Presentation is loading. Please wait.

Presentation is loading. Please wait.

June 12, 2016 WatchGuard SSL 100 & 560.

Published byDebra Crawford Modified over 8 years ago

Similar presentations

Presentation on theme: "June 12, 2016 WatchGuard SSL 100 & 560."— Presentation transcript:

1 June 12, 2016 Martijn.Nielen@WatchGuard.com WatchGuard SSL 100 & 560

2 What is driving the need for SSL VPNs? Globally distributed network Anytime, anywhere access from virtually any device Per user resource and application access Need to do more with fewer resources Consequences of non-compliance Failed audits (PCI-DSS, SOX, HIPAA) Remote vulnerabilities Out-dated technologies Rising operational costs Lack of visibility and reporting Client software support costs Increasing mobile & partner work force New services and applications More and more platforms Explosive growth in network size and technologies

3 What is driving the need for SSL VPNs? Globally distributed network Anytime, anywhere access from virtually any device Per user resource and application access Need to do more with fewer resources Consequences of Non-Compliance Failed audits (PCI-DSS, SOX, HIPAA) Security vulnerabilities Out-dated technologies Rising operational costs Lack of visibility and reporting Client software support costs Increasing mobile & partner work force New services and applications More and more platforms Explosive Growth in Network Size and Technologies Organizations are turning to SSL VPNs to cope with these challenges

4 Introducing WatchGuard SSL  Integrates with and leverages existing authentication systems  Generates software and SMS tokens for two-factor authentication  Allows for user self-enrollment and federated identity Comprehensive authentication options Protection for end-points and infrastructure  Client and clientless access for more flexibility  Publish Web, tunnel and Java-based resources  Now more support for Windows Vista and Windows 7 ready  Endpoint integrity checking of OS, patch level, anti-virus  Endpoint session clean-up including cache cleaning  Tight control over resource access using granular access policies Wide range of access support The WatchGuard SSL appliance is an all-in-one, easy-to-use, fully-featured, value priced secure remote access solution for the small to medium-sized business  Deploys quickly and easily, so it’s on the network in no time  Everything is included. There is no additional software to purchase  No complex integrations – even authentication can be local All-in-one appliance

5 Intro WatchGuard SSL Ease-of-Use Security Flexibility 1.All-in-one appliance 2.Local Authentication 3.Enhanced logging 1.All-in-one appliance 2.Local Authentication 3.Enhanced logging 1.Java Clients 2.Bi-directional tunneling 3.Deployment & Configuration 1.Java Clients 2.Bi-directional tunneling 3.Deployment & Configuration 1.Auto-loading client 2.End-point integrity checking 3.More access client support 1.Auto-loading client 2.End-point integrity checking 3.More access client support

6 All-in-One Appliance The challenge Organizations want an SSL VPN product that is as simple as possible to install, set-up and integrate with their existing systems. They want a small learning curve WatchGuard SSL is delivered as an all-in-one SSL VPN appliance. Simply take it out of the box, plug it in, configure an IP address and it’s ready to run. No additional software components to install and configure WatchGuard solution Ease- of-Use Administration Service (GUI) Authentication Service (WG Auth types) Access Point Service (Former Appliance) Policy Service (Rules Checking)

7 Authentication The challenge Organizations want an SSL VPN product that is easy to integrate into their IT infrastructure. They many want to integrate with other authentication systems or operate in stand-alone mode WatchGuard SSL has an onboard LDAP server for out-of-the-box “local authentication.” This requires no integration with a third-party product such as Microsoft Active Directory WatchGuard solution Ease- of-Use WatchGuard Local Authentication WatchGuard Two-factor Authentication Third-party Authentication LDAP Two-factor RADIUS Other

8 Advanced Authentication Modes Local Authentication (no need for external Directory Service) Directory Services ( Microsoft Active Directory, OpenLDAP, Sun Java System Directory Server, Novell eDirectory, IBM Tivoli, RACF ID) Radius Certificates (PKI – X.509) RSA SecurID / SafeWord / Vasco, etc. Integrated 2-Factor Solution MobileID (software Token) and MobileText (SMS Token)

