Developers: | WatchGuard Technologies Inc. |
Last Release Date: | May, 2012 |
Technology: | Firewall |
Content |
WatchGuard XTM 5 Series
The solutions WatchGuard XTM 5 Series are suitable for medium business numbering users up to 1,500 people. Devices of this line perform a comprehensive protection of corporate networks and confidential information, having at the same time the intuitive interface and simplicity of management.
All solutions WatchGuard of the XTM series provide to VoIP protection that is very important at security of the unified business communications (UC). In particular, using SIP and H.232 Proxy of the solution WatchGuard XTM provide VoIP protection against a set of threats, such as attacks of a type "Failure in service" (Denial Of Service), voice spam (Spam over Internet Telephony, SPIT), theft of voice services (Voice Service Theft), cracking of registration data (Registration hijacking), interception, the attacks of address harvesting (Directory harvesting), a voice phishing (vishing), etc.
WatchGuard XTM 5 Series devices are based on architecture of Intel, offer capacity of the firewall at the level of 2.3 GB / page. Even in case of activation of all available services of security (a lock antivirus, IPS/IDS, web blocking and URL filtering), capacity remains on a high mark — 800 Mbps.
The solutions WatchGuard XTM 5 Series work on the Fireware XTM operating system. Main advantages of devices: support of function of blocking of Skype and other potentially dangerous IM of clients, protection against penetration of the malware disappearing on not authorized web resources and in HTTPS packets and also against the new threats using VoIP or other unified means of communication.
As well as devices XTM 2 Series, XTM 5 Series can function in a failover cluster in the Aktivny-Aktivny mode, and have potential of balancing of loading.
The line of WatchGuard XTM 5 Series is available in four models: XTM 505, XTM 510, XTM 520, XTM 530. All solutions WatchGuard have FSTEC certificates of the Russian Federation on the 3rd class of security.
WatchGuard XTM 2050 (NGFW)
The solution WatchGuard XTM 2050 is developed especially for large enterprises and provides a comprehensive protection of data with the help of advanced functionality of the firewall, service of management of applications (Application Control) and prevention of network attacks (IPS).
The solution WatchGuard XTM 2050 has high processing speed and traffic filtering, allows to operate applications, to create VPN tunnels by Drag & Drop method, client SSL and IPSec VPN of connection. Besides, XTM 2050 gives extensive opportunities for observation of traffic of users in real time, behind network condition and observance of security policies.
Key features and possibilities of XTM 2050:
- Capacity of the firewall of 20 GB / with
- Sixteen gigabit ports and two 10 gigabit SFP+ fiber optic port
- Any of ports can be External, Trusted or DMZ
- Support of "hot" replacement of power supplies, fans, data storage devices and network adapters
- Possibility of creation of a failover cluster in the Active / Passive and Active / Active modes
- Support of WAN and VPN failover
- Possibility of the detailed management of more than 1,800 applications
- Active Directory integration, LDAP, RADIUS
- WatchGuard System Manager allows to receive full control over the device, logging and monitoring
- Possibility of creation of IPSec Site-to-Site and VPN connections
- Possibility of creation of SSL VPN connections
- Enhanced capabilities of security of the VOIP and HTTPS protocols
- Highly effective scanning of all network traffic, QoS and bandwidth control
WatchGuard XTM 8
Now firewalls of new generation are available both to small, and to medium-sized companies. The functionality of WatchGuard of the XTM 8 series is expanded such opportunities as advanced firewalling, management of applications and prevention of network invasions (IPS). With the activated Application Control and IPS services WatchGuard XTM 8 firewalls reach capacity of 1.2 GB / with that provides the highest security level without damage of overall performance.
The WatchGuard Application Control service provides comprehensive detailed control over Web 2.0 applications, such as Facebook, Twitter, LinkedIn and a great number of others. What is important, WatchGuard Application Control allows to protect networks from threats of a new type which are created by malefactors for popular applications effectively.
Besides, WatchGuard firewalls of the XTM 8 series provide the highest level of protection against threats which are hidden in the data streams ciphered under the HTTPS protocol. Using WatchGuard HTTPS Proxy technology administrators can intercept, browse and recover the data streams passing under the HTTPS protocol.
Considering that the predicted growth rate of VoIP is more than 20% a year, today this technology poses a serious threat for corporate networks. With respect thereto the number of DoS of the attacks to VoIP of network and the attacks of a type of "Vishing" increases (Fishing + VoIP). Unlike other firewalls of new generation which will just transform the network addresses to hide VoIP a system, the solutions WatchGuard of the XTM 8 series ensure safety for the SIP and H.323 protocols at the application layer.
One of the main threats for corporate systems are a botnet network. As many of them use the same protocols, as business applications, system administrators face a choice problem: to completely block business applications or to put network at risk of infection. The solutions WatchGuard XTM 8 allow system administrators not to block business applications and at the same time to be sure that the network is reliably protected from the attacks. WatchGuard firewalls not only identify applications, but also work at the level of network ports and protocols.
The high level of security and such opportunities as Multi-WAN failover (use of several external channels from different providers), balancing of loading, a clustering and an opportunity to update younger model in a line of devices to senior, do WatchGuard firewalls of the XTM 8 series by an optimal solution for the companies of any size.
WatchGuard XTMv
Virtual WatchGuard firewalls of the XTMv series are developed for use in the environment of virtualization of VMware and provide advanced tools for protection of applications and data.
Four solutions WatchGuard from the XTMv series will be available in the fourth quarter 2011. These solutions satisfy to requirements of the small and also medium-sized and large companies with the structure distributed by IT. As well as XTM series WatchGuard devices, the virtual solutions XTMv provide the maximum level of protection and support all services of security, including Application Control, Reputation Enabled Defense, service of prevention of network invasions (IPS), a lock antivirus, service of access restriction to Web resources (WebBlocker) and many others.
As several virtual WatchGuard firewalls can work on one VMware vSphere virtualization platform at the same time, solutions of the XTMv series are ideal for providers of services of security (MSSP), hosting providers and the large IT companies.
Besides, the solutions WatchGuard of the XTMv series can scan and manage traffic which passes through virtual IT infrastructure of the company and also through internal networks between virtual machines. Even the small companies which use only one server can start on it the XTMv firewall that will allow to protect IT infrastructure of the company completely.
Originally the solutions WatchGuard of the XTMv series will support the VMware vSphere virtualization platform of versions 4.1 and 5.0.
WatchGuard Fireware XTM 11.5.1
The new software version of Fireware XTM 11.5.1 is available to all solutions of WatchGuard of the series XTM 2, XTM 5, XTM 8 and also XTM 330, XTM 1050 and XTM 2050 devices.
WatchGuard Fireware XTM 11.5.1 gives to users a set of new opportunities and the improved functions.
New opportunities of FirewareXTM 11.5.1:
- The new improved Web system interface of logging and drawing up reports.
- A possibility of registration of time according to the UTC standard and adding of time marks in the magazine of logging that allows to know always in what time record, regardless of the time zone of the XTM device was made;
- Integration of a system of creation of reports into the software of ConnectWise that allows the system administrators working with the software of ConnectWise to automate creation of reports on the basis of the data obtained from XTM series WatchGuard devices.
- The system of creation Mobile VPN IPSEC of connections supports structures of Apple running the Apple iOS operating system. The gateway updated XTM IPSec gives the chance to users using the Apple iPhone, iPad and iPod to create safe connections with the solutions WatchGuard XTM, using for this purpose the client of IPSec who is built in devices of Apple. Besides, the computers working running the Mac OS X Lion operating system can create also protected connections with WatchGuard XTM devices using the client of IPSec which is built in the Mac OS X Lion operating system.
- The system of creation Mobile VPN SSL of connections supports 64-bit versions of the Mac OS operating system.
- Support of routing of IPv6. Now WatchGuard devices of the XTM series can receive addresses IPv6, use IPv6 DNS/WINS servers, create static routes of IPv6 and also support SLAAC.
- The improved support of dynamic routing, including in the FireCluster configuration.
- The advanced SMTP Proxy technology supports possibilities of TLS of enciphering. The WatchGuard SMTP Proxy technology supports possibilities of TLS of enciphering at the user authentication and continuous enciphering of the text of the message.
- Clientless Single Sign-On (SSO) technology. Now for implementation of SSO technology there is no need to install the client software on the user computers.
- Support of FIPS. WatchGuard devices of the XTM series meet all requirements of the standard of security of FIPS 140-2 Level 2.
To all users with an active subscription to LiveSecurity service updating of Fireware XTM to version 11.5.1 is well free. However it is necessary to consider that the new version of the managing software 11.5.1 cannot be installed on WatchGuard devices of the Firebox E-Series series.
WatchGuard Fireware XTM 11.4
The new functionality is based on control and authentication that allows the companies to ensure more effectively safety and to manage access for users in all corporate network. Wireless functionality for firewalls of the XTM 2 series provide big flexibility, functionality and allow to cut down the expenses connected with observance of requirements of PCI DSS.
The Fireware XTM 11.4 operating system of WatchGuard company includes feature set on authentications, including support through terminal services and through Citrix, function of single authentication, support of LDAP of authentication through SSL, authentication of users in diverse environments and also in multidomain structures. With new opportunities of the Fireware XTM operating system 11.4 system administrators receive additional tools for management of the user politicians. It helps to provide the approved protection of all network segments and also to smooth distinctions of the mixed environments, such as PC, Mac and thin clients.
