threat Management (UTM) platforms hold the keys to success. Here are five things to consider when selecting a UTM solution and why they matter:
It’s clear that UTM solutions can help educators to better assist students in their learning career. Don’t take my word for it, check out the small excerpt below from a recent case study with the Walker School District in Georgia:
Because of the increase in classroom productivity due to WatchGuard’s innovative technology, students are learning more and performing better on exams.
“Since all the kids are staying on the ball with what they’re supposed to be doing in the classroom, our testing scores have gone up. We’ve had some of our highest testing scores this last year that we’ve ever had,” said Bob Swanson, Walker School District Network Administrator.
Test scores reports have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.
Check out the entire case study at http://www.watchguard.com/tips-resources/casestudies/watchguard-network-security-solution-provides-safe-environment-for-walker-schools.asp
Some additional education case studies include:
This post was written by Mark Romano, director of field marketing at WatchGuard Technologies.
I got a call from a potential customer the other day while driving in the car with my family. After listening to the flood of TLAs (three letter acronyms) in the conversation, my daughter asked me what all that alphabet soup meant. Many customers wonder the same thing. What is DLP (data loss prevention) and why do you need it? Is IPS (intrusion prevention system) the same as APT (advanced persistent threat) and which one should you use? And so on. One of the biggest questions we hear is “what is NGFW (next generation firewall) and how is it different from UTM (unified threat management.) The real answer is that it isn’t as different as you might think. Let me explain.
UTM was born in SMB (small-to-midsized business.) It usually refers to a single box with multiple security technologies running on it (1). SMBs love it because it’s drop-dead simple to deploy and gives them every security feature they need in a single platform. NGFW is a subset of functionality, typically only 2 or 3 of the modules running on a single box. Yet, although it is less functional, many larger corporations tend to prefer to break up technology by location – they prefer to deliberately architect their security solutions to put the required security appliance close to the item it is protecting. E.g. the IPS belongs at the perimeter, but A/V and SPAM filtering belong next to the email server, etc.
Regardless of company size, and certainly regardless of which solution people choose, UTM or NGFW, WatchGuard is a very strong believer in unifying multiple scan engines onto a single box. It just makes sense. You needn’t pay for additional hardware, OS licenses, maintenance contracts, etc. In addition, it gives you the best chance of combatting today’s multi-vectored threats. Rather than keeping security tools in silos, with a different box / console / policy for each one, unify your security into the form factor that makes the most sense.
Perhaps the promise of lower operating costs combined with increased levels of security is what’s driving the growth in the integrated security market right now. Leading analyst firm IDC tracks the growth of the UTM market specifically at more than 13% this year. That’s the single highest growth rate in the network security market. When that many customers vote with their dollars, euros, pesos, and baht, WatchGuard notices and works even harder to give you the tools you need to succeed.
The security industry does a great job scaring its customers. We talk about threats becoming ever more threatening. The perimeter dissolving. The plethora of risks from inside and outside the company. Villains trying the defenses. It’s all a bit scary, as it should be.
If we’re right, which we think we are, there’s really just one way to deliver the protections needed: as a platform. The security industry is fundamentally a cat-and-mouse game. Historically, protection has gotten better, attacks have been fended off, but villains continue to get smarter, new attacks emerge and result in damages, and the cycle continues and never ends. The air-tight protection of yester-year becomes as leaky as a fish net. How can we deliver true protection and keep up with the cycle?
Here comes Security as a Platform (SaaP). It has three elements:
This SaaP defines WatchGuard’s approach to unified threat management (UTM). We focus on building the best platform so we can introduce new, world-class security services quickly. We have a friendly and uniform management framework that allows all security services to work together and provide reporting data seamlessly. And, our platforms have sufficient head room so as we add new services you don’t need to upgrade hardware. But, if you do need a bigger box due to other growth factors, everything is compatible for easy upgrades.
On the surface, WatchGuard looks just like a standard multi-function box. Underneath, it packs uncompromising world-class security services and unparalleled performance. We can make this promise because of how we’re architected.
What should you do if you’re thinking of upgrading your gateway security? Here are some tips to consider when evaluating vendor solutions:
Online banking is quickly becoming ubiquitous. This is a realization that Adarsh Credit Co-Operative Society, a leading multi-state Credit Co-Operative Society providing financial services to its members in India, is all too familiar with.
According to statistics from the Reserve Bank of India, the number of mobile banking transactions doubled to 5.6 million in January 2013 from 2.8 million in January 2012. The value of these transactions increased three-times to Rs 625 crore ($105.73 million USD) during the month from Rs 191 crore ($ 32.31 million USD). In the U.S., it’s not uncommon to see people using the Web to check account balances.
