| Developers: | WatchGuard Technologies Inc. |
| Date of the premiere of the system: | 2014/10/06 |
| Last Release Date: | 2015/01/28 |
| Technology: | IB - Anti-virus, IB - Anti-spam, IB - Firewalls |
Content |
WatchGuard Firebox M440 is a solution that allows you to easily apply the right security policies in the right network segment and all this without building complex configurations.
WatchGuard Firebox M440
WatchGuard Firebox M440
Device:
- comes with twenty-five 1Gb Ethernet ports and two (fiber-optic) ports of 10 Gb SFP +
- eight ports provide food through Ethernet (PoE) which is ideal for points of access of WatchGuard Access Points
- New WatchGuard DimensionTM functionality, available with all Firebox M440 devices, provides an excellent view of traffic in each segment
Advantages
Safety
- Application-level content analysis allows you to recognize and block threats that cannot be detected by the Firewall (ME) while remembering the state of packets.
- Wide-band protection is provided by the presence of proxy filters of the following protocols: HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323.
- The security subscription suite increases the reliability of threat prevention in the most critical areas.
- Enabling verification of encrypted traffic, which is now received without any control.
- Integrated SSL VPN provides easy access to the network from anywhere and anytime.
- The mechanism for blocking websites with malicious content also allows you to block sites such as Vkontakte, Odnoklassniki, Facebook and other social network sites.
- The Application Control security service allows you to increase system reliability and gain full control over user applications.
- A Web 2.0 application management system, such as Skype, ICQ, etc., allows these applications to exchange instant messages, but prevents the use of these applications for file transfer.
Efficiency
- A firewall with up to 6.7 GB/s bandwidth, up to 3.2 GB/s VPN tunnels.
At the same time, with all included security services (XTM), the throughput reaches a serious indicator - 1.6 Gb/s.
- 25 gigabit Ethernet ports support high-speed network infrastructure and gigabit WAN connections (8 of which have PoE), plus two (fiber-optical) ports of 10 Gb SFP +.
- Two types of failover cluster (Asset/Liability and Asset/Load Balancing) guarantee maximum uptime.
- The scripted CLI simplifies integration into the existing infrastructure.
- Online real-time monitoring and reporting.
- A flexible and convenient, intuitive management interface is a powerful tool for managing all security services from a single console.
- Role-based access control (RBAC) allows an administrator to create specialized roles to differentiate access rights to a device.
- Set up office-to-office VPN connections using drag-and-drop - three mouse clicks and the remote office is connected.
Flexibility
- Improves IP voice security (VoIP).
- Switching redundant WAN and VPN links in the event of a failure improves performance, fault tolerance, and reliability.
- Different VPN protocols promote flexibility in remote access.
- Any of the 25 ports can be configured on an internal, external, or optional (DMZ) zone to maximize the use of network resources.
- Advanced network features - Transparent bridge mode and VPN channel broadcast allow you to increase network security without having to change your existing infrastructure.
Scalability
- You can add additional security subscriptions to block spam, control dangerous and illegal web content, prevent network intrusions and block viruses, Trojans, spyware ON , and other malicious applications from entering your local network at the gateway level, block advanced APT threats, and protect your network from data loss (). DLP
| Models of WatchGuard | WatchGuard Firebox M440 | WatchGuard XTM 535 | WatchGuard XTM 545 |
| Подходит для: | Малого и среднего бизнеса | Главные офисы / штаб-квартиры, которые ищут безопасность в решении "все-в-одном", с прицелом на рост и развитие | Главные офисы / штаб-квартиры, требующие производительного решения корпоративного уровня и мощный безопасности с гибким централизованным управлением |
| Пропускная способность | |||
| Пропускная способность МЭ* | 6,7 Гб/с/td> | 3 Гб/с | 3,5 Гб/с |
| Пропускная способность VPN* | 3,2 Гб/с | 550 Мб/с | 750 Мб/с |
| Пропускная способность AV* | 2,2 Гб/с | 1,8 Гб/с | 2 Гб/с |
| Пропускная способность IPS* | 2,2 Гб/с | 2,4 Гб/с | 2,8 Гб/с |
| Производительность при активных сервисах защиты UTM | 1,6 Гб/с | 1,4 Гб/с | 1,7 Гб/с |
| Интерфейсы: | 25: 10/100/1000 (8 with PoE) 2: 10G SFP+ Fiber |
6: 10/100/1000 and 1:10/100 | 6: 10/100/1000 and 1:10/100 |
| Количество одновременных сессий (bi-directional) | 4 000 000 | 100 000 | 350 000 |
| Количество поддерживаемых VLAN | 400 | 300 | 400 |
| VPN Authentication | Да | Да | Да |
| Апгрейд на старшую модель | Нет | Да | Нет |
| VPN тоннели (incl/max) | |||
| Branch Office VPN | 300 | 200 | 600 |
| Mobile VPN with SSL/L2TP (Incl/Max) | 200 | 300 | 600 |
| Mobile VPN with IPSec Client Licenses(Bundled) | 200 | 300 | 1000 |
| Mobile VPN with IPSec Tunnels (Max.) | 200 | 300 | 1000 |
| Функции безопасности | |||
| Межсетевой Экран (МЭ) | State-aware ME, deep application layer analysis, application-level proxy | ||
| Прокси на уровне приложений | HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323 | ||
| Защита от угроз | Zero-day threat protection, spyware blocking, DOS, DDOS attacks, PAD, port scanning, fragmented and unformed packets, mixed threats, and more | ||
| VOIP | H.323. SIP, connection and session security | ||
| Подписки безопасности | LiveSecurity® Service, WebBlocker with HTTPS URL filtering, spamBlocker with Virus Outbreak Detection, Gateway Antivirus, IPS (Intrusion Prevention System), Reputation Enabled Defense, Application Control, APT Blocker, Data Loss Prevention | ||
| Сетевые особенности | |||
| Dynamic NAT | Yes | Yes | Yes |
| Static NAT | Yes | Yes | yes |
| One to One NAT | Yes | Yes | Yes |
| VLAN | 400 | 300 | 400 |
| Policy-Based Routing | Yes | Yes | Yes |
| WAN Failover | Yes | Yes | Yes |
| Multi-WAN Load Balancing | Yes | Yes | Yes |
| Server Load Balancing | Yes | Yes | Yes |
| Traffic Management/QoS | Yes | Yes | Yes |
| High Availability Active/Active or Active/Passive | Yes | Yes | Yes |
| Dynamic Routing | Yes | Yes | Yes |
| VoIP (SIP and H.323) Support | Yes | Yes | Yes |
2022: Commitment to fix vulnerability
The United States Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies and all American organizations to install vulnerability fixes in WatchGuard Firebox and XTM firewalls.
