//
archives

UTM

This tag is associated with 14 posts

WatchGuard Technologies a Leader in Three Key Unified Threat Management and Next-Generation Firewall Categories in Frost and Sullivan Report

Companies of all sizes are demanding increased functionality from their network security and management solutions that won’t compromise performance. As the threat landscape shifts from known, signature-based threats to zero-day, advanced malware threats, detecting and eradicating them requires a multi-layered approach to security and real-time threat visibility. Delivering the industry’s best-of-breed security with industry-leading performance requires a commitment to product development and continual assessment of how to improve.

Today, WatchGuard was recognized for its commitment to product development and identified as a leader in three categories of Frost & Sullivan’s 2014 Global Analysis of UTM (Unified Threat Management) and NGFW (Next Generation Firewall) Market research study. In the report, WatchGuard outperformed other vendors in Management and Usability, Flexibility, and Value. WatchGuard was also noted in the areas of Performance and Scalability, and Roadmap.

Chris Rodriguez, senior industry analyst for network security at Frost & Sullivan and report author noted, “WatchGuard is an established competitor in the UTM and NGFW market. Their product strategy focuses on visibility, performance and integration of best-of-breed technologies that are simple to use and provide great value.”

Rodriguez highlights specific product and solution benefits that illustrate how WatchGuard achieved its leadership position. These include:

  • WatchGuard Dimension’s ability to pinpoint security and performance issues streamlines management and usability.
  • The flexibility of WatchGuard’s platform allows integration of only the desired security functionality for increased efficiency and ease of use.
  • The consolidation of leading security technologies from best-of-breed providers onto the Fireware®platform delivers exceptional value to users.
  • Tuning the platform for optimal use of commercial hardware, such as Intel processors, improves packet processing and enables increased performance and scalability of the platform.
  • A roadmap with significant future improvements around Fireware® and other security technologies shows WatchGuard’s continued commitment to product development.

To learn more about how WatchGuard can help move you to the top of the network security food chain, click here.

 

How Does an Agile Software Dev Company Use UTM?

It’s always interesting to hear unique customer stories. Today, we wanted to share how an Agile software development company, called Synerzip, is using WatchGuard’s UTM platforms combined with WatchGuard Dimension, our new cloud-ready visibility tool.

Check out the mini-graphic below to learn more.

If you’d like to read the entire case study, click here.

Synerzip_case_study_web

5 Ways UTM Security Can Help Schools

sc5Schools contain. Educators teach. Students learn.  Simple, right?  Well you’d think so, but as modernization occurs right in front of us, the methods of teaching are evolving. Students face new distractions in the form of always-connected devices, technology in their pockets, and social sharing applications that consume endless hours of time.  But, these same tools that make today’s students the communication generation (thanks parents) are also the tools teachers are increasingly using to help educate.

This new influx of technology into schools has turned what used to be fairly simple networks, into advance networks that need to protect student data, manage access, and deliver performance for in-class technology applications.  Security is a big part of this network ecosystem.  And, as districts roll out new technology, security is moving beyond just protecting, allowing administrators to strategically manage access so students can get the information they need to be successful, while eliminating the distractions.

Gone are the days of the guy with the big key ring watching over the school grounds.  Today, technology is a major component when working to keep kids productive and safe. In the security appliance world, Unified Threat Management (UTM) platforms hold the keys to success.  Here are five things to consider when selecting a UTM solution and why they matter:

  1. Bandwidth Problems – Three to four devices per student can have a dramatic impact on bandwidth and create bottlenecks. With each student carrying a notebook, smart phone, and iPad, the UTM firewall is the first point of control for getting access to that bandwidth. If it can’t handle the amount of traffic, you have your first problem – bottlenecks. Increasing the size/bandwidth of your firewall will greatly help with the flow of data, bonus points for a multi-core design appliance working in parallel. Say goodbye to legacy firewalls.
  2. Operating Systems – Windows, Mac, Android, etc., a network security system must be OS agnostic, just like the real-world.
  3. Information Overload – Distractions are everywhere on a school campus, but in the virtual world, the problem is ten-fold. UTM solutions give schools the ability to limit online access with Access Controls, enabling students to access the sites and applications they need to learn (and what educators need to do their job and protect them from legal issues).
  4. Wireless Access – Today’s students expect wireless access at all times. Gone are the days of the telephone wire, the cable box, and RJ45 cable. Updating and improving the wireless infrastructure of a campus goes hand-in-hand with increasing the bandwidth of your firewall.  Having seamless access point integration with your UTM can deliver student location recognition, help identify problem areas, and help you better plan out coverage.
  5. Dynamic Reporting – Real-time visibility is key to understanding what trends and problems might be happening on the network, and useful reporting options help keep teams informed and help shape new policy creation. A UTM solution should help you see, instantly, who your bandwidth hogs are, see where people are “going,” see which access points are the most heavily used and more. Make sure your solution can turn logs of data into security intelligence, so you don’t have to spend hours digging through information.

It’s clear that UTM solutions can help educators to better assist students in their learning career.  Don’t take my word for it, check out the small excerpt below from a recent case study with the Walker School District in Georgia:

wcs

Because of the increase in classroom productivity due to WatchGuard’s innovative technology, students are learning more and performing better on exams.

“Since all the kids are staying on the ball with what they’re supposed to be doing in the classroom, our testing scores have gone up. We’ve had some of our highest testing scores this last year that we’ve ever had,” said Bob Swanson, Walker School District Network Administrator.

Test scores reports have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.

Check out the entire case study at http://www.watchguard.com/tips-resources/casestudies/watchguard-network-security-solution-provides-safe-environment-for-walker-schools.asp

Some additional education case studies include:

Leeds College

Catholic Regional College

Cascade Schools

This post was written by Mark Romano, director of field marketing at WatchGuard Technologies.

The Difference Between UTM and NGFW

I got a call from a potential customer the other day while driving in the car with my family.  After listening to the flood of TLAs (three letter acronyms) in the conversation, my daughter asked me what all that alphabet soup meant.  Many customers wonder the same thing.  What is DLP (data loss prevention) and why do you need it?  Is IPS (intrusion prevention system) the same as APT (advanced persistent threat) and which one should you use?  And so on.  One of the biggest questions we hear is “what is NGFW (next generation firewall) and how is it different from UTM (unified threat management.)  The real answer is that it isn’t as different as you might think.  Let me explain.

UTM was born in SMB (small-to-midsized business.)  It usually refers to a single box with multiple security technologies running on it (1). SMBs love it because it’s drop-dead simple to deploy and gives them every security feature they need in a single platform.  NGFW is a subset of functionality, typically only 2 or 3 of the modules running on a single box.  Yet, although it is less functional, many larger corporations tend to prefer to break up technology by location – they prefer to deliberately architect their security solutions to put the required security appliance close to the item it is protecting.  E.g. the IPS belongs at the perimeter, but A/V and SPAM filtering belong next to the email server, etc.

Regardless of company size, and certainly regardless of which solution people choose, UTM or NGFW, WatchGuard is a very strong believer in unifying multiple scan engines onto a single box.  It just makes sense.  You needn’t pay for additional hardware, OS licenses, maintenance contracts, etc.  In addition, it gives you the best chance of combatting today’s multi-vectored threats.  Rather than keeping security tools in silos, with a different box / console / policy for each one, unify your security into the form factor that makes the most sense.

Perhaps the promise of lower operating costs combined with increased levels of security is what’s driving the growth in the integrated security market right now.  Leading analyst firm IDC tracks the growth of the UTM market specifically at more than 13% this year.  That’s the single highest growth rate in the network security market.  When that many customers vote with their dollars, euros, pesos, and baht, WatchGuard notices and works even harder to give you the tools you need to succeed.