According to the Pew Research Center, more than half of all adults bank online. And, 32 percent of adults use their mobile devices for banking. A quick look at the Android marketplace shows that the app regional credit union here in Washington has more than 100,000 downloads alone. Chase Bank’s app has more than 10 million downloads.
This growing trend of supporting not only a technologically advanced customer base, but also the need for safe and secure transactions between its 500 locations and 2,250 employees across India led Adarsh to deploy a number of WatchGuard devices.
Adarsh has deployed WatchGuard XTM 8 and 5 Series appliances in its data centers, as well as XTM 2 Series appliances at all of its 500 branch locations. While banking accessibility was key, the organization also needed to restrict Internet usage at branch sites. Setting up the right IT security policies and ensuring uniform administration across these sites was a key driver in the selection process.
Additionally, Adarsh recently introduced the Core Banking application for its customers. This product, coupled with the geographic distribution across the country into rural areas, emphasized the importance for secure connectivity across its network.
The company was able to quickly deploy WatchGuard across its network and utilize the central management benefits almost immediately. Adarsh was able to utilize WatchGuard’s unique drag and drop VPN set up to enable instant connectivity, even when dynamic IP addresses are in use.
WatchGuard offered Adarsh uninterrupted connectivity and smooth failover from one appliance to the other in case of an emergency while centralized management capabilities of the XTMs significantly reduced the cost of having to travel to support locations.
Adarsh is seeing real cost benefit since implementing WatchGuard. Are you ready to see how we can help your company? Contact us for more information on how we can or learn more about the XTM platform here. You can also read the Adarsh case study now.
Today’s retail environment has become increasingly more complex and sophisticated. IT demands continue to increase due to growing risk management concerns and regulatory compliance requirements. Distributed retail environments are particularly challenging. Each endpoint (store) is an attack vector waiting to be exploited; each store has to meet PCI DSS regulatory requirements.
The PCI DSS requirement affects any merchant who accepts credit card transactions. In a distributed retail environment, this means IT professionals must apply uniform security measurements across all distributed store endpoints. Failure to provide a uniform network security strategy and protective systems deployment can result in substantive penalties, as well as high risk exposure to a variety of data and network threats.
Here are six steps you can take to make network security management a little easier in distributed retail environments:
1. Build and maintain a secure network. The first requirement here is to install and maintain a firewall configuration to protect cardholder data. Specifically for distributed retail environments, we offer RapidDeploy, a unique cloud-based configuration utility that enables uniform, rapid deployment of UTM appliances across a distributed environment. This eliminates the need for IT professionals to pre-configure devices or travel to deployment sites for installation, which significantly reduces total cost of ownership, while also reducing the risk of UTM misconfiguration.
The second requirement under this rubric is to not use vendor-supplied defaults for system passwords and other security parameters. In fact, we require administrators to change default passwords when first configuring appliances. And, with role-based access controls, administrators can effectively manage who can make firewall/UTM changes so that systems are always protected from unauthorized access.
2. Protect cardholder data. The third and fourth requirements call for the protection of stored cardholder data and encrypted transmission of cardholder data across open, public networks. In general, no cardholder data should ever be stored, but if it need be, the data should be encrypted. If you’re transmitting data, then be sure to use a VPN solution so that transmission is secure. Our VPN solutions are especially suited for a distributed retail environments, because they can create tunnels that provide secure site-to-site connections between networks or distributed store locations. This way, encrypted cardholder data can be securely transmitted and protected from hackers and identity thieves.
3. Maintain a vulnerability program. Here, the PCI DSS requirement calls for regular updating of antivirus software or programs. Our UTM appliances offer gateway antivirus to protect against all sorts of viruses, trojans and malware variants. With the security subscription, all of our UTM appliances are automatically and seamlessly updated to thwart the latest virus outbreaks. It’s worth noting that, with our proxies, many “zero-day” attacks can be stopped prior to receiving an antivirus update. And, with our cloud-based Reputation Enabled Defense, dangerous websites and IP traffic can be shunned before it ever reaches a retail branch location.
4. Implement strong access control measures. This requirement calls for the restriction of access to cardholder data using business need-to-know policies. To ensure critical data can only be accessed by authorized personnel, systems and processes must be in place to limit access based on job responsibilities. Here, the best security practice is grounded in the principle of “least privilege,” which holds that access to data should be limited to those who need it for legitimate business purposes.
