Transcript XTM 2 and 5 Series

Securing the Future with WatchGuard XTM
Network Security Solutions
© 2009 WatchGuard Technologies
Meeting Today’s Business Security Needs
© 2009 WatchGuard Technologies
IP Networking Technology is Converging
More clients, more traffic hits the network than ever before!
Internet
VoIP
Mobile
Computing
New Applications
PC Computing
Power
Wireless
LAN
Network Speed is Accelerating
Broadband for Small Business (US)
Comcast: 6 to 50 Mbps
16 Mbps for $99/mo.
Quest: up to 20 Mbps
Verizon: up to 50 Mbps
Threats are Rapidly Evolving!
Bot Client (Trojan) Most Popular Payload
MostCommon
Common“Parent”
“Child” Malware
Most
Malware
Microsoft Security Intelligence Report 2009
Malware Volume Out of Control
x3
x6
???
Malware Delivery More Dynamic/Agile
Between their increased reliance on botnets and the introduction of new
evasion techniques, the servers that deliver malware have become
much more dynamic and agile
Dynamic malware networks supported by bot networks
Fast Flux DNS
Domain Flux
“European cyber-gangs target small US firms”
• Fortune 500 companies are not the only targets
– Attackers use malware planted on corporate computers to
initiate fraudulent wire transfers
– Cyber criminals stole $750,000 from a small school district
near Pittsburgh
– Unique Industrial Product Co., a plumbing equipment supply
company in Texas, lost $1.2 million
– JM Test, an electronics calibration co., lost over $90,000
Businesses are More Accountable Than Ever!
• Regulations get tough on irresponsible handling of
Personally Identifiable Information (PII).
– Hefty fines for non-disclosure
– Legal fees
• Businesses can’t operate without adequate network
security.
– PCI-DSS: comply or lose ability to process credit card
transactions
– HIPAA: comply or lose license.
• Direct losses can be massive.
Within This Environment, You Need the
Best Solution!
Competing Solutions
Your Solution with WatchGuard
“We’re extremely satisfied
with the WatchGuard
products…switching to a
single provider has made
our internal IT
department’s work
considerably easier.´
Martin Korn, Head of IT &
Central Service, Novoferm
GmbH
WatchGuard is Bringing New Solutions…
Nov-09
Oct-09
Sept-09
XTM 1050
Sept-09
Fireware
XTM 11
May-09
SSL 100
XTM 8 Series
XCS Messaging
Security
Featuring XTM Series Network Security
Appliances
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
WatchGuard
XTM 1050
The Best Protection…
Proactively blocks viruses, worms,
spyware, trojans, and blended threats
Out of the box
Over 600,000 appliances shipped
since 1996
14
At the Best Value!
MSRP, 1yr Security Bundle vs. UTM Throughput
1,800
1,600
NSA E6500
1,400
XTM 1050
XTM 830
1,200
XTM 820
1,000
SonicWall
800
XTM 530
600
XTM 810
NSA E5500
Fortinet
Juniper
WG XTM line
XTM 520
NSA 4500
400
XTM 510
XTM 505
NSA 3500
NSA 2400
TZ210NSA 240
SRX
210
FG
80C
XTM
TZ200
XTM
2223
TZ100
FG
50B
XTM
21
200
0
$-
$5,000
$10,000
250
160
150
70
100
$15,000
200
120
$20,000
$25,000
$30,000
$35,000
From a Leader in the Industry
Gartner Magic Quadrant
SMB Multifunction Firewalls
WatchGuard XTM Products
© 2009 WatchGuard Technologies
XTM Series Target Markets
Remote Site
XTM 2 Series
XTM 5
Series
XTM 8
Series
1050
Small Org.
Main Office
Midsize Org.
Data Center
• Retail, Healthcare
• Education, Finance
• Retail, Healthcare
• Education Finance
• Retail, Healthcare
Enterprise/MSSP • Education, Finance
WatchGuard XTM 1050 Solution
 10 Gbps Firewall
Throughput
 2 Gbps VPN
Throughtput
 XTM Security
Platform
 Powerful, Flexible
Management Tools
 Optional Fiber Module
 Dual hot swap power
supplies and fans
 Affordable EnterpriseGrade Security!
WatchGuard XTM 8 Series Solution
• Up to 5 Gbps Firewall
Throughput
• Up to 1.2 Gbps XTM
Throughtput
• XTM Security Platform
 Best Price for the
Performance!
 Investment Protection
 A natural fit!
XTM 1050 and 8 Series Speed and Power!