1. Gateway antivirus, SPAM blocking, URL filtering, Intrusion Prevention, Data Loss Prevention, Reputation Authority, etc.

It’s Better To Be A Security Platform, Here’s Why

The security industry does a great job scaring its customers. We talk about threats becoming ever more threatening. The perimeter dissolving. The plethora of risks from inside and outside the company. Villains trying the defenses. It’s all a bit scary, as it should be.

If we’re right, which we think we are, there’s really just one way to deliver the protections needed: as a platform. The security industry is fundamentally a cat-and-mouse game. Historically, protection has gotten better, attacks have been fended off, but villains continue to get smarter, new attacks emerge and result in damages, and the cycle continues and never ends. The air-tight protection of yester-year becomes as leaky as a fish net. How can we deliver true protection and keep up with the cycle?

Here comes Security as a Platform (SaaP). It has three elements:

  • A software architecture to bring in new services easily.
  • A “single pane of glass” management framework, so customers are not confused when new services are introduced.
  • A hardware foundation that delivers the level of performance needed to support these services and software now, and sufficient performance headroom for the future.

This SaaP defines WatchGuard’s approach to unified threat management (UTM). We focus on building the best platform so we can introduce new, world-class security services quickly. We have a friendly and uniform management framework that allows all security services to work together and provide reporting data seamlessly. And, our platforms have sufficient head room so as we add new services you don’t need to upgrade hardware. But, if you do need a bigger box due to other growth factors, everything is compatible for easy upgrades.

sslfam-mainprod

On the surface, WatchGuard looks just like a standard multi-function box. Underneath, it packs uncompromising world-class security services and unparalleled performance. We can make this promise because of how we’re architected.

What should you do if you’re thinking of upgrading your gateway security? Here are some tips to consider when evaluating vendor solutions:

  1. List all the security services you need today.
  2. Find the box that has all of them, turn all of those services on, measure the performance.
  3. Check the CPU and memory utilization and make sure there is at least 30 percent of head-room left.
  4. Repeat for all candidate boxes.
  5. During the process, evaluate how easy it is to manage those services. If multiple of those devices are needed, check the ease-of-use for centralized management.
  6. Choose the best one within your budget.

For more information on our UTM platforms, click here.  To look at an independent evaluation of our performance from Miercom, click here.

5 Network Security Challenges Facing Schools and Campuses

Every industry has its unique set of network security challenges. In retail there’s dealing with credit card data and PCI compliance. In healthcare you need to deal with patient data and privacy requirements. Suffice it to say, the education sector has challenges that one might not initially consider and yet are very challenging in their own right.

Public school budgets are often strained today, forcing many IT managers to ‘do more with less’ and with growing security threats and booming IT innovation this is especially challenging. And while larger universities and campus-based schools may have larger budgets, they have larger challenges. Here are five network security challenges facing schools and campuses today:

1. Bring Your Own Device (BYOD) – The growing use of tablets and mobile devices by educators and students as they move to new ways of teaching and learning creates numerous network security challenges. BYOD device management is now a major need in districts and at campuses across the country. Just like any corporate organization, schools now need to think about network access policies, managing passwords more carefully, and understand how mobile devices are connecting to their networks.

2. Web 2.0 – Today’s students are more connected through social media than ever before and the Internet is playing an increasing role in education as teachers use it as part of their teaching arsenal. IT managers need to be able to allow access to certain sites and applications while restricting others. Finding this balance is not an easy challenge and requires new network security tools like Application Access Control.

3. Secure Remote Access – Student and teacher collaboration are playing an increasing role in education in today’s connected world. Today, students collaborate on projects and teachers provide feedback through cloud-based tools and by accessing school networks. IT managers need to be able to provide secure remote access to the tools that teachers and students are connecting to.

4. Multi-Point Access Solutions – Today, especially in campus environments, it’s not uncommon to have tens of buildings all connected to a single network. Being able to manage a distributed environment and its inherent security challenges needs to be simple and intuitive.