5. Regularly monitor and test networks. Under this goal, the requirement calls for tracking and monitoring of all access to network resources and cardholder data. Make sure your administrators have the most in-depth and feature-rich array of reporting and logging tools. In our UTM appliances, advanced logging mechanisms support the ability to track individual users, which is critical for forensics and vulnerability management. You’ll also want easy-access, pre-packaged PCI DSS reports that provide you quick information that helps you stay on top of your compliance landscape.
6. Maintain an information security policy. This goal requires that merchants maintain a policy that addresses information security for all personnel. For example, our UTM appliances support extensive policy controls. This way, distributed retailers can maintain and enforce uniform policies across a variety of geographic locations. Delivering additional security services, through something like our LiveSecurity service, can provide best practices and related security updates for retailers to ensure they are up to speed on the latest security developments.
Today’s distributed retail environment architecture is one of the most challenging IT environments, rivaling that of banks and financial institutions. While the distributed retail environment offers substantive business advantages, such as increased sales, improved customer loyalty, and operational efficiencies, it also poses significant challenges. Today’s network administrators need not only be mindful of hackers bent on stealing cardholder data, but they must also be fully apprised of legal and industry regulations, such as PCI DSS.
Being able to assess incoming threats in real time, export reports that inform key decision makers and analyze network usage as it ebbs and flows is a vital tool for fighting the threats, vulnerabilities and attacks that businesses around the world face. In network security, visibility is protection.
Unfortunately, a recent survey by the SANS Institute shows that only 10 percent of respondents felt confident analyzing large data sets for security trends, even though 77 percent are collecting logs and monitoring data from various systems and security devices.
And, this lack of visibility gets worse. In a recent survey conducted by WatchGuard and Slashdot of security professionals, WatchGuard found that:
To date, security professionals have had to rely on log data and perhaps some basic geomaps (or use complex and costly SIEM solutions). At times, those logs can feel like drowning in a sea of data.
But, all of this is about to change.
A recent report from Frost & Sullivan analyst Frank Dixon recommends that “reporting tools need to aggregate information across multiple security service to enable a singular view, allowing for ease in management and greater effectiveness of network security problem diagnosis.”
WatchGuard Dimension is a big data-style network security visibility solution that’s now standard on WatchGuard’s flagship XTM Unified Threat Management platform. To learn more about the importance of increased visibility in UTM systems, you can read this white paper that outlines the factors companies need to consider.
Get instant visibility to top-line security issues. Instantly grasp activity by top user, site or app. Home in on risk sources. Now you’re armed with actionable insight, delivered in a unified view. Here are the key features of WatchGuard Dimension:
Executive Dashboard: Provides a high-level view of the various data streams being monitored. With just a click, users can drill all the way down to individual log data, as needed.
Executive Reporting: With the Executive Reporting function, users can choose from more than 70 comprehensive reports, with both summary and detail options tailored for C-level executives, IT directors, compliance officers and small business owners. Summary report options include specific HIPAA and PCI compliance reports, plus the ability to pre-schedule reports for delivery to key stakeholders in a user’s organizations. These reports can be exported to sharable PDFs.
Hierarchical TreeMap:WatchGuard Dimension’s TreeMap, called FireWatch, filters traffic in a way that instantly brings your eye to the most critical information on active users and connections, as well as who and what is using the most bandwidth. The TreeMap view also provides options to pivot, drill-down and filter.
Global ThreatMap: ThreatMap features multiple, interactive configurable views on a world map, making it possible to have real time views of threats per region. That information is critical to helping users identify and fine-tune defenses against those attacks.
Building a product like this is not just something we do lightly. We know there will be some adjustments to the new user interface. The survey data we mentioned earlier highlights the difficulty of utilizing raw data logs to quickly assess a threat or analyze data consumption to make assertive policy decisions.
WatchGuard Dimension is now available with WatchGuard’s 11.8 launch of its XTM security platform solution. But there’s more in the release too. We have added Data Loss Prevention to the platform and updated the Web user interface to make it responsive and compatible with mobile devices.
Ready to try it out? For complete Dimension information and features, please click here.
Best-in-class… It’s an adjective that gets overused quite a bit; especially in marketing departments that are looking to give their product an edge, a perceived value that may or may not exist. Best-in-class UTM solution for the ultimate network security protection. It certainly has a nice ring to it.
Here at WatchGuard, we use best-in-class too in defining our UTM solution, but we do it based on its design. It’s actually how we built our UTM appliances. While the other UTM providers struggle to develop the many diverse security technologies in-house, we partner with the category leaders in each specialized technology sphere. This means that our customers get mature, highly vetted, best-in-class network security solutions from AVG, Websense, BroadWeb, MailShell, Kaspersky, and other leading technology specialists.