9 Mobile ID / Mobile Text Two-Factor Solution included with WatchGuard SSL for computers or smart phones Mobile ID, Software Token (Java Application) running on Windows / Linux or any Java platform Challenge / Synchronized Modes Mobile Text, SMS Token, OTP are sent through an SMS channel to the users No software required Providers are offering SMS channel to be used over the Internet (no need for specific hardware for sending the SMS)

10 Mobile ID (Software Token) Internet User logs in using his username Appliance sends back the challenge User enters the challenge in Mobile ID software and gets the OTP User enters the OTP and has access User enters his Pin Code in Mobile ID software

11 Add User and Local Authentication

12

13

14

15

16 Authentication

17 Add User and Local Authentication

18

19 Java Clients The challenge Organizations want to promote productivity by securely delivering remote users any applications or tools they may need in order to accomplish their jobs WatchGuard SSL has the ability to deliver non-native applications, such as SSH and RDP to a remote users desktop WatchGuard solution Flexibility SSH RDP

20 Add Java Clients and Connect

21

22

23

24 Add Java Client and Connect

25

26

27

28 Bi-directional Tunneling Support The challenge Organizations want to reduce support costs and make supporting remote users as easy as possible WatchGuard SSL has the ability to initiate connections to remote devices from your helpdesk. Administrators can take control of and diagnose remote user issues quickly and easily WatchGuard solution Flexibility

29 Deployment & Configuration Options The challenge Organizations possess varying access and security requirements, as well as different network topologies. SSL VPN solutions must fit into their environments and enables their businesses WatchGuard SSL deployment and configuration can range from simple to sophisticated. Start with an auto-loading client and full network access or exercise more control and publish Web and non- native applications to the desktop WatchGuard solution Flexibility SimpleComplex

30 End-point Integrity Checking The challenge Organizations want to eliminate the spread of viruses and ensure that only healthy, policy compliant devices gain remote access to sensitive network resources WatchGuard SSL has all-new end- point integrity checking functionality. You can easily create and enforce policies to ensure connecting devices have personal firewalls turned on and anti-virus software running WatchGuard solution Security

31 End Point Security Checking Integrated Firewall Client Application Validation Protection Scans : Processes Files and directory Windows Domain & User Information Registry Keys Anti-Virus Checking, Personal Firewall, Patch level of the system Session clean up removes all traces of access from the endpoint (cache, downloaded files, cookies, URLs, etc.)

32 Add End-point Check

33

34

35

36

37

38 New End-point Integrity Checking The challenge Organizations want to eliminate the spread of viruses and ensure that only healthy, policy compliant devices gain remote access, but maintaining productivity is paramount WatchGuard v 3.1 delivers flexibility to check for “any” anti- virus, as well as warn users when they fall out of compliance, while still allow them to access networks and resources WatchGuard solution Security

39 Security — New “Any” AntiVirus Check New assessment rule to check for the existence of any type of AntiVirus 39 WatchGuard Training

40 Security — New option for failed assessment You can now warn the end user that assessment failed and grant access 40 WatchGuard Training

41 Auto-loading Access Client The challenge Organizations want SSL VPNs to act like the IPSec VPN they are replacing. The want users to click an icon, authenticate and have access to everything WatchGuard SSL offers a Web- based access client that automatically loads after successful authentication. This is the easiest path to simply, secure access to all network resources WatchGuard solution Security

42 Enhanced Access Client Support The challenge Organizations want to provide secure, remote access to as many authorized users as possible. Supporting the latest Microsoft Windows operating systems is required WatchGuard SSL 3.0 added support for Windows Vista, as well as 32-bit and 64-bit support, so organizations can provide secure connectivity to more platforms WatchGuard solution Security

43 Streamlined Resource Configuration The challenge Organizations want intuitive management interfaces, so that creating access to computing resources is fast and simple WatchGuard SSL v 3.1 introduces a more simplified way to view, add, remove and manage Web and tunnel based resources WatchGuard solution Ease- of-Use

44 Centralized Access Rule Management The challenge Many security vulnerabilities are introduced through misconfiguration. Organizations want security controls that are easy to configure and visible WatchGuard SSL v 3.1 introduces centralized access rule management. No more nesting, no hiding. Simply and easily add and assign access rules to resources from a single location WatchGuard solution Ease- of-Use

