This tag is associated with 6 posts

WatchGuard Triple Threat in Info-Tech NGFW Vendor Landscape Report

In an increasingly complex network threat landscape, delivering security solutions that stop malware in its tracks requires more sophisticated technologies than ever. Traditional firewalls aren’t enough and only stop a portion of signature-based threats. Today’s unknown threats require Next-Generation Firewall (NGFW) solutions that provide complete network security and real-time threat visibility.

When Info-Tech Research recently evaluated the top ten NGFW vendors for its 2014 NGFW Vendor Landscape Report, WatchGuard was more than just a “Champion,” they were also the only vendor given the Value and Trend Setter Awards. Info-Tech noted WatchGuard is only the second vendor to place first in all three evaluation categories in any of the 70+ landscape reports they publish annually.

ChampionWatchGuard’s Fireware XTM Series NGFW was the most highly rated among all vendors and was one of only two vendors to receive the highest designation in the report’s Overall Product category. They found the XTM series “provided an affordable price with a solid and scalable product.” Info-Tech was also impressed by the reporting capabilities of the XTM firewall and called WatchGuard Dimension a “differentiator amongst its competitors.”

The combination of WatchGuard’s innovations like WatchGuard Dimension and its promise to always deliver affordable security solutions for organizations of all sizes, continues to separate them from other vendors.

For this Vendor Landscape, Info-Tech chose the ten vendors with broad capabilities across multiple platforms with a strong market or reputational presence among mid- and large-sized enterprises.

Download the Info-Tech report today: www.WatchGuard.com/InfoTech

How WatchGuard can save you more than half a million dollars

Assessing the potential value of an investment can be challenging. In the face of projections and assumptions, determining real value can require calculations that don’t always include all of the available variables.

So, when we were exploring the best way to provide the market with an economic analysis of our integrated security platform (XTM), we looked to Forrester Principal Consultant Dean Davison, who happens to be an expert on customer solution purchasing and deployment.

The engagement resulted in a comprehensive study of one of our customers, and a recent webinar, which you can view on-demand below. If you don’t have time to watch the video, skip further down for a brief breakdown of the paper and webinar.

It’s not often that a customer allows us to publicly dig into every element of a security deployment, and share ROI with the world. And, well, this time was no different… at least publicly. But fortunately, one of our customers was gracious enough to allow Forrester Consulting to dig deep into all the facts and figures associated with their XTM deployment, as long as it was anonymous. The end result: The Total Economic Impact of WatchGuard XTM for Managing Unified Threat Management.

How was it done? To determine the total cost, Dean worked with a global manufacturing company that deployed WatchGuard XTM to replace a system it had outgrown.

What Forrester found was that over three years, the company would save more than $580,000. In the words of the security manager that we interviewed:

“WatchGuard costs less than [the previous vendor], and the XTM products work like they are supposed to work. WatchGuard identifies the right threats, closes the right doors, and allows me to easily pinpoint the source of security threats.”

One of the benefits of using a true Unified Threat Management platform, such as WatchGuard, is that you are able to unify all of your threat management tools into a single-pane management console. This results in a more efficient management experience. Something our customer was able to prove with his experience. Over several years of using products from the previous vendor, the security manager observed that the its “integrated” products were really a collection of point products from different divisions or acquired companies. WatchGuard utilized a best-of-breed approach to UTM. We have developed a platform that enables you to utilize the best solutions in a simple, easy-to-navigate interface (that just got so much better) and manage your systems through that.

Instead of a UTM solution, the security manager describes getting a hodgepodge of point products that feigned integration but had gaps in features, functions, and capabilities, and that support teams spent more time pointing their fingers at other products or divisions than solving his core problem. This was a dramatic departure from his experience using WatchGuard’s UTM.

The security manager was spending 35 weeks per year (about 73% of his time) troubleshooting threats or intrusions or reacting to problems that — in the security manager’s opinion — should have been addressed by the previous system such as:

  • Receiving notices from broadband carriers about malware that went undetected on the customer’s network.
  • Encountering malware that forced the shutdown of production floors for an average of 20 hours per year.
  • Enduring finger-pointing and a lack of results from customer support teams at the LTV.