5. Identity Management – IT managers today need to be able to ensure that only authorized students and teachers can access computer and network resources. It’s through identity management that schools are able to effectively manage their acceptable usage policies and provide adequate control over access to applications.

There are many other challenges that education sector IT managers face, but these five are prevalent today and yet weren’t that long ago. Fortunately there are network security companies offering highly sophisticated unified threat management (UTM) tools and solutions, like WatchGuard. They’re flexible, powerful, robust, affordable, and can go a long way in easing the network security challenges facing schools and campuses. And, because the threat landscape is always changing, UTM solutions need to be designed to be able to easily add new network defense capabilities through security subscriptions, so costly hardware upgrades are not necessary.

IDC & WatchGuard Reveal Top 3 Security Challenges Facing Midsize Organizations: How Can UTM Help?

As 2013 comes to an end, Unified Threat Management (UTM) has grown up. What used to be an SMB security solution has now matured into a powerful platform for the midsize enterprise. The holy grail of defense-in-depth no longer requires costly point solutions, disparate management consoles, and hundreds of engineering hours to sift through log data.  No, times have changed. Today, UTM is helping midsize enterprises overcome the complexity, performance and management challenges associated with protecting the corporate network.

But, don’t take our word for it, the proof is in the data. According to IDC, from 2007 to 2017 UTM is predicted to grow 95 percent, and UTM revenue from mid-market and enterprise has grown 53 percent since 2008. Even more interesting, if you look below at the IDC graph from its most recent Network Security Forecast, it shows that UTM is the largest growing sub-function of the forecast (with the others having small or flat growth).

IDC

Below we’ll outline some of the challenges facing midsize enterprise, but you can also watch our recent IDC webinar with John Grady (research manager for security products and services) on this topic, or download our new IDC infographic, sponsored by WatchGuard Technologies, on UTM in the mid-market entitled “Protecting Your Midsize Enterprise with UTM.”

There are three key issues midsize organizations face today when it comes to network security:

complexityIDC

1. Complexity – As the security perimeter has evolved, attack mechanisms have become increasingly sophisticated, and as solutions to solve these problems have multiplied, security professionals are overwhelmed with the complexities of securing the network. Mobile devices, virtualization, and cloud applications – all of these create architectural concerns for midsize enterprises. And, since these organizations traditionally have less staff and budget, the realities of integrating complex point security solutions to address these problems become more unrealistic.

performanceIDC

2. Performance – The Internet continues to grow (IDC and EMC estimate in the IDC Digital Universe Study, sponsored by EMC in December 2012, an increase from 2.8 to 40 zettabytes from 2010-2020), as do shipments of mobile devices (19.8 percent by 2017). Organizations are using more applications, have unlimited sharing conduits, are using rich media, and are connected all the time – online activity has exploded. Roll in cloud applications and all of a sudden you have tremendous traffic coming in and out of your network. The gateway appliance can’t be the bottleneck. It must deliver higher throughput, better connection rates, be scalable, and offer layered security at the point of entry or exit (defense in depth).

management1

3.  Management – IT is supposed to do more with less. That’s the mandate.  Innovate, while reducing operating costs. It’s a constant challenge. It’s why solutions need to do more for less. But, when it comes to network security…threats, regulations and complexity continue to increase, while IT security budgets lag – there’s a gap between organizations’ self-defense and the threats they face. To combat this issue, midsize organizations need security solutions that offer a single pane of glass for management, and solutions that simplify policy creation and integrate across multiple applications.

These three challenges are driving UTM adoption in the mid-market. By combining AV, IPS, firewall, application control, DLP and other security features, UTM can consolidate the visibility of threats, save the organization money, and can increase management and reporting efficiency.  And, as threats continue to evolve, UTM will evolve with it, adding new security services and giving organizations the ability to easily visualize their security data (instead of simply reviewing log reports).

utmidc

For more information on this topic, please view the webinar, download the infographic, or visit our UTM product page.