45 Centralized SSO Management The challenge The beauty of SSL VPN is taking advantage of single sign on to eliminate multiple logins and creating a seamless user experience. Administration of SSO should be exactly the same WatchGuard SSL v 3.1 introduces centralized creation, assignment and management of SSO domains. Create an SSO domain once and take advantage of it across multiple resources WatchGuard solution Ease- of-Use

46 Access to More Applications The challenge Organizations want to promote productivity by securely delivering remote users any applications or tools they may need in order to accomplish their jobs WatchGuard SSL v 3.1 delivers access to additional applications and introduces configuration wizards for quick and easy setup WatchGuard solution Citrix XenApp OWA 2010 Security Microsoft ActiveSync Full Tunnel

47 Self Service User can use the Self Service to deal with Forgotten Password / Forgotten Username without interaction of the administrator Used with External Directory Services Users can use Self Service for Auto Activation (User creation) Opss… what’s my password again…

48 Enhanced Logging The challenge Organizations want comprehensive logging and reporting capabilities for better visibility into their IT infrastructure WatchGuard SSL offers logging management so organizations can capture the information they need about running infrastructure to improve management and speed troubleshooting WatchGuard solution Ease- of-Use

49 Reports Ease- of-Use Abolishment / Assessment / Access / Authentication / Authorization / Account statistics / System Reports User Activity Application Usage Access, Authentications and Authorizations System Statistics

50 Delegated Management Role Based Management Resource Management User Management Super Admin

51 Ease of use — Portal Customization Easier to add your own logo, text 51 WatchGuard Training

52 Ease of use — Portal Customization Customize the application portal Customize the authentication page 52 WatchGuard Training

53 WatchGuard SSL 100 at a Glance  SSL 100 includes 25 users  Licensing per appliance NOT domain  All-features included Providing all the functionality you need at an incredibly valuable price Universal Access  Easy activation follows WatchGuard UTM and XTM products  Plug-and-play appliance – no additional software to install Get your deployment all-and-running quickly with our all- in-one appliance and management tools Ease-of-Use  Auto-loading client with full network access tunnel  Local and third-party authentication support  Web and Java client- based resources As simple or as sophisticated a solution as your organization requires Flexibility Value Pricing

54 Introducing SSL 560 The challenge Organizations want an SSL VPN that is simple to install, set-up and integrate with their existing systems. They want to support more than 100 concurrent users WatchGuard SSL 560 delivers the same all-in-one experience offered by SSL 100; however SSL 560 supports up to 500 concurrent users. Simply take it out of the box, configure an IP address, use the configuration wizards and it’s ready to go! WatchGuard solution Ease- of-Use Scalabilit y

55 Benefits Summary Deliver critical applications to users’ desktops – anytime, anywhere and on virtually any device Increased productivity Less to manage – all-in-one appliance, no clients, stronger security and an easy-to-use management interface Lower ownership costs Set granular access policies that match requirements, as well as audit and generate reports for compliance due diligence Compliance assurance LiveSecurity Services provide technical support, end-point security, firmware and software updates, as well as hardware replacement Maximizes investment

56 Product Accolades

57

Download ppt "June 12, 2016 WatchGuard SSL 100 & 560."

Similar presentations

automated single login access to Novell storage resources

automated single login access to Novell storage resources
McAfee One Time Password

McAfee One Time Password
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively.

© 2011 All rights reserved to Ceedo. Ceedo - Flexible Computing Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.

© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
EToken TMS 5.0 CA June 09. eToken TMS 5.0 Agenda  The challenge: Authenticator life-cycle management  eToken TMS (Token Management System)  eToken.

EToken TMS 5.0 CA June 09. eToken TMS 5.0 Agenda  The challenge: Authenticator life-cycle management  eToken TMS (Token Management System)  eToken.
What’s New in WatchGuard SSL v3.1. WatchGuard Training 2 Ease-of-Use Security Scalability 1.Streamlined resource configuration 2.Centralized access rules.

What’s New in WatchGuard SSL v3.1. WatchGuard Training 2 Ease-of-Use Security Scalability 1.Streamlined resource configuration 2.Centralized access rules.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.

Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Clinic Security and Policy Enforcement in Windows Server 2008.

Clinic Security and Policy Enforcement in Windows Server 2008.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.

Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.

Similar presentations

Ads by Google