But there’s more to this story. We know that the value is in the platform. Simply unifying antivirus, antispam, IPS, URL filtering, app control and more into one box is where the previous vendor had fallen short. WatchGuard brings to the table a management and analysis console that integrates crystal clear data visualization and reporting tools to show threat sources, analyze bandwidth usage and determine security best practices.

Ready to learn how WatchGuard can save your company more than a half million dollars? Simply watch the total cost of ownership webinar now.

Protection from the Inside Out

This post is by Roger Klorese, WatchGuard’s Director of Product Management.

When we talk about security and compliance requirements, the discussion is usually about keeping bad stuff out — protecting the network from threats, in the form of intrusions, malware, phishing spam, or others. And that’s the view most organizations take to the problem. But they’re only thinking about half the problem. Protecting the network is not just about keeping the bad stuff out, but also about keeping the good stuff — confidential information and other valuable assets — in.

This is why today we are announcing the upcoming availability of WatchGuard Data Loss Prevention, which will be available as part of our growing Unified Threat Management solution. Right out of the box, it recognizes information from many countries (18 at first, with more to come). It can find the information you need to protect — credit card numbers, home addresses, health information, and lots more — not only in your email and web pages, but in 30 of the most common document types you might be sending (including Microsoft Office files and more). It recognizes confidential documents not because you magically tagged them with a special program, but because you used your normal “Confidential” marker in them.

And if selecting from the more than 200 rules included in the product still sounds like a lot of work, how about a single check box to enable checks for the most popular compliance regimes such as PCI DSS and HIPAA? Are you ready for Data Loss Prevention?

Accidental Data Loss a Top Priority

We recently surveyed more than 2,100 security experts around the world about the regulations that govern their operations, the types of information they need to protect, and whether or not they currently do take any actions to protect it. Here are some of the most interesting things we’ve learned from our customers and from industry analyst sources — and how we’re going to help you follow through on your data loss prevention concerns.

The results of our Data Loss Prevention survey show some surprising results

The results of our Data Loss Prevention survey show some surprising results

The information that most companies told us concerned them the most about losing was financial data, as one might expect. But personally identifiable information (PII) such as national ID numbers followed close behind, as did credit card numbers.

While about a third of companies surveyed each said Payment Card Industry (PCI), Personal Health Information (PHI) and other regulations governed them, more than half said the regulations that affected them were regional data privacy concerns. With the recent high-profile PRISM news, it’s easy to see why this concern would be even more on people’s minds than ever.

About a third of the companies surveyed reported that they did business in more than one country — making their need to protect different types of data under different regulatory regimes even more complex.

Surprisingly, only a little more than half of the companies even had a policy that made it clear to their employees what information could be shared and what needed to be protected. You might think it’s a common-sense issue, but without clear guidance, employee judgment carries too much of the responsibility for decision-making. And only a third of the organizations had any technological solution for data loss protection (DLP).

Protecting from accidental disclosure

Why do so few companies use DLP technology to keep their information safe and their behavior in compliance? More than half say it’s not a high priority for them. (Which is likely to be true until they suffer the costs of a breach, including the regulatory fines that can hit them.) Many others say it’s too expensive or too complicated. They’re right about standalone DLP solutions — but those products, which often cost in the millions of dollars, are meant to block everything from an accidental leak in email to a disgruntled employee walking out the door with a flash drive full of the corporate assets.

For the accidental data loss that can occur over the network via web or email, though, companies should be able to leverage the same sorts of systems that help them keep the bad stuff out — unified threat management (UTM) systems. But until now, these products have come up short. Either they’ve been limited in their ability to recognize global data — for instance, with only one or two built-in rules for national ID detection — or they’re delivered with no rules at all built-in, requiring you to roll your own! How many of you would be driving your car today if you’d had to build it yourself?! Some products even require you to tag the documents you want to protect with a special “watermark” — if you missed a valuable one, or you accidentally pasted the wrong information into an email message, your loss. (Literally.)

