Gone are the days when attacks to your network were made by malicious hackers out only to prove their prowess. Today, it’s more purposeful, more pointed and even more potentially devastating for businesses. “Hacking has become financially driven, and that requires sophisticated defenses against those threats,” says Mark Stevens, chief strategy officer for WatchGuard Technologies, a Seattle-based provider network security products and services.
In a move to address that new level of sophisticated attacks, WatchGuard today introduced new features to the Unified Threat Management software that drives it Firebox X Core and Firebox X Peak appliances. WatchGuard’s products protect against spyware, spam, viruses, malicious sites and other intrusions through a LiveSecurity Service subscription for vulnerability alerts, software updates and expert instruction.
To offer a real-time defense against constantly evolving threats, WatchGuard’s appliances provide what Stevens describes as “Zero-Day” protection. Part of a proprietary Intelligent Layered Security architecture, “Zero-Day” protection is designed to stop many malicious attacks without signatures.
In order to stop spam before it hits your network, WatchGuard’s spamBlocker is designed to analyze Internet message patterns, not the e-mail message data. Steven said WatchGuard is partnering with Commtouch, a company that, he said, has developed technology build around the fundamental characteristic of spam — mass distribution. Rather than evaluating message content, Commtouch analyzes large volumes of Internet traffic in real time to identify outbreaks as soon as they emerge.
By working with ISPs, Commtouch attempts to distinguish legitimate communication from new spam outbreaks, blocking, WatchGuard claims, more than 97 percent of unwanted e-mails. Equally important, the technology is “nearly 100 percent effective in not generating false positive,” according to Stevens. If you’ve ever had a client’s legitimate e-mail flagged as spam, you know the issues surrounding false positives from spam-blocking services.
WatchGuard also offers a signature-based service designed to identify and block suspicious network activity and malicious code. Its Gateway Anti-Virus/Intrusion Prevention with Spyware Protection is built to guard against threats such as spyware, Trojans, buffer overflows, SQL injections, IM and peer-to-peer usage and policy violations.
|WebBlocker now lets you block up to 40 categories of Web sites. |
Click for larger image.
In addition to blocking spam and inspecting both incoming and outgoing traffic, WatchGuard also now offers expanded URL filtering services. WebBlocker is built to manage employee Internet access to protect against lost productivity, reduced bandwidth usage, exposure to internet scams and malicious code, and legal liability.
Everyday, according to Stevens, WebBlocker updates its database of more than 12 million URL’s and prevents users from accessing inappropriate Web sites — including more than 8,000 sites known to distribute spyware. The 40 categories of Web sites provide more control to block specific types of content. “It’s also granular down to the individual user, group and time of day,” Stevens said.
WatchGuard also introduced a new version of the management software used to configure and manage its Firebox X family of security appliances. WatchGuard System Manager 8.2 now enables centralized management of multi-appliance and multi-customer deployments including multi-box policy and firmware management for Firebox X Edge appliances.
WatchGuard System Manager 8.2 is also designed to ease the configuration process of WatchGuard’s services such as Gateway AV/IPS, spamBlocker and WebBlocker. VPN deployments are simplified through a drag-and-drop VPN capability that works across multiple platforms and versions of WatchGuard appliance software. And, WSM’s centralized logging and reporting enables detailed analysis of appliances to gather insight into security, network and user activities.
The new services will available in November, according to WatchGuard.