Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

WatchGuard Network Security Solutions

A Guide to Enterprise-Level Network Security Solutions
By

WatchGuard is interesting, because the company's view of the NGFW vs UTM debate unlike many other vendors. For WatchGuard, UTM is the top of the pyramid while an NFGW is only a limited feature version of a UTM. Both of these solutions are based on the ability of an appliance to run a number of potential software modules, each offering a specific NGFW/UTM functionality. These software modules include:

  • Packet Filtering (layer 4 and layer 7) -- This module includes all common methods of packet filtering from the good old layer 4 access list type of filtering to the newer, deep packet inspection layer 7 techniques. This module also includes VPN support for branch offices and mobile users.
  • APT Blocker -- The Advanced, Persistent, Threat (APT) Blocker is intended to stop malware and zero-day threats that are trying to invade an organization's network.
  • Intrusion Prevention Service (IPS) -- As with the other IPS offers, the IPS module is intended to detect and in real time mitigate intrusions coming into a network. This includes a large signature data base that monitors for spyware, SQL injections, cross-site scripting (XSS), and buffer overflows.
  • Application Control -- All an organization needs to control application behavior on a network through policy. The policy can be as tight or loose depending on the needs of a specific organization.
  • WebBlocker -- As the name suggests this module controls access to the good and bad places that are reachable on the web, preventing users from gaining access to sites that have evil intentions.
  • Gateway Antivirus -- This provides a virus scanner that uses both an extensive signature database (updated through subscription) and a heuristic analysis engine.
  • spamBlocker -- Provides a spam scanning engine that works in concert with WatchGuard's cloud-based technology to prevent spam from gaining access to the email servers (and clients).
  • Reputation Enable Device -- Cloud-based reputation service that controls user's ability to get main access to web malicious sites. Works in concert with the WebBlocker module.
  • Data Loss Prevention (DLP) -- Watches for accidental and intentional breaches of private/sensitive data through an organizational policy. Provides a library of over 200 rules to protect organization data and has the ability to parse over 30 different file formats including Microsoft Office formats and PDFs.

Which specific modules are included with an appliance depends on the specific appliance purchased and the SKU. The update of certain cloud-based elements of the modules are offered through WatchGuard LiveSecurity subscriptions, some amount of subscription is included with the purchase of appliances (again dependent on the specific SKU) and extensions can be purchased after this time for individual or bundles of modules.

WatchGuard also includes an interactive monitoring and reporting solution with its WatchGuard Dimension cloud (private or public) solution that offers a "single pane of glass" view of the deployed appliances.

WatchGuard's lower offering, the XTM 2 Series,includes the following specifications:

WatchGuard XTM 2 Series Appliances
Firewall ThroughputUp to 540 Mbps
Concurrent SessionsUp to 30,000 (Bi-Directional Connections)
IPSec VPN ThroughputUp to 60 Mbps (Combined with SSL)
SSL VPN ThroughputUp to 60 Mbps (Combined with IPSec)
IPS ThroughputUp to 226 Mbps
Interfaces5x Gigabit Ethernet – LAN (Copper)802.11b/g/n – Optional
Form FactorDesktop

Their higher-level device covered in this article is the XTM 3 which has the following specifications:

WatchGuard XTM 3 Series Appliances
Firewall Throughput1.4 Gbps
Concurrent SessionsUp to 40,000 (Bi-Directional Connections)
IPSec VPN ThroughputUp to 240 Mbps (Combined with SSL)
SSL VPN ThroughputUp to 240 Mbps (Combined with IPSec)
IPS ThroughputUp to 640 Mbps
Interfaces7x Gigabit Ethernet (Copper) (Base)
802.11b/g/n – Optional (XTM 33-W Only)
Form FactorDesktop, 1U (XTM 330 Only)