Just as WatchGuard offers with all the security services our UTM platform offers to keep the bad stuff out, we use best-of-breed technology to help you keep the good stuff in. And we let you manage it from a single pane of glass, for one UTM appliance or hundreds.

We’ve looked at security from both sides now — from outside in and from inside out — and the choice is clear: the powerful UTM capabilities of WatchGuard XTM. Request your demo of WatchGuard Data Loss Prevention now! The product will be available in September.

Walking the Tightrope: Embracing BYOD and Protecting Your Network

Employees increasingly use personal devices, including, tablets, smartphones, and laptops, to accomplish their work faster, more flexibly, and from anywhere.  Yet, while BYOD (Bring Your Own Device) offers more control and independence for workers, it can reduce the control organizations have over securing their networks.

Endpoint Security

Endpoint protection and robust encryption are generally mandated on company-owned devices, but personal devices often lack these safeguards.  Moreover, devices used for personal computing and messaging, when off the company grid, lack the protections of the network firewall, leaving the entire organization exposed to hacker exploits, or malware infection, when the device re-connects to the network.

More than a quarter of companies reportedly lack security requirements for smartphones.1 However, companies that do implement security policies for mobile devices still face the threat of employees trying to bypass these requirements. A Ponemon and Websense joint survey highlighted just that—59% of respondents claimed that employees circumvent or disengage security features such as passwords and key locks.2

Lost Personal Devices: A Data Minefield

In the case of a lost or stolen personal device that stores company-owned data, an employee may be unwilling to have their device data wiped remotely.  In fact, only 55% of mobile workers report having remote wipe enabled on their smartphones, and just 30% on their tablets.”2 The inability to rapidly dispose of sensitive data, particularly unencrypted data, exposes organizations to considerable risk.

What You Can’t See, Can Byte You!

A Mobilisafe study encompassing 130 million device connection events reported that over a third of the devices with network access and/or corporate data went inactive for more than a month.3   The presence of so many personal devices used for work that are unaccounted for, and that may retain sensitive data and user credentials, poses a latent threat to organizations.

Outdated Firmware and Version Control

The sheer number and variety of personal devices and operating systems that may be in use across an enterprise poses daunting challenges for IT.  Mobilisafe found that 71% of mobile devices contained high severity operating system and application vulnerabilities. Mobilisafe theorizes that severe vulnerabilities could be reduced 4-fold simply by updating firmware.3

Malware Breeding Grounds

Smartphone users routinely download music and games, access applications, and execute files with minimal regard to file source or authenticity.  Ponemon and Websense reported that, in a one year period, 51% of surveyed organizations experienced data loss resulting from employee use of insecure mobile devices.2

With all the potential pitfalls, it’s easy to understand why some people more cynically refer to BYOD as “Bring Your Own Danger/Disaster.”

Taking BYOD Head-On

Organizations that try to ban personal devices outright, may repel productive and creative workers, or induce employees to work outside the rules.

A successful BYOD security policy should strive to:

  • Establish full visibility of all devices connected to the network
  • Enforce strong access control passcodes on all devices
  • Mandate minimum system and device requirements
  • Continuously monitor for vulnerabilities, exploit attempts, misuse, and devices that have gone off-line
  • Encrypt all company data on personal devices
  • Enforce use of antivirus, data loss prevention, and application control
  • Allow company access to the device for forensics, or to wipe company data
  • Measure compliance

As a leader in network security, WatchGuard Technologies develops solutions to make your BYOD environment a safe and productive ecosystem.  By enforcing a practical policy, we believe that organizations can enable workforce productivity, foster goodwill and trust across the organization, achieve compliance demands, and maintain strong security–without sacrificing flexibility.

Check out WatchGuard’s white paper on how to create a secure BYOD policy for your network.


