This tag is associated with 4 posts

Introducing the lean, mean content security machine

As goes the Internet, so goes security for the content it carries: throughput is king. As the volume of email and the amount of information it carries continues to increase exponentially, vendors like WatchGuard need to deliver more performance in our enterprise content security solutions.

WatchGuard XCS 880WatchGuard XCS 880 left view

WatchGuard XCS 880 Right view

Sure, we could add more cores and more hard disk space. But bigger isn’t always better; instead of building a fire-breathing monster, we opted for a different approach. Today we are announcing a leaner, meaner security solution for email (and web) content: the WatchGuard XCS 880. Delivering 20 percent more processing power, twice the email throughput per dollar, and all of the redundancy you need for non-stop security, while consuming less than half the energy of previous models – the WatchGuard XCS 880 combines power and efficiency in a slim 1U profile.

Smaller, lighter, less expensive to power and to cool – the XCS 880 is another proof point of our Best of Breed security appliance strategy. You can take advantage of the performance curve our processor partner, Intel, provides generation after generation – and instead of having to maintain your own operating system, install and configure lots of separate security products from different vendors and manage them from separate interfaces, you get one integrated solution managed from a single pane of glass.

To learn more about the XCS 880 and the full suite of XCS solutions, visit the WatchGuard XCS 880 page.

Network Security with Virtualization Best Practices

On October 23rd, at the Gartner Symposium ITxpo in Orlando, Florida, our own Cory Nachreiner will be speaking on virtualization best practices for network security. His session – Securing Networks in a Virtual, Cloudy World: Virtualization Best Practices – will highlight what you need to know about network security in today’s virtualized IT environment.

Neal MacDonald of Gartner Group has estimated that “60 percent of virtualized servers will be less secure than the physical servers they replace.” MacDonald also identified some of the most common security risks for data center virtualization projects:

  • Information security isn’t initially involved in the virtualization projects
  • A compromise of the virtualization layer could result in the compromise of all hosted workloads
  • Workloads of different trust levels are consolidated onto a single physical server without sufficient separation. Adequate controls on administrative access to the hypervisor (Virtual Machine Monitor) layer and to administrative tools are lacking
  • There is a potential loss of Separation of Duties (SOD) for network and security controls

Traditionally, network security has been designed as a ‘one appliance, one application’ model and designed with physical networking in mind. Firewalls and UTM appliances are leveraged in network designs based on the fundamental notions of:

  • Perimeter enforcement – protecting the “inside” from the “outside” – with network architectures that are built on this separation
  • All traffic flows over physical networks, so security can be implemented by interposing physical devices on the wire

With virtualization, these fundamental assumptions may not be true:

  • Network architectures blur the definition of the “perimeter” with private resources spanning locations in arrangements leveraging VPNs
  • Multiple organizations and applications within a business, and multiple businesses hosted by a service provider, can be on the same side of a physical perimeter
  • Compliance and privacy requirements make it necessary to offer security and auditability between entities within the same virtual infrastructure
  • Mobile users can easily bring malware into a shared infrastructure
  • For service providers, the ability to offer full protection is even more critical when multiple customers are hosted on the same server farm – or even on the same server
  • Physical appliances cannot offer in-line protection in a dynamic virtual infrastructure
  • High-availability and live motion capabilities can mean that applications do not always run on the same physical servers
  • Traffic can pass over virtual-only networks within a server, making it impossible to interpose a physical device

In his presentation, Cory will touch on what you need to know about securing your virtual network, and showcase our latest network security solutions designed for virtualization infrastructures, including the XTMv and the XCSv. So mark your calendars and be sure to stop on by.

DLP in Two Minutes

Most people have sent an email and right after clicking the send button have realized, “Uh oh, that was not the intended recipient.” Did you know that is unintentional data loss? Usually, this type of accidental data loss isn’t a big deal, but if valuable information were to get into the wrong hands the result could be catastrophic for your company.