Intel Multi-Core Processor
10-12 Copper 1-Gb Interfaces
2 USB, 1 Serial DB9
2 Gb SDRAM Memory
1 GB Flash Memory
1U – 2U Rack Mounts
Complies with NRTL/C, CB, RoHS, WEEE,
REACH
 Security Certifications in progress: ICSA,
FIPS 140-2, EAL4
Reaching New Heights is a Family Affair!
XTM 810
XTM 820
XTM 830
XTM 1050
Firewall Throughput
3 Gbps
4 Gbps
5 Gbps
10 Gbps
XTM Throughput
900 Mbps
1.1 Gbps
1.3 Gbps
>1.4 Gbps
1-Gig Interfaces
10
10
10
12
Concurrent Connections (bidirectional)
500,000
750,000
1,000,000
>1,250,000
BOVPN
1000
2000
6000
7000
MUVPN (IPSec)
600 to 2000
700 to 6000
800 to 8000
15,000
MUVPN (SSL)
1000
4000
6000
15,000
VLANs
200
300
400
500
Management with
Logging/Reporting
WatchGuard
System Manager
WatchGuard
System Manager
WatchGuard
System Manager
WatchGuard
System
Manager
Model Upgrade
Yes
Yes
No
No
Security Platform
Fireware XTM
Pro
Fireware XTM
Pro
Fireware XTM
Pro
Fireware XTM
Pro
WatchGuard XTM 5 Series Solution
• Uncompromised performance with 2.3 Gb/s Firewall and
800 Mb/s XTM.
• 7 Ethernet ports including 6 GbE
• 4 models from which to choose the best fit.
• Runs Fireware XTM 11.2.1 or higher
• Managed with WSM 11.2.1 or higher
• Market leading value!
Not All Mid-Size Companies are the Same!
XTM 505*
XTM 510
XTM 520
XTM 530
Firewall Throughput
850 Mb/s
1.4 Gb/s
1.9 Gb/s
2.3 Gb/s
XTM Throughput
275 Mb/s
400 Mb/s
600 Mb/s
800 Mb/s
Concurrent Connections
(bi-directional)
40,000
50,000
100,000
350,000
BOVPN
65
75
200
600
MUVPN (IPSec)
5/75
25/100
50/300
400/1000
MUVPN (SSL)
1/65
1/75
1/300
1/600
Local User Database Max.
500
500
1000
2500
Management with
Logging/Reporting
WSM 11.2.1
WSM 11.2.1
WSM 11.2.1
WSM 11.2.1
Model Upgrade
Yes
Yes
Yes
No
Security Platform
Fireware XTM
11.2.1
Fireware XTM
11.2.1
Fireware XTM
11.2.1
Fireware XTM
11.2.1
*XTM 505 is sold with bundled UTM only
Leading Value for Rack Mount Appliances!
UTM Throughput (Mbps) vs 1-year UTM Advertised Price
(USD)
2500
2000
Astaro
1500
Cisco
Fortinet
Juniper
1000
SonicWall
WatchGuard
XTM 530
XTM 520
NSA 4500
500
XTM 510
XTM 505
0
$1,500
$2,500
$3,500
$4,500
$5,500
$6,500
$7,500
$8,500
$9,500
5 Series Package Contents
•
•
•
•
•
•
•
•
•
1 XTM appliance
1 rack mount kit
2 ethernet cables
1 management cable (RJ-45)
1 power cord
Getting Started Guide
Hardware warranty card
LiveSecurity Service activation card
4 rubber pads for the bottom of the device.
WatchGuard XTM 2 Series Solution
• Powerful tabletop appliance with XTM security – perfect
for small business.
• 6 Ethernet ports total including 3 GbE
• Wireless-N dual-band (802.11 a/b/g/n)
• Performance to max out your pipe – up to 190 Mb/s
firewall and 40 Mb/s XTM.
• Rich networking and management features!
The Network Edge has Range!
XTM 21
XTM 22
XTM 23
Firewall Throughput
110 Mb/s
150 Mb/s
190 Mb/s
XTM Throughput
18 Mb/s
30 Mb/s
40 Mb/s
VPN Throughput
35 Mb/s
55 Mb/s
55 Mb/s
Concurrent Connections
(bi-directional)
10,000
20,000
30,000
MUVPN (IPSec)
1/11
5/25
5/55
MUVPN (SSL)
1/11
1/25
55/55
Wireless
802.11 a/b/g/n
(XTM 21-W)
3G Extend Accessory
802.11 a/b/g/n
802.11 a/b/g/n
(XTM 22-W)
(XTM 23-W)
3G Extend Accessory 3G Extend Accessory
Management with
Logging/Reporting
WSM 11.2.1
WSM 11.2.1
WSM 11.2.1
Model Upgrade
Yes
Yes
No
Security Platform
Fireware XTM 11.2.x
Fireware XTM 11.2.x
Fireware XTM Pro
11.2.x
A WatchGuard XTM Product for Everyone!