Revving up Internet Security at the Tokyo Motor Show

Speed. Power. Beauty. Deep red paint. Futuristic styling.

As the media explores the 43rd Tokyo Motor Show this week, they won’t see any of those things. The WatchGuard XTM 2520 and XTM 870 boxes will be in the server cabinet doing what they do best: protecting the data of thousands of people.

WatchGuard is the official Unified Threat Management provider for one of the world’s largest auto shows. Held every other year, this marks the fourth consecutive show that WatchGuard’s UTM solutions have been a part of.

With more than 840,000 people projected to attend and more than 15,000 members of the global media corps alone, the bandwidth and content transmitted is mind blowing.

Network Usage at Tokyo Motor ShowThis chart shows the spikes in download traffic throughout a typical day at the show. The XTM 2520 is one of our most powerful appliances. It’s capable of handling 35GB/second of throughput and more than 2.5 million simultaneous connections. And just to be sure we were able to help the media covering this event file reports, share pictures and tell stories — we put two of them in. What’s a little bit more horsepower? WatchGuard XTM appliances feature twin turbos, integrated performance boosters and the latest in lightweight interior wiring designed to offer amazing performance.

WatchGuard XTM at Tokyo Motor ShowThe team on the ground at the show is using WatchGuard Dimension, the latest version of our integrated security platform. Showing real-time bandwidth usage, live threat maps and system performance in an easy-to-use management console, WatchGuard Dimension has been a great help at the show to give visibility into where resources need to be focused and what the greatest uses on the network are.

_IGP4306

One reason we went with the souped-up hardware was because we know that when this many people are on what is essentially a public network, the risk of exposure and threats can quickly multiply. Phishing emails, network attacks and even dead drops of USB drives can very quickly expose every user on the network. By bundling the highest-performing hardware in the industry with a dashboard that makes the network easier to manage, we’re giving the visiting journalists a ride of a lifetime.

If you’re interested in how WatchGuard can fine-tune your network performance, you can learn more about WatchGuard Dimension now or sign up for a test drive.

BYOD Device Management and Web 2.0 – Protecting Networks in Schools

Just like Principals and Superintendents, school district Network Administrators are facing the challenges of having to do more with less. Many school districts only have a small handful of IT personnel to begin with, their budgets are being reduced and they’re dealing with challenges to network security management. On top of all this, new challenges are putting a strain on networks, including:

  • BYOD (bring your own device) – Many schools are introducing tablets and other mobile devices as educators move to new ways of teaching and learning. BYOD device management is now a major need in districts across the country.
  • Web 2.0 – With students using computers to access social media sites like Facebook and YouTube, and downloading information for studies from sites across the Internet, tools like Application Access Control are now ‘must-haves.’
  • Secure Remote Access – Cloud computing solutions and of course the surge of BYOD means that teachers and students alike need secure remote access to the district network to access documents for collaborative work they may be doing.

These are challenges that, just like corporations, require smart network security solutions that do more than just stop spam or encrypt email. The Cascade School District just outside of Salem, Oregon has five campuses throughout rural Willamette Valley that serve 2300 students with a staff of 300. According to Michael King, their Network Administrator, things were getting a bit out-of-hand:

The IT department employed a mix of point solutions, each with its own management needs. “We were using ISA 2006, Windows Server, Websense for web filtering, and Barracuda for anti-spam and load-balancing, and there were big expenses for each. Yet, we still couldn’t even do things like HTTPS, which is incredibly important these days with Facebook, Google, et cetera. And, it kind of defeats the purpose to even have a web filter in place if the students can bypass it.”

Cascade School District today is leveraging most of the best-of-breed UTM security services on our XTM Next-Generation Security Platform, which includes URL Filtering, Application Control, AntiSpam, AntiVirus, DLP and IPS. This allows their IT team to meet emerging security challenges mentioned above and faced by their district (explosion of mobile device usage by students and staff, application access control to key educational and online resources, and streamlining remote access for staff). Application access control also gives them a new tool to proactively prevent cyber bullying by controlling access to popular bullying platforms such as Facebook, SnapChat or Kik Messenger. They also are able to monitor traffic on its wireless networks and throttle down users who start to bog down the network.