In order to understand Data Loss Prevention, it is important to have a clear understanding of data loss, and while it may seem like a rather simple concept, the simplicity is what makes it so frightening. Any time data is set into motion – accessed in an unconventional way, forwarded to a co-worker, sent to a printer, etc. – its security is put at risk. In fact, 3 out of 5 organizations have experienced a data loss or theft event. So, when you think about how often you send something to a coworker, or access your work via your home computer or mobile device, the likelihood of data loss becomes pretty significant.

More often than not, data loss is unintentional.  Fortunately, WatchGuard strives to ensure that your company’s corporate data is safe and secure through advanced Data Loss Prevention technologies.

Data Loss Prevention is a security term that refers to a solution that identifies, monitors, and protects sensitive data to detect and prevent the unauthorized use and transmission of confidential information.

Data Loss Prevention is:

§ A business tool that requires a comprehensive strategy

§ Technology that inspects sensitive content, and audits and enforces content use policies

Data Loss Prevention can be used for:

§ Regulatory due diligence

§ Intellectual property protection

§ Accidental data loss

§ Data theft

1. The insider who acts with malicious intent: This is typically someone with administrator rights or privileges to access sensitive information or data — aka a trusted employee with normal access rights to confidential data.. What happens if this employee decides to leave and joins a competitor, or simply tries to trade this information for cash?

2. The non-malicious insider who violates policy or leak data without necessarily seeking to do so: For every malicious insider, there are dozens to hundreds of employees who are simply trying to get their work done. In the process, they perform all sorts of unwitting policy violations that put your company’s confidential data at risk.

The WatchGuard 2 minute DLP will show you just how easy it is to implement data loss prevention into your business network.  Two minutes with WatchGuard DLP can mean the difference between “oops, I didn’t mean to send that,” to front-page, headline news.

May Madness: Cyber-bullying in our Schools

This is based on a true experience in the Washington State Public Schools.

My sister yells from down the hall, “Wow, Katie. Come here!” The tone in her voice tells me my ear is about to be flooded with 15-year-old girl drama.

“What’s going on?” I ask with an exaggerated exhale.

“Just look,” she says, nodding her head slightly towards the computer screen.

 I stare and wonder why she would suddenly believe I have any interest in ranking sports teams. It doesn’t take a college basketball enthusiast to recognize the bracket that causes so much angst around the water cooler every year. The entire month of March consists of predictions, victories, upsets, bets, and team loyalties; not to mention an inbox flooded with pool invites.

 “Oh, did you win a March Madness pool?” I ask trying to hide my complete lack of interest.

“No, Katie,” she says coarsely. “It’s May Madness.  Some boys at my school started it. The ‘top’ girls are ranked from ugliest to prettiest.  Same idea as March Madness, just…people.”

 My jaw drops in disbelief, wondering how the seeding of college basketball teams has relegated to rankings of young and impressionable high school girls. How are the words “ugliest” and “prettiest” thrown around as though they define a person? She continues to explain that the “May Madness” bracket had circulated around the school earlier that day and in a matter of hours every girl at the school knew how pretty or ugly the boys thought she was.

 The harsh reality is all the security in the world cannot stop some of the cruel behavior that goes on in the high school, middle school, or even elementary school hallways, but WatchGuard recognizes that proactively protecting students online is key in putting an end to cyber-bullying.

 How does WatchGuard help stop May Madness from happening in schools?

 Simply. WatchGuard Extensible Content Security (XCS) blocks or flags cyber-bullying, slander and comments through traditional email, webmail (such as Gmail) and Internet sites including Facebook and Twitter. Along with a commitment to help in the efforts to end cyber-bullying, WatchGuard has made school computer and internet safety a priority. Our WatchGuard website has a dedicated “Education” section with various resources such as; WatchGuard Internet Safe Search, Webinar: Planning Your Defense Against Top Security Threats in Education, and promotional savings for educators.

 “Are you okay?” I ask.

“Yea, I don’t know, it’s just mean.” She says softly.

My heart feels for her as I remember the pressures that come along with being a 15-year-old girl and the idea of a cyber-bullying is a hard concept for me to grasp, let alone relate to.

Not knowing what to say, I lamely respond with an overused utterance that well-meaning people use in these situations, “You’re right, it is mean, but this does not define you or any of those girls.”

“Yea, I know. This is just how it goes, I guess.” She says with resignation.