Presentation is loading. Please wait.

Presentation is loading. Please wait.

WatchGuard XCS Threat Prevention

Published byChristina James Modified over 5 years ago

Similar presentations

Presentation on theme: "WatchGuard XCS Threat Prevention"— Presentation transcript:

1 WatchGuard XCS Email Threat Prevention
Specifically Designed for Small to Mid-Sized Business

2 Today’s Email Threat Landscape
Today’s security landscape contains many threats to your messaging environment: Inbound threats center on spam and attacks to your network including viruses, malware and network attacks like denial of service Based on WatchGuard’s messaging research lab findings, more than 90% of all is identified as spam. We predict that spam will continue to rise on an annual basis, from 30% growth in 2009 up to nearly 50% growth in 2010, and will become more sophisticated to avoid detection. As the universe of malware is doubling year over year across the internet, the potential dangers of spam to businesses will dramatically. The security landscape has now become even more complex when compounded with web 2.0 and blended threats that use as the invitation to web-based infections. The evolution of spam has also made a dramatic progression, evolving from simple plain text s to sophisticated and malicious social engineering tactics that are all designed to fool systems and deceive even the smartest people. The most alarming trend in spamming tactics is now the utilization of both and web to achieve the desired outcome, in particular for profit-motivated crimes that utilize botnets, spyware, malware and other threats to manage and exploit the infection. By using as the invitation, spammers have the delivery vehicle to locate and attract a victim. With Web 2.0, these criminals now have the mechanism to infect the unsuspecting victim with various destructive codes. These attacks have changed the landscape of spam management from one of productivity and networking issues to one of cyber-terrorism. All it takes is one malicious , one click of an employee’s mouse to place your network and business at risk for security breaches, regulatory violations, theft of confidential information, or an intrusion that turns your network into a source of internet threats.

3 WatchGuard XCS Extensible Content Security
Next-Generation Security Defense-in-depth for messaging security Integrated protection from blended threats Unique and patented Strong security at an affordable price XCS provides comprehensive security with: Defense-in-depth with multiple layers of inspection for malware, spyware, spam, etc. ReputationAuthority: in-the-cloud, best-in-class reputation filtering system Protection from blended threats delivered via Set-it-and-forget-it administration, reporting, and policy management provide total control and visibility of traffic entering your network Strong security at an affordable price – best value

4 Rejected Email Messages
Defense-in-Depth for Security WatchGuard is Unique WatchGuard XCS uses a defense-in-depth process for security of with multiple layers of protection including: First Line of Defense: ReputationAuthority The WatchGuard ReputationAuthority reputation service acts as the first line of defense for messaging security. traffic comes to the network perimeter from the internet. ReputationAuthority inspects all of the traffic (including embedded links) based on DNSBL, volume, content and behavior analysis, looking to block all unwanted traffic at the connection level before it is passed to WatchGuard XCS for further examination. ReputationAuthority eliminates more than 98% of unwanted traffic at the perimeter. Second Line of Defense: Spam Prevention In this layer of defense, XCS validates spam based on the unique messaging patterns of the customer’s environment (e.g. if you are a pharmacy, having the word “Viagra” may not be objectionable or considered spam) and notifying back to ReputationAuthority what has been identified positively as spam, a threat, etc. so that it blocks it and contributes the data to the network to protect from future attacks. Third Line of Defense: Malware Prevention WatchGuard’s third line of defense is its sophisticated malware prevention engine. This is where in-depth scanning is occurring, looking at embedded links and web components to prevent blended threats, malware, spyware, viruses, phishing attacks, etc. Rejected Messages

5 WatchGuard ReputationAuthority
Powerful First Line of Defense Rejects More Than 98% of Unwanted Traffic at the Perimeter Best-in-class Next Generation Reputation Service WatchGuard ReputationAuthority provides a powerful first line of defense in protecting your network from threats. It provides in-the-cloud real-time threat prevention, blocking more than 98% of unwanted traffic at the perimeter before they enter your network. WatchGuard ReputationAuthority is the first next generation reputation system Hybrid In-the-Cloud model Rejects Unwanted and Web Traffic at the perimeter More than 98% Catch Rate 99% Accuracy Rate Unique and Patented WatchGuard ReputationAuthority offers a proactive global threat network that gathers data from deployed systems to identify malicious senders and block threats based on real-time behavior, providing a superior level of threat intelligence to defend your network. ReputationAuthority goes beyond simple sender reputation to provide an all-encompassing view of the real-time behavior of an IP address by cross-referencing and analyzing data across multiple protocols to threat feeds from multiple sources. Unlike older reputation service technologies which act simply as a credit bureau, relying on historical background and DNSBLs, ReputationAuthority combines historical information with patented, adaptive identification techniques including: sender information (who is sending it) volume behavioral analysis of an IP to determine the reputation and risk level aggregates feeds from globally deployed XCS appliances and contributes them to the network to make ReputationAuthority more intelligent in blocking threats And best of all….ReputationAuthority is included with EVERY XCS appliance.