  1. iPass. “The iPass Global Mobile Workforce Report: Q3 2012: Understanding Global Mobility Trends and Mobile Device Usage Among Business Users”.  August 2012.
  2. Ponemon Research Institute (sponsored by Websense). “Global Study on Mobility Risks: Survey of IT & IT Security Practitioners”. February, 2012.
  3. Mobilisafe. “Four Steps To Mitigate Mobile Security Risks”. White Paper.

SC Magazine Review of WatchGuard’s XTM 505

Continue reading

Email Security and Anti-Spam Solutions: 10 Things to Consider During Evaluation – Part Two

In our last blog post we reviewed the first five things you should consider when comparing and considering an email security and anti-spam solution. An email security and anti‐spam solution is a critical ingredient for protecting both your network and your company’s overall employee productivity, and with many solutions on the market you need to evaluate carefully.

Here are the remaining 5 things to consider when comparing email security and anti-spam solutions:

6. The number of appliances you have to acquire to get complete protection

Most solutions are sold by functionality and the SMB models in most product lines have much less capability. You need to make sure that you’re not overlooking important features such as LDAP access, end user controls, and on‐box spam quarantines. If these are not available on your SMB solutions, you may be forced to move up to more expensive systems just to get the basic functionality your business needs.

7. What kind of support is available once you’re up and running?

Buyers should be careful to select products that offer solid, well‐trained, 24/7 tech support for their mission‐critical security products. Some vendor support can be lacking in depth and thus you may be forced to rely on user forums for most of the real support.

8. Does it provide automatic, uptotheminute security?

You need to make sure your email security solution doesn’t need constant fine tuning. If it provides a means for automated and constant self‐updating, so that it is always aware of the latest threats, you’ll ultimately get better security while also reducing your administration costs.

Many anti‐spam solutions on the market rely on a 1st generation (at best) reputation service, which in turn depends on RBLs (real‐time block lists) that provide a simple yes/no result for legitimacy of an email based on sender IP history – much like a credit bureau which makes decisions based on history. But the RBLs are not updated quickly enough to keep up with the increasing volume and purveyors of spam. Depending on how aggressively you set your spam threshold, with a simple RBL, you’ll either get a low catch rate or a high false positive rate. If your spam solution requires you to constantly adjust and manually add new scanning rules to catch spam (because the engine doesn’t), you’ll further increase false positive rates.

9. Understand what features you’re getting

Will your email security and anti‐spam solution allow you to adjust your spam settings for your unique needs? Some vendors list features like ‘attachment stripping’, ‘footer stamping’, and ‘body and header keyword search’ and then market them as highly effective spam detection tools. In reality those spam detection offerings do not allow you to set up even simple logic in filters to fine tune your spam settings or the ability to combine multiple actions on messages, resulting in legitimate messages being blocked.

Here’s a short list of features and functions that we think should be part of your checklist:

Threat Protection

  • Anti‐Spam
  • Anti‐Phishing
  • Anti‐Virus/Anti‐Malware
  • Next‐generation Reputation Services
  • Threat Outbreak Protection
  • Spam Dictionaries
  • Pattern‐based Message Filters
  • Message Quarantine
  • Inbound Attachment Control

Data Loss Prevention

  • Pattern‐based Content Rules
  • Compliance Dictionaries
  • Objectionable‐Content Filtering
  • Outbound Attachment Control
  • Outbound Content & Attachment Scanning
  • Document Fingerprinting and Data Classification
  • TLS Encryption
  • Message Level Encryption

Management & Reporting

  • On‐box Reporting
  • Messaging Logs
  • Customizable Granular Policies
  • Customizable Granular Reports
  • Centralized Management


  • Message Redundancy
  • Geographical Redundancy
  • Queue Replication
  • One-Demand Clustering

10. Is open source the right solution for your security?

When security vendors base their products on open source technology, they can put your network at risk. Spammers are motivated, highly capable people with a monetary incentive to engineer their way around your security barricades. They can reverse‐engineer open source security technology in order to bypass its detection of spam and threats, making it more open to hacking than proprietary solutions.

If you have thoughts or additions to you’d like to add to the list, feel free to add them in the comment box below.