Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wireless security wikipedia , lookup
Microsoft Security Essentials wikipedia , lookup
Securing the Future with WatchGuard XTM Network Security Solutions © 2009 WatchGuard Technologies Meeting Today’s Business Security Needs © 2009 WatchGuard Technologies IP Networking Technology is Converging More clients, more traffic hits the network than ever before! Internet VoIP Mobile Computing New Applications PC Computing Power Wireless LAN Network Speed is Accelerating Broadband for Small Business (US) Comcast: 6 to 50 Mbps 16 Mbps for $99/mo. Quest: up to 20 Mbps Verizon: up to 50 Mbps Threats are Rapidly Evolving! Bot Client (Trojan) Most Popular Payload MostCommon Common“Parent” “Child” Malware Most Malware Microsoft Security Intelligence Report 2009 Malware Volume Out of Control x3 x6 ??? Malware Delivery More Dynamic/Agile Between their increased reliance on botnets and the introduction of new evasion techniques, the servers that deliver malware have become much more dynamic and agile Dynamic malware networks supported by bot networks Fast Flux DNS Domain Flux “European cyber-gangs target small US firms” • Fortune 500 companies are not the only targets – Attackers use malware planted on corporate computers to initiate fraudulent wire transfers – Cyber criminals stole $750,000 from a small school district near Pittsburgh – Unique Industrial Product Co., a plumbing equipment supply company in Texas, lost $1.2 million – JM Test, an electronics calibration co., lost over $90,000 Businesses are More Accountable Than Ever! • Regulations get tough on irresponsible handling of Personally Identifiable Information (PII). – Hefty fines for non-disclosure – Legal fees • Businesses can’t operate without adequate network security. – PCI-DSS: comply or lose ability to process credit card transactions – HIPAA: comply or lose license. • Direct losses can be massive. Within This Environment, You Need the Best Solution! Competing Solutions Your Solution with WatchGuard “We’re extremely satisfied with the WatchGuard products…switching to a single provider has made our internal IT department’s work considerably easier.´ Martin Korn, Head of IT & Central Service, Novoferm GmbH WatchGuard is Bringing New Solutions… Nov-09 Oct-09 Sept-09 XTM 1050 Sept-09 Fireware XTM 11 May-09 SSL 100 XTM 8 Series XCS Messaging Security Featuring XTM Series Network Security Appliances WatchGuard XTM 2 Series WatchGuard XTM 5 Series WatchGuard XTM 8 Series WatchGuard XTM 1050 The Best Protection… Proactively blocks viruses, worms, spyware, trojans, and blended threats Out of the box Over 600,000 appliances shipped since 1996 14 At the Best Value! MSRP, 1yr Security Bundle vs. UTM Throughput 1,800 1,600 NSA E6500 1,400 XTM 1050 XTM 830 1,200 XTM 820 1,000 SonicWall 800 XTM 530 600 XTM 810 NSA E5500 Fortinet Juniper WG XTM line XTM 520 NSA 4500 400 XTM 510 XTM 505 NSA 3500 NSA 2400 TZ210NSA 240 SRX 210 FG 80C XTM TZ200 XTM 2223 TZ100 FG 50B XTM 21 200 0 $- $5,000 $10,000 250 160 150 70 100 $15,000 200 120 $20,000 $25,000 $30,000 $35,000 From a Leader in the Industry Gartner Magic Quadrant SMB Multifunction Firewalls WatchGuard XTM Products © 2009 WatchGuard Technologies XTM Series Target Markets Remote Site XTM 2 Series XTM 5 Series XTM 8 Series 1050 Small Org. Main Office Midsize Org. Data Center • Retail, Healthcare • Education, Finance • Retail, Healthcare • Education Finance • Retail, Healthcare Enterprise/MSSP • Education, Finance WatchGuard XTM 1050 Solution 10 Gbps Firewall Throughput 2 Gbps VPN Throughtput XTM Security Platform Powerful, Flexible Management Tools Optional Fiber Module Dual hot swap power supplies and fans Affordable EnterpriseGrade Security! WatchGuard XTM 8 Series Solution • Up to 5 Gbps Firewall Throughput • Up to 1.2 Gbps XTM Throughtput • XTM Security Platform Best Price for the Performance! Investment