6 The Power of ReputationAuthority
For More Than 95% Rejection of with 99.99% Accuracy Did You Know… More than 90% of is spam is now the delivery vehicle for web-based infections Do the Math… For every 100 s, more than 90 are unwanted; nearly 89 are caught and rejected at the perimeter by WatchGuard ReputationAuthority How much spam can you stop with WatchGuard? Let’s compare the effectiveness of the reputation services as outlined in the previous slide Imagine you have 1M messages entering your network for a given time period.   Other reputation-based services using only DNSBL or a combination of DNSBL and IP volume information would allow upwards of 200,000 messages to enter the network, since they are only 80% effective. A next generation service,  such as WatchGuard ReputationAuthority is up to 98% effective, allowing only 20,000 messages to enter the network. This is a significant improvement in threat protection and cost savings. KEY POINT: THE REMAINING UNWANTED TRAFFIC IS CAUGHT BY WATCHGUARD SPAM PREVENTION (DEFENSE IN DEPTH) BUT the key differentiation of ReputationAuthority  is its powerful 98% catch rate. ReputationAuthority provides significant value to your business and your security by: Eliminates burdens associated with processing resource-intensive, unfiltered traffic, freeing your networks for legitimate traffic. By stopping and eliminating unsolicited spam messages before they reach the network, it helps reduce the size of compliance-mandated archives. Results in decreased processing, bandwidth, storage and backup costs throughout your network.

7 WatchGuard XCS Spam Prevention
Second Line of Defense The second layer of defense of WatchGuard XCS appliances is its highly effective Spam Prevention. The remaining traffic that is not rejected by the ReputationAuthority undergoes deep content inspection at the second layer of defense with the WatchGuard Anti-Spam engine. Content Inspection It is here that further examination of the content, images and sender information of the message traffic occurs. Contextual Analysis The system provides a context-based weighted score on the spam suspect level of the message, with a remarkably low ratio of false positives. Three Layers of Filtering WatchGuard Spam Prevention has three layers of filtering to achieve a catch rate of over 99% with an accuracy rate of %. By examining the content, sender information, and conducting contextual analysis of incoming traffic across multiple protocols, the system assigns a categorized and weighted score that enables you to throttle and tune your spam. Patented Learning Filters The system uses patented learning filters that learns from your messaging environment to better determine what is really spam and what you consider business-critical communications for more intelligent and informed spam prevention and message delivery. Off-Box Quarantine Off-box quarantine is a dedicated temporary storage solution for quarantining spam and suspect s. Pre-determined policies determine the length of time stored, by individual controls, what to quarantine and integration with third party applications and systems. Quarantine is user-controlled to allow individuals to determine spam violations and to free administrators from having to manage individual spam policies, hence further eliminating false-positives. Flexible Spam Management With flexible spam management capabilities and automated filter updates, WatchGuard spam prevention enables XCS to meet security needs without imposing a significant administrative burdens

8 WatchGuard Malware Prevention
Third Line of Defense The XCS third layer of defense is its malware prevention engine. WatchGuard XCS uses a unified approach to prevent viruses and malicious code infections to reduce the costs and complexity of managing multiple virus, spyware and malware engines. Blended Threat Protection: Effective virus and malware protection scans , searching for potentially malicious content being delivered via a blended threat. Automated Handling of Identified Malware: Out-of-the-box and custom defined options determines how identified messages should be handled. Zero-Hour Threat Outbreak Response: During any malware or spam outbreak, there is invariably a period of time between when the outbreak is detected and when the actual update to prevent future attacks is distributed. WatchGuard XCS’s Threat Outbreak Response closes the window of vulnerability that occurs between when an attack first emerges and when the scanning filters are updated for the most rapid response to new malware threats.

9 Set-It-And-Forget-It

10 Ease of Use WatchGuard XCS provides an easy-to-use administrative console. The interface is intuitive and is simple to configure. The system comes with pre-defined policies so you can plug-and-play…OR You have the flexibility to create custom policies specific to your business requirements.

11 Integrated Reporting of Email Traffic
With WatchGuard XCS integrated reporting, you have information at your fingertips. XCS reports provide a snapshot of: system overview and status messages blocked traffic trends mail queue and quarantine information and much more… Customizable reports are available in varying file formats. Easily export or locally save time-, feature-, and group-based reports.