If you are going to consolidate a security feature typically provided by a point solution into a UTM appliance—we believe that the UTM security feature should be of comparable efficacy to truly deliver best-in-class network security solutions. We understand and accept that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multilayered network security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to choose UTM appliances for their security.
No other network security vendor incorporates the best-in-class mantra to the extent that WatchGuard does, nor does any other company match our effectiveness at seamlessly integrating the partner security service into the user interface (UI).
Our best-in-class approach means our customers do not have to make security tradeoffs in order to benefit from consolidating security services and management and reduced cost. Layer-by-layer, our XTM multi-function network security firewall provides superior security over what competitors’ combination of in-house technologies can possibly muster.
Does our best-in-class approach work? Well many vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Our UTM performance is up to 3 times faster than UTM appliance performance of corresponding models from the other guys. If you are using a network security firewall for security (as we expect most organizations are), UTM performance is the only firewall performance metric that matters.
This is why we use best-in-class to describe how our UTM appliance is built, and why we use The Smart Firewall to describe the actual UTM appliance itself.
Coined by IDC analyst Charles Kodology in 2003, the term, UTM, or Unified Threat Management applies to multi-function firewalls that combine many security technologies into one easy-to-manage appliance. Today’s UTM appliances typically consolidate firewall and VPN capabilities along with URL filtering, spam blocking, intrusion prevention, gateway antivirus, application control, and a centralized management, monitoring and logging function. Traditionally, these discrete functions were handled by multiple point solutions. The multi-layered security approach of UTM appliances provides broad protection against all kinds of network threats.
So now you’re in the market for a smart UTM system that can deliver broad protection, but what to look for… A UTM appliance can vary significantly from vendor-to-vendor, which can only make an accurate evaluation somewhat cloudy. While UTM security vendors may seem to offer a similar checklist of core technologies and features (firewalling, IPS, etc.), when evaluating vendors, recognize that there is enormous disparity between UTM solutions in the following five critical areas:
1. Quality of the features/capabilities. The most prevalent approach among UTM vendors is to rely primarily on homegrown technologies for their gateway AV, URL filtering, application control (if they have any), anti-spam, and other security services. However, we believe that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multi-layered security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to even choose a UTM solution for their security. It’s also why we here at WatchGuard use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Mailshell for anti-spam, and so on.
You’ll also want to be sure that your account for security needs if you’re working in a virtualized environment. As Neil McDonald of Gartner said, “…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you’d use on a physical server, inside that network, you don’t see what’s going on.”
2. Security performance or UTM performance. A high performance packet throughput device, even one with custom ASIC processors, can fail over when a full suite of unified threat management tools are enabled. Many security vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Once you activate the UTM security functions—such as those necessary for PCI DSS compliance (AV, IPS, etc.)— the performance evaporates in many competitor firewalls. By the way, our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.
3. Manageability and ease of use. We see it all too often with competitor solutions–poorly integrated management processes needlessly introduce complexity to administration. Improperly configured gear undermines security. Why not just make a security solution that’s as easy as possible for administrators of all skill sets to manage. One that provides state-of-the-art centralized management capabilities and innovative ease-of-use technologies, features that help administrators:
Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.
4. Flexibility. Security vendors differ conspicuously in the flexibility of the solution they market to customers. For instance, some UTM products can only add security services by physically bolting on software cartridges, or blades. Such an architecture only provides a limited number of slots for which to add in security services, forcing you to tradeoff one security function for another when enabling UTM capabilities. We believe lack of flexibility is a serious shortcoming of many of the competitor firewall solutions on the market. Many UTM/NGFW vendors have taken a short-sighted route of designing a security appliances to tackle only the threats of the current day.
Flexibility should also extend to ownership. Through firmware updates and software upgrades, UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.
5. Reporting and Visibility. Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.
Network security poses one of the most preponderant challenges confronting organizations today. Spyware, spam, viruses, Trojans, web exploits, and blended threats evolve and spread with alarming speed and regularity. Moreover, the emergence of new business enablement technologies exposes new attack surfaces. We see it with the growth in IP networks and proliferation of web 2.0 applications, devices (BYOD), and web technologies in the workplace. We see it with increasing reliance on cloud-based infrastructures (SAAS, PAAS, IAAS). Along with the exciting potential to cultivate work efficiencies and business opportunities, these technologies also generate more potential headaches for IT administrators.
Boosting your network security solutions with a UTM appliance is smart! Ensuring these five UTM appliance traits are part of your UTM appliance selection is even smarter. Also be sure to check out our whitepaper – Defining, Evaluating, and Designing Best-In-Class Network Security.