Throughput
in Mb/s
10,000
9,000
8,000
7,000
6,000
Firewall
5,000
4,000
3,000
2,000
1,000
XTM 21
XTM 22
XTM 23 XTM 505 XTM 510 XTM 520 XTM 530 XTM 810 XTM 820 XTM 830
XTM
1050
WorldWide Certifications for All XTM Series
EMC/Safety
Hazardous Waste
• FCC, NRTL/C (US)
• ICES (CAN)
• DoC, CB (EU)
• KTL (Korea)
• 2 Series Wireless
• RoHS
• WEEE
• REACH
Security
(pending)
Import/Export
• ICSA, VPN & Firewall
• FIPS 140-2
• Common Criteria,
EAL4+
• NOM (Mex)
• IRAM (Argentina)
• ECCN (US)
• CCC (China)
WatchGuard XTM Software and Services
© 2009 WatchGuard Technologies
WatchGuard XTM Ecosystem
is Common to All XTM Series
WatchGuard System Manager
Management
Client
User Interfaces
WebUI
Servers
CLI
XTM Appliance
Fireware XTM OS
Fireware XTM Pro
Fireware XTM OS Security
All in one security for
hassle-free, layered
protection.
–
–
–
–
VPN
Authentication
Stateful Firewall
Deep Packet Inspection
(Proxy Architecture)
– VoIP Security
– Additional Content Security
Keys to WatchGuard Technology
Proxy-based
for inspection
at all OSI
layers
XTM Security
enables
layered
protection in
a single
device
FullFeatured
Management
Hardware
Dedicated,
custom
hardware for
max
performance
and value
Fireware XTM OS Networking
Networking flexibility for easy implementation,
consolidation and maximum uptime
– Static IP, DynDNS, PPPoE, DHCP (server, client, relay)
– NAT: Static, Dynamic, 1:1, IPSec NAT Traversal, Policy-based
NAT, Virtual IP
– Static and Dynamic Routing (BGP, OSPF, RIP v1/v2)
– QoS: 8 priority queues, diffserv, modified strict queueing
– VLAN: bridging, tagging, routed
– High Availability, active/active (FireCluster) and active/passive
– Port independence
– WAN failover
– Load balancing
– Transparent mode and drop-in mode.
Fireware XTM Pro
•Fireware XTM Pro includes advanced networking features
•Fireware XTM Pro comes standard on XTM 23, XTM 8 Series and XTM 1050
•An upgrade from Fireware XTM to Fireware XTM Pro is available for other
XTM 2 Series and XTM 5 Series models.
WatchGuard System Manager
No hidden charges – rich management
experience out-of-the-box or advanced
multi-box management features for just a
little more.
– Rich reporting out of the box
– Interactive realtime management
– Log, report, quarantine, WebBlocker and management servers with
self-health monitoring.
– Alarms and Notifications: SNMP, email,
system alerts
– Role-based Access Control
– Web-based report services
– Drag-and-drop VPN creation saves hours
Top Client and Per-Client Reports
WatchGuard Servers
WatchGuard Security
Subscriptions
WatchGuard Gateway AntiVirus
• What it is:
– Blocks Viruses, Worms, Trojans, Spyware, Adware
• Inbound and outbound coverage
• HTTP, HTTPS, FTP, SMTP, POP3, TCP-UDP
– Signatures and Behavioral Techniques
• Static and dynamic heuristics (code emulation)
• Value
– Complements server and desktop solutions
– Stop malware before it gets to the corporate network
– Prevents corruption and loss of data
AntiVirus Features
• Signature updates
checked every hour
• Full compressed file
support
– ZIP, RAR, TAR, GZIP,
ARC, CAB etc.