12 High Availability & Zero Lost Messages
Clustering & Queue Replication Geographical Redundancy Centralized Management WatchGuard XCS appliances are designed to ensure continuity of communications. With having become the primary utility of business communications, it is critical to ensure that your system and its security avoids downtimes. You can’t afford lost messages and your can’t move at a snail’s pace. Zero Lost Messages With Patented Queue Replication Technology WatchGuard XCS solves this critical risk with automated and native redundancy to ensure ZERO lost messages. Message Redundancy is a key component for designing a totally redundant solution, ensuring no messages are ever lost or delayed due to a failure of a system which have queued messages that have not been processed or delivered at the time of failure. Clustering and queue replication becomes extremely important when deploying products that rely heavily on multiple delivery queues for processing their messages. On-Demand Clustering You also have the ability to cluster multiple systems together, allowing you to manage the multiple systems acting as one logical unit easily and efficiently. Clustering multiple units together removes a single point of failure and ensures that a network infrastructure is always up and running. When configured in a cluster, all configuration settings and message queues are replicated across the entire cluster. XCS delivers an unbeatable return-on-investment by reducing operational costs and guaranteeing the delivery of business-critical messages and communications. Centralized Management With Geographical Redundancy Geographical redundancy through centralized management allows ease of management of multiple XCS platforms without the need of an external management system. XCS provides the ability to allow Administrators to easily and centrally manage systems that are deployed globally, and to apply a single set of policies across the entire system.

13 The Data Loss Landscape

14 Framing the Problem: Email Is Largest Data Loss Medium
Sensitive information enters and exits company networks every day. As has become the most significant medium for business communications, it has also become the largest violation medium for data loss. Data loss or leakage occurs in every organization either unintentionally or maliciously. All it takes is for a recipient’s address to be misspelled or an incorrect key to be pressed by an employee on a keyboard, and a message containing confidential information ends up in the wrong person’s hands, resulting in leakage of sensitive information. The consequences could be detrimental, including brand erosion, loss of customer confidence, financial repercussions, and public embarrassment if it makes the headlines.

15 Exasperating the Problem: Privacy and Security
Regulations Internal Policies Acceptable Use Intellectual Property This becomes a significant problem and risk as organizations are trying to meet and manage regulatory and internal compliance and control requirements, including: Government & Industry Compliance Regulations: e.g. HIPAA, PCI, GLB, etc. Internal Policies: C-level rules, sensitive and confidential information Acceptable Use: HR policies, sexual harassment and legal violations that can occur in messaging Intellectual Property: Trade secrets, sales reports, financial statements, sales or business plans, etc. As a result, data leakage has now become a critical issue that can only be addressed by comprehensive data loss prevention tools that are used to accelerate business, protect your organization, and ensure privacy. Employee

16 WatchGuard Data Loss Prevention
Deep Inspection & Web Content and context scanning Consolidated Policy Management Single UI Reporting Integrated Remediation Encryption Block or allow Quarantine or reroute Instant-On Data Loss Prevention!!! WatchGuard Data Loss Prevention is integrated into all XCS appliance models to enable you to seamlessly prevent the loss, leakage or exposure of sensitive, restricted and inappropriate content across multiple protocols. Links deep inspection of traffic content with context of the message being sent to assess whether it is in violation of policies. Instant-on remediation is built right into WatchGuard XCS appliances and is used to successfully secure, monitor, record, quarantine, and block data-in-motion over , providing an extensive risk management and policy enforcement boundary. Consolidated policy management provides a single view for managing policies, securing content across , and providing policy violation reporting. Knowledge-based structuring of content allows XCS to dynamically learn from the content passed through the data loss prevention engine to make more accurate decisions, faster for enhanced protection from data leakage. “The true value of content monitoring and filtering lies in helping management to identify and correct faulty business processes and accidental disclosures.” Gartner Research: Content Monitoring and Filtering Helps Find Faulty Business Process, Accidental Disclosures

17 Seamlessly Integrated Process
WatchGuard XCS makes decisions based on content and context: The system uses a seamlessly integrated process for securing content from data loss. Examine: XCS examines the entire content, including message headers, message body, and attachments. Content inspection determines what is being delivered, including files and attachments, and compares it to policies in an effort to discover policy violations. XCS data loss prevention functionality goes one step further by also inspecting the context of the traffic Determine: In this next step, contextual analysis applies intelligence to determine, based on policies, whether the discovered/identified confidential content that has passed through the content inspection engine is allowable. The system inspects who is sending the content and where or whom the content is being sent to, which is vital in determining if the content is a violation or note, and the proper remediation tactic to employ. Without context, a typical data loss prevention system would easily block or quarantine an important communication with the potential to impede business processes. For example, the CFO may be able to send financial statements to the auditor of the company – this communication is allowed. A customer service employee, however, who does not have permissions to send financial statements will have the communication blocked. Deliver: Based on pre-defined policies, the system conducts instant remediation of the message including block, allow, quarantine, blind copy, encrypt, or reroute content. Report: XCS monitors traffic and provides granular reports to demonstrate policy violations for compliance audit requirements, identifying security gaps, and enabling you to make informed