Protection A natural fit! XTM 1050 and 8 Series Speed and Power! Intel Multi-Core Processor 10-12 Copper 1-Gb Interfaces 2 USB, 1 Serial DB9 2 Gb SDRAM Memory 1 GB Flash Memory 1U – 2U Rack Mounts Complies with NRTL/C, CB, RoHS, WEEE, REACH Security Certifications in progress: ICSA, FIPS 140-2, EAL4 Reaching New Heights is a Family Affair! XTM 810 XTM 820 XTM 830 XTM 1050 Firewall Throughput 3 Gbps 4 Gbps 5 Gbps 10 Gbps XTM Throughput 900 Mbps 1.1 Gbps 1.3 Gbps >1.4 Gbps 1-Gig Interfaces 10 10 10 12 Concurrent Connections (bidirectional) 500,000 750,000 1,000,000 >1,250,000 BOVPN 1000 2000 6000 7000 MUVPN (IPSec) 600 to 2000 700 to 6000 800 to 8000 15,000 MUVPN (SSL) 1000 4000 6000 15,000 VLANs 200 300 400 500 Management with Logging/Reporting WatchGuard System Manager WatchGuard System Manager WatchGuard System Manager WatchGuard System Manager Model Upgrade Yes Yes No No Security Platform Fireware XTM Pro Fireware XTM Pro Fireware XTM Pro Fireware XTM Pro WatchGuard XTM 5 Series Solution • Uncompromised performance with 2.3 Gb/s Firewall and 800 Mb/s XTM. • 7 Ethernet ports including 6 GbE • 4 models from which to choose the best fit. • Runs Fireware XTM 11.2.1 or higher • Managed with WSM 11.2.1 or higher • Market leading value! Not All Mid-Size Companies are the Same! XTM 505* XTM 510 XTM 520 XTM 530 Firewall Throughput 850 Mb/s 1.4 Gb/s 1.9 Gb/s 2.3 Gb/s XTM Throughput 275 Mb/s 400 Mb/s 600 Mb/s 800 Mb/s Concurrent Connections (bi-directional) 40,000 50,000 100,000 350,000 BOVPN 65 75 200 600 MUVPN (IPSec) 5/75 25/100 50/300 400/1000 MUVPN (SSL) 1/65 1/75 1/300 1/600 Local User Database Max. 500 500 1000 2500 Management with Logging/Reporting WSM 11.2.1 WSM 11.2.1 WSM 11.2.1 WSM 11.2.1 Model Upgrade Yes Yes Yes No Security Platform Fireware XTM 11.2.1 Fireware XTM 11.2.1 Fireware XTM 11.2.1 Fireware XTM 11.2.1 *XTM 505 is sold with bundled UTM only Leading Value for Rack Mount Appliances! UTM Throughput (Mbps) vs 1-year UTM Advertised Price (USD) 2500 2000 Astaro 1500 Cisco Fortinet Juniper 1000 SonicWall WatchGuard XTM 530 XTM 520 NSA 4500 500 XTM 510 XTM 505 0 $1,500 $2,500 $3,500 $4,500 $5,500 $6,500 $7,500 $8,500 $9,500 5 Series Package Contents • • • • • • • • • 1 XTM appliance 1 rack mount kit 2 ethernet cables 1 management cable (RJ-45) 1 power cord Getting Started Guide Hardware warranty card LiveSecurity Service activation card 4 rubber pads for the bottom of the device. WatchGuard XTM 2 Series Solution • Powerful tabletop appliance with XTM security – perfect for small business. • 6 Ethernet ports total including 3 GbE • Wireless-N dual-band (802.11 a/b/g/n) • Performance to max out your pipe – up to 190 Mb/s firewall and 40 Mb/s XTM. • Rich networking and management features! The Network Edge has Range! XTM 21 XTM 22 XTM 23 Firewall Throughput 110 Mb/s 150 Mb/s 190 Mb/s XTM Throughput 18 Mb/s 30 Mb/s 40 Mb/s VPN Throughput 35 Mb/s 55 Mb/s 55 Mb/s Concurrent Connections (bi-directional) 10,000 20,000 30,000 MUVPN (IPSec) 1/11 5/25 5/55 MUVPN (SSL) 1/11 1/25 55/55 Wireless 802.11 a/b/g/n (XTM 21-W) 3G Extend Accessory 802.11 a/b/g/n 802.11 a/b/g/n (XTM 22-W) (XTM 23-W) 3G Extend Accessory 3G Extend Accessory Management with Logging/Reporting WSM 11.2.1 WSM 11.2.1 WSM 11.2.1 Model Upgrade Yes Yes No Security Platform Fireware XTM 11.2.x Fireware XTM 11.2.x Fireware XTM Pro 11.2.x A WatchGuard XTM Product for Everyone! Throughput in Mb/s 10,000 9,000 8,000 7,000 6,000 Firewall 5,000 4,000 3,000 2,000 1,000 XTM 21 XTM 22 XTM 23 XTM 505 XTM 510 XTM 520 XTM 530 XTM 810 XTM 820 XTM 830 XTM 1050 WorldWide Certifications for All XTM Series EMC/Safety Hazardous Waste • FCC, NRTL/C (US) • ICES (CAN) • DoC, CB (EU) • KTL (Korea) • 2 Series Wireless • RoHS • WEEE • REACH Security (pending) Import/Export • ICSA, VPN & Firewall • FIPS 140-2 • Common Criteria, EAL4+ • NOM (Mex) • IRAM (Argentina) • ECCN (US) • CCC (China) WatchGuard XTM Software and Services © 2009 WatchGuard Technologies WatchGuard XTM Ecosystem is Common to All XTM Series WatchGuard System Manager Management Client User Interfaces WebUI Servers CLI XTM Appliance Fireware XTM OS Fireware XTM Pro Fireware XTM OS Security All in one security for hassle-free, layered protection. – – – – VPN Authentication Stateful Firewall Deep Packet Inspection (Proxy Architecture) – VoIP Security – Additional Content Security Keys to WatchGuard Technology Proxy-based for inspection at all OSI layers XTM Security enables layered protection in a single device FullFeatured Management Hardware Dedicated, custom hardware for max performance and value Fireware XTM OS Networking Networking flexibility for easy implementation, consolidation and maximum uptime – Static IP, DynDNS, PPPoE, DHCP (server, client, relay) – NAT: Static, Dynamic, 1:1, IPSec NAT Traversal, Policy-based NAT, Virtual IP – Static and Dynamic Routing (BGP, OSPF, RIP v1/v2) – QoS: 8 priority queues, diffserv, modified strict queueing – VLAN: bridging, tagging, routed – High Availability, active/active (FireCluster) and active/passive – Port independence – WAN failover – Load balancing – Transparent mode and drop-in mode. Fireware XTM Pro •Fireware XTM Pro includes advanced networking features •Fireware XTM Pro comes standard on XTM 23, XTM 8 Series and XTM 1050 •An upgrade from Fireware XTM to Fireware XTM Pro is available for other XTM 2 Series and XTM 5 Series models. WatchGuard System Manager No hidden charges – rich management experience out-of-the-box or advanced multi-box management features for just a little more. – Rich reporting out of the box – Interactive realtime management – Log, report, quarantine, WebBlocker and management servers with self-health monitoring. – Alarms and Notifications: SNMP, email, system alerts – Role-based Access Control – Web-based report services – Drag-and-drop VPN creation saves hours Top Client and Per-Client Reports WatchGuard Servers WatchGuard Security Subscriptions WatchGuard Gateway AntiVirus • What it is: – Blocks Viruses, Worms, Trojans, Spyware, Adware • Inbound and outbound coverage • HTTP, HTTPS, FTP, SMTP, POP3, TCP-UDP – Signatures and Behavioral Techniques • Static and dynamic heuristics (code emulation) • Value – Complements server and desktop solutions – Stop malware before it gets to the corporate network – Prevents corruption and loss of data AntiVirus Features • Signature updates checked every hour • Full compressed file support – ZIP, RAR, TAR, GZIP, ARC, CAB etc. – Multiple levels • WatchGuard System Manager and Web UI configuration – Status Dashboard spamBlocker •Securely, Simply, Detecting Mass Outbreaks in Real-time •How it works: – Detects the repetitive component of each outbreak – Uniquely identifies the DNA of each outbreak – Compares incoming messages with spam DNA in real-time Analyzing Internet Traffic Classification DNA Real time detection center 43 Query RPD™ (Recurrent Pattern Detection) Patent Pending Technology Why WatchGuard spamBlocker • What it is: – Unique, real time spam blocking service for Firebox X and XTM appliances – Partnered with Commtouch, an industry leader in spam prevention and mitigation • Value: – Distinguishes legitimate communication from spam attacks, blocking 98% of unwanted e-mails – Processing is done off the Fireware appliance so there is minimal impact to other network traffic processing – Cost effective solution – no need for per user licensing or separate hardware/appliance spamBlocker features • Simple to setup • WatchGuard System Manager • Web UI • Flexible enough to handle spam in several different ways • Different Categories for mail • Confirmed Spam • Bulk • Suspect Virus Outbreak Detection • Another layer of virus prevention – Uses RPD technology to detect email-borne malware outbreaks – Included with spamBlocker - Complements