In addition to meeting all the challenges to network security management, the school district is projected to save approximately $24,000 in fees and maintenance and a boat load of time by consolidating these numerous point solutions into one UTM security appliance.

For more on how we met Cascade School Districts networks security management challenges, check out the case study. As always you can contact us with questions or drop a comment below.

FIVE Network Security Management Requirements for Controlling BYOD and Shadow IT

UTM ApplianceWith cloud computing and BYOD permeating almost every organization, shadow IT is beginning to make its way onto the radar screens of business leaders inside and outside of the IT department. The truth is, however, that shadow IT has been around for decades and is not necessarily a bad thing.

Shadow IT are systems and solutions built without the approval of the organization, and they are often innovative, potential prototypes for future IT-approved solutions. The problem is that while creating real value to an organization, they are often built without key network security management protocols in place; namely reliability, documentation, control, security, and budget.

So why the hype and why now? While shadow IT has been around for a long time, the volume and velocity of applications and cloud solutions, not to mention low cost (often free) is multiplying rapidly, creating an IT snowball effect. In fact, according to a PricewaterhouseCoopers’ Digital IQ survey, at 100 companies that PwC considers top performers, IT controls less than 50 percent of corporate technology expenditures – and we’re talking pretty large companies here with typically strict IT policies in place. This is in drastic contrast to ten years ago, when the Dachis Group estimates that only 10 percent of IT spending took place outside of IT. At smaller organizations where IT departments are even less influential, this shadow IT snowball effect is even more rampant.

So what can IT departments do? The answer is securing the network and protect the organization from outside threats. Containing the growth of shadow IT may not be an option, but reducing outside threats is. Select a strong, multi-function Unified Threat Management (UTM) system that goes beyond a simple firewall to deliver strong network security management, and make sure it has these FIVE key elements:

  1. Easy-to-Use Policy Tools – This way, administrators can enforce the policies that best meet their environment, whether it is a small retail shop or a multinational, distributed enterprise. And today, you really need to consider a single console that allows for easy integration of both wired and wireless security policies.
  2. Network Segmentation – Today’s solutions need to let administrators easily and quickly set up various network segments, to include virtual assets that can be protected and segmented to maintain compliance and high security. Also consider the capability to segment and secure accordingly via SSID (guest, corporate, finance, etc.).
  3. Smart Logging and Reporting – This may be one of the most valuable resources that IT can leverage for their BYOD strategy. Administrators need to be able to gain deep insight into what is connected to their network, as well as the applications being used. These insights not only help safeguard resources, but also illuminate trouble spots and potential weaknesses, and help to remediate areas of concern.
  4. VPN Functionality – Leveraging smart VPN capabilities, administrators can enforce acceptable use policies for mobile, remote and road warriors who need to access corporate data anytime, anywhere.
  5. Use Best-in-Class Solutions – When we built our XTM line of multi-function, smart firewalls we consolidated many vital security services (Anti-virus, IPS, Application Control, URL filtering, and more). But rather than build these ourselves, we relied on our best-in-class partner technologies (AVG, BroadWeb, Kaspersky, Commtouch, Websense, etc.). The result is a peerless multilayered security, an unrivalled ease-of-use and centralized management experience, and industry-leading UTM throughput performance. These solutions extend network security to the WLAN, critical for securing personal mobile device traffic, which generally utilizes wireless networks in corporate environments.

Without question, BYOD and the cloud is accelerating shadow IT, but strong network security can reduce and eliminate the inherent risks. As a leader in network security, we work to develop solutions to enable a safe and productive BYOD ecosystem. By enforcing a practical policy, we believe that organizations can enable workforce productivity, foster goodwill and trust across the organization, achieve compliance demands, and maintain strong security–without sacrificing flexibility.