Compliance to the PCI DSS standard requires respect for a large number of requirements, in particular, in the wireless environment. The Fireware XTM 11.4 operating system includes opportunities which will help the companies to reduce costs, to simplify management, to support the high level of security and, respectively, to fulfill the requirements of PCI DSS.
Wireless WatchGuard devices of the XTM 2 series are equipped with function of authentication 802.1X which requires authentication before address enable of the user to a wireless network. For ensuring bigger flexibility of network, the WatchGuard device of the XTM 2 series got support of EAP, EAP-TLS, EAP-TTLS and PEAP technologies. At the same time employees of IT departments had an opportunity to select between WPA Enterprise, WPA2 Enterprise and WPA/WPA2 Enterprise technologies for the best compliance to parameters of the networks.
Wireless WatchGuard devices of the XTM 2 series received new capability on detection of false, fraudulent access points for which detection requirements of PCI DSS order conducting regular checks. As a rule, this condition demands from the companies of acquisition of the additional wireless hardware for search and drawing up reports on similar false devices. Now WatchGuard devices of the XTM 2 series can be used for detection, the notification and creation of reports on fraudulent access points, allowing the companies to save on purchase, management and control of a set of wireless devices for full compliance with requirements of PCI DSS.
The software of Fireware XTM 11.4 from WatchGuard is free for clients with the operating subscription to LiveSecurity service and will be available in the fourth quarter 2010.
In the territory of Russia products of WatchGuard Technologies are sold by Rainbow Security company through network of certified partners.
Fireware XTM 11.4.1
The version of the Fireware XTM 11.4.1 operating system gives to system administrators new opportunities for management and setup of filters for work of users with search systems and also additional functions of Application Control service.
Thanks to a new feature of safe search of WatchGuard Safe Search, system administrators can control settings of filters of search systems of the Internet and thus prevent access for users to the websites containing an inappropriate content. This function works at gateway level, i.e. at inclusion it on the XTM series WatchGuard firewall the administrator determines necessary parameters in the user Web browsers. Function of safe search WatchGuard Safe Search works with the largest search systems, such as Google, Bing, Yahoo and Ask.com. Besides, WatchGuard Safe Search allows to include special "protect mode" for the YouTube.com portal that allows filter and "cut" unwanted video content or comments.
Thanks to new features of the WatchGuard Fireware XTM operating system of version 11.4.1, possibilities of Application Control service are considerably improved and expanded. This service allows system administrators to manage more than 1,800 applications that makes WatchGuard Application Control the leader among solutions of this class. It should be noted that additional functions allow to identify mobile browsers for the Android and iPhone platforms and also to distinguish Web 2.0 of the application and popular social networks, such as Viadeo (France), Tuenti (Spain), Hyves (Holland) and Mixi.jp (Japan).
System administrators will highly appreciate new opportunities of a control interface which simplify accomplishment of standard tasks, allowing to operate at the same time Web 2.0 applications and also to set different security policies for different categories of applications. And at last, the latest version of the Fireware XTM 11.4.1 operating system has the improved functionality for work with the virtual VPN private networks and the SNMP protocol. Thanks to all listed opportunities WatchGuard XTM firewalls became more convenient in use and even more reliably protect corporate networks, applications and data.
Received the solution WatchGuard XTM 505 in May, 2011 the highest mark from the SC Magazine magazine, the authoritative edition on information security. The solution WatchGuard XTM 505 received 5 stars and became the best in all categories of the overview: on functionality, performance, documentation, support, a ratio price/quality and to overall rating. Also experts of SC Magazine called the WatchGuard XTM 505 device "The best purchase". In the overview experts of the SC Magazine magazine estimated WatchGuard XTM 505 as follows: Advantages: Extensive feature set, ease of use, the best ratio "the Price – Quality". Shortcomings: It is not revealed. Conclusion: Well-deserved reward "Best purchase".
Certificate of Common Criteria EAL 4+
WatchGuard Technologies Inc company. announced in May, 2012 obtaining the certificate of Common Criteria EAL 4+ for a new line of the solutions WatchGuard XTM and XCS. The received certificate of Common Criteria EAL 4+ confirms compliance of devices to all requirements to security imposed by the largest government and commercial organizations worldwide. For confirmation of conformity to the Common Criteria standard of the solution WatchGuard passed the most intensive tests. The careful analysis of all functions of devices for confirmation that product characteristics completely correspond to those which were stated by the producer was made. Besides, the made assessment of weaknesses of solutions of WatchGuard did not reveal at them potential vulnerabilities.