We are talking about the highly dangerous vulnerability of increasing the privileges of the CVE-2022-23176, which was operated by the Sandworm APT group, which is associated with IB experts with Russian special services, and which CISA added to its catalog of actively exploited vulnerabilities by hackers. Sandworm used it to create the sensational Cyclops Blink botnet from network devices WatchGuard for small and home offices, which was recently disabled by US law enforcement agencies.
The Civil Executive Branch Agencies (FCEB) must secure their systems by May 2, 2022. In addition, CISA strongly recommended that all organizations in the United States install patches against CVE-2022-23176.
Cyclops Blink affected 1% of WatchGuard firewalls and Asus routers.
Earlier, US and UK government agencies issued a joint security notice, according to which organizations should consider all devices infected with malware compromised. Administrators must immediately disable online access[1] management interface[2].
2015
WatchGuard Firebox T10-W
On January 28, 2015, WatchGuard Technologies announced the WatchGuard Firebox T10-W.
A complete latest-generation firewall and high-performance router with Wi-Fi functionality allows you to connect all home mobile devices to a secure corporate network.
Front panel WatchGuard Firebox T10-W, 2014
Rear Panel WatchGuard Firebox T10-W, 2014
Like third-party UTM devices, the WatchGuard Firebox T10-W combines a wide range of security features, including firewall, antivirus, and virtual private networks. WatchGuard Firebox T10-W also provides advanced persistent threat blocking and application-level threat awareness. This provides enterprises, organizations, commercial companies, branches of the regional government and local authorities with a high and reliable level of security at an attractive price.
Remote employee connection diagram via WatchGuard Firebox T10-W, 2014
Security managers can use Firebox T10-W as a stand-alone UTM device or as part of a distributed, centrally managed fund to coordinate multiple units.
Advantages
Safety
- Application-level content analysis allows you to recognize and block threats that cannot be detected by the Firewall (ME) while remembering the state of packets.
- Wide-band protection is provided by the presence of proxy filters of the following protocols: HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3, SIP, H.323.
- The security subscription suite increases the reliability of threat prevention in the most critical areas.
- Enabling verification of encrypted traffic, which is now received without any control.
- Integrated SSL VPN provides easy access to the network from anywhere and anytime.
- The mechanism for blocking websites with malicious content also allows you to block sites such as Vkontakte, Odnoklassniki, Facebook and other social network sites.
- A Web 2.0 application management system, such as Skype, ICQ, etc., allows these applications to exchange instant messages, but prevents the use of these applications for file transfer.
Built-in wireless access
- Wireless models include additional 802.11n/a/b/g dual band technology for more flexible wireless networking and range expansion. 2.4 GHz or for a less crowded group at 5 GHz.
- The wireless guest service segments the Internet for customers/guests.
Efficiency
- Online real-time monitoring and reporting, without additional investment, delivers unprecedented visibility into network activity, enabling immediate proactive or corrective action.
- A flexible and easy-to-use, intuitive web-based management interface is a powerful tool for managing all security services.
- Set up office-to-office VPN connections using drag-and-drop - three mouse clicks and the remote office is connected.
Flexibility
- Increasing the security of voice over IP (VoIP), which other devices do not guarantee, means that you do not need to "pull wires around the firewall" to benefit from the use of VoIP.
- Different VPN protocols promote flexibility in remote access.
Susceptibility
- The network is protected by a multi-level integrated security system.
- Mobile users maintain their productivity through secure remote connectivity (with connected APs WatchGuard the AP 100, AP 102, or AP 200.
- An intuitive, centralized console provides more efficient and complete control.
- Security and reporting functions support compliance with industry and regulatory standards.
Notes
- ↑ [https://www.securitylab.ru/news/531103.php to the CISA
- ↑ and require U.S. agencies to fix the vulnerability in WatchGuard Firebox]
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |