Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

WatchGuard Brings Next-Generation Firewall Features to Businesses of All Sizes

Seattle based WatchGuard Technologies, on Monday announced that it has extended its next-generation firewall (NGFW) capabilities, including advanced firewalling, application control, and intrusion prevention system (IPS), to its XTM 8 Series of security appliances, making enterprise-class NGFW features available to businesses that perhaps aren’t big enough to justify the investment in a typical enterprise-class firewall.

Seattle based WatchGuard Technologies, on Monday announced that it has extended its next-generation firewall (NGFW) capabilities, including advanced firewalling, application control, and intrusion prevention system (IPS), to its XTM 8 Series of security appliances, making enterprise-class NGFW features available to businesses that perhaps aren’t big enough to justify the investment in a typical enterprise-class firewall.

Leveraging what WatchGuard calls “defense-in-depth” firewall technology, stateful packet inspection, deep packet inspection and WatchGuard’s proprietary proxy technology has been added to the XTM 8 Series.

IT Security Resource: Justifying IT Security: Managing Risk & Keeping Your Network Secure

With built in application proxies, the WatchGuard XTM 8 Series helps protect against a myriad of blended threats, fragmented and malformed packet attacks, spyware, malware, denial of service and many other types of threats and attacks. With WatchGuard Application Control, businesses can enjoy more control over Web 2.0 applications, such as Facebook, Twitter, LinkedIn and hundreds more. WatchGuard’s Application Control can help control how individual employees use such applications, including nearly 2,000 web 2.0 and social media applications.

The WatchGuard XTM 8 Series also can provide protection against threats embedded in HTTPS data streams with its HTTPS proxy technology that intercepts, scans and rebuilds HTTPS data streams, administrators can audit, report and protect users from receiving dangerous file types. Encrypted SSL sessions typically bypass most security measures provided by many firewalls, intrusion detection systems, and DLP systems, creating a blind spot that most IT organizations have not yet adequately addressed. According to a report from competitor Palo Alto Networks released in May 2011, more than 40% of the 1,042 applications that were identified on enterprise networks in the study, can use SSL or hop ports to increase their availability within corporate networks. This segment of applications will continue to grow as more applications follow Gmail (by default), Twitter, Facebook, and others, who all have enabled SSL either as a standard setting or as a user-selectable option.

VoIP represents a fast growing threat vector in business networks. Because of this, threats such as DoS attacks on VoIP networks, directory harvesting, and “vishing” attacks are rapidly increasing in popularity. The WatchGuard XTM 8 Series provides application-level security for SIP and H.323 protocols, allowing businesses to conceal VoIP systems and simultaneously harden them to repel directory harvesting attacks, input validation hacks (buffer overflows), and other VoIP threats.

With the WatchGuard XTM 8 Series, customers get added protection from botnets, including application inspection as well as port and protocol identification to ensure application traffic is valid and safe, and HTTPS inspection working in tandem with IM and P2P application blocking, which can help protect against bots that use encryption to evade detection.

The XTM 8 Series delivers up to 5Gbps firewall throughput, making it ideal for demanding networks of 1,000 to 5,000 users. With Application Control and IPS enabled, throughput is reduced to 1.2Gbps.

Advertisement. Scroll to continue reading.

Last week WatchGuard announced that it had added SCADA Signatures to its next-generation firewalls and UTMs with Application Control, enabling WatchGuard XTM and legacy e-Series security appliances to provide threat protection for industrial control systems that monitor and control industrial, infrastructure or facility-based networks.

The WatchGuard XTM 8 Series NGFW is available now with pricing starting at $8,499.

IT Security Resource: Justifying IT Security: Managing Risk & Keeping Your Network Secure

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.