Gateway AntiVirus – New patterns are detected and added to the database in realtime Several options for Detected viruses WebBlocker How it works Real People around the globe Researching the latest internet scams, spyware, and malicious sites + Tracking URL/IP changes, new site content, and retired sites Block new scams and threats Daily Incremental Updates Artificial Intelligence + Fast and scheduled using minimal bandwidth = Within hours Global URL database - English, German, Spanish, French, Italian, Dutch, Japanese, Traditional Chinese, and Simplified Chinese sites 24 x 7 x 365 worldwide Internet scanning with people and automation Reduces malicious Web content entering the network through 30 million blocked URLs and Reduces unproductive Web surfing and potential liability Blocks access to IM/P2P download sites, WebMail and over 9,000+ spyware sites 47 Why WatchGuard WebBlocker • What it is: – URL filtering with 54 categories – Incremental updates to increase productivity and ensure the latest URL filtering protection – Configurable Exceptions (Whitelist / Blacklist) – Reports of web access, attempted policy violations, and Internet usage • Value: – – – – Increase employee productivity and limit liability Flexibility to block the specific site categories you require Increased legal and regulatory protection Pricing based on “Per Box” vs. “Per Seat” WebBlocker – Local Override User must type the password to get access to the destination 49 Intrusion Prevention Service • What is it: – Signature protection against known vulnerabilities – Signatures updated on regular basis • Value: – Protects against SQL injection, cross-site scripting (XSS), buffer overflows, remote file inclusions, worms – Protects against spyware – Prevents attackers from running system code, crashing, or assuming control of systems behind Firebox or XTM appliance IPS Features • Specify action to take when signature matches • Optional spyware signatures • Option to scan http headers only to improve performance • Signatures can be added to exclusion list LiveSecurity® for XTM Series Standard Plus Gold XTM 1050 XTM 8 Series XTM 5 Series Appliance bundles and renewals Security bundles and renewals NEW – single box coverage avail. soon XTM 2 Series Appliance bundles plus renewal SKUs Not offered Not offered 12 x 5* 24 x 7 24 x 7 5 5 No Limit 4 hours 4 hours 1 Hour Hours Incidents per year Target response time Advanced Hardware Replacement Software upgrades and patches LiveSecurity® Alerts and Broadcasts * (6 AM - 6 PM in your local time zone) Purchase Together for Layered Security • Free trials available • Individual Subscriptions • Security Bundle – Best Value – Includes all 5 services – 1, 2, or 3 year bundles or renewals You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series Fireware XTM OS with VPN, Auth, New Proxy-driven DPIThreats? and XTM Services (GAV, IPS, spamBlocker, WebBlocker) WatchGuard XTM 2 Series WatchGuard XTM 5 Series WatchGuard XTM 8 Series LiveSecurity Inexperienced IT Service with 24/7 Staff? Technical Support WatchGuard XTM 1050 Best Price for Shrinking IT Budgets? Performance in the industry! High Availability with FireCluster, and ProductivityVPN Losses? WAN Failover features Fireware XTM Pro Greater Network with advanced Complexity? networking Dedicated appliances tuned More Traffic? for high throughput You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series High Availability with FireCluster, VPN and WAN Failover features Fireware XTM OS with VPN, Auth, Proxy-driven DPI and XTM Services (GAV, IPS, sB, WB) WatchGuard XTM 2 Series WatchGuard XTM 5 Series WatchGuard XTM 8 Series LiveSecurity Service with 24/7 Technical Support WatchGuard XTM 1050 Best Price for Performance in the industry! Fireware XTM Pro with advanced networking Dedicated appliances tuned for high throughput Questions? Thank You! © 2009 WatchGuard Technologies