– Multiple levels
• WatchGuard System
Manager and Web UI
configuration
– Status Dashboard
spamBlocker
•Securely, Simply, Detecting Mass Outbreaks in Real-time
•How it works:
– Detects the repetitive component of each outbreak
– Uniquely identifies the DNA of each outbreak
– Compares incoming messages with spam DNA in real-time
Analyzing Internet Traffic
Classification
DNA
Real time detection
center
43
Query
RPD™ (Recurrent Pattern Detection) Patent Pending
Technology
Why WatchGuard spamBlocker
• What it is:
– Unique, real time spam blocking service for Firebox X and
XTM appliances
– Partnered with Commtouch, an industry leader in spam
prevention and mitigation
• Value:
– Distinguishes legitimate communication from spam attacks,
blocking 98% of unwanted e-mails
– Processing is done off the Fireware appliance so there is
minimal impact to other network traffic processing
– Cost effective solution – no need for per user licensing or
separate hardware/appliance
spamBlocker features
• Simple to setup
• WatchGuard System
Manager
• Web UI
• Flexible enough to handle
spam in several different
ways
• Different Categories for mail
• Confirmed Spam
• Bulk
• Suspect
Virus Outbreak Detection
• Another layer of virus prevention
– Uses RPD technology to detect email-borne malware outbreaks
– Included with spamBlocker - Complements Gateway AntiVirus
– New patterns are detected and added to the database in realtime
Several options for
Detected viruses
WebBlocker
How it works
Real People around
the globe
Researching
the latest internet
scams, spyware, and
malicious sites
+
Tracking URL/IP
changes, new site
content, and retired
sites
Block new scams and
threats
Daily Incremental
Updates
Artificial Intelligence
+
Fast and scheduled
using minimal
bandwidth
=
Within hours
 Global URL database - English, German, Spanish, French, Italian, Dutch,
Japanese, Traditional Chinese, and Simplified Chinese sites
 24 x 7 x 365 worldwide Internet scanning with people and automation
 Reduces malicious Web content entering the network through 30 million blocked
URLs and Reduces unproductive Web surfing and potential liability
 Blocks access to IM/P2P download sites, WebMail and over 9,000+ spyware sites
47
Why WatchGuard WebBlocker
• What it is:
– URL filtering with 54 categories
– Incremental updates to increase productivity and ensure the
latest URL filtering protection
– Configurable Exceptions (Whitelist / Blacklist)
– Reports of web access, attempted policy violations, and
Internet usage
• Value:
–
–
–
–
Increase employee productivity and limit liability
Flexibility to block the specific site categories you require
Increased legal and regulatory protection
Pricing based on “Per Box” vs. “Per Seat”
WebBlocker – Local Override
User must type the password to get access to the
destination
49
Intrusion Prevention Service
• What is it:
– Signature protection against known vulnerabilities
– Signatures updated on regular basis
• Value:
– Protects against SQL injection, cross-site scripting (XSS),
buffer overflows, remote file inclusions, worms
– Protects against spyware
– Prevents attackers from running system code, crashing, or
assuming control of systems behind Firebox or XTM
appliance
IPS Features
• Specify action to take
when signature
matches
• Optional spyware
signatures
• Option to scan http
headers only to
improve performance
• Signatures can be
added to exclusion list
LiveSecurity® for XTM Series
Standard
Plus
Gold
XTM 1050
XTM 8 Series
XTM 5 Series
Appliance bundles
and renewals
Security
bundles and
renewals
NEW – single
box coverage
avail. soon
XTM 2 Series
Appliance bundles
plus renewal SKUs
Not offered
Not offered
12 x 5*
24 x 7
24 x 7
5
5
No Limit
4 hours
4 hours
1 Hour
Hours
Incidents per year
Target response time
Advanced Hardware
Replacement
Software upgrades and
patches
LiveSecurity® Alerts and
Broadcasts
* (6 AM - 6 PM in your local time zone)
Purchase Together for Layered Security
• Free trials available
• Individual Subscriptions
• Security Bundle
– Best Value
– Includes all 5 services
– 1, 2, or 3 year bundles or renewals
You’re Ready to Answer Tomorrow’s Needs
with WatchGuard XTM Series
Fireware XTM OS with VPN, Auth,
New
Proxy-driven
DPIThreats?
and XTM Services
(GAV, IPS, spamBlocker, WebBlocker)
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
LiveSecurity
Inexperienced
IT
Service
with 24/7
Staff?
Technical
Support
WatchGuard
XTM 1050
Best Price for
Shrinking
IT Budgets?
Performance
in the
industry!
High Availability with
FireCluster,
and
ProductivityVPN
Losses?
WAN Failover features
Fireware XTM Pro
Greater Network
with advanced
Complexity?
networking
Dedicated
appliances
tuned
More Traffic?
for high throughput
You’re Ready to Answer Tomorrow’s Needs
with WatchGuard XTM Series
High Availability with
FireCluster, VPN and
WAN Failover features
Fireware XTM OS with VPN, Auth,
Proxy-driven DPI and XTM Services
(GAV, IPS, sB, WB)
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
LiveSecurity
Service with 24/7
Technical Support
WatchGuard
XTM 1050
Best Price for
Performance in the
industry!
Fireware XTM Pro
with advanced
networking
Dedicated
appliances tuned
for high throughput
Questions?
Thank You!
© 2009 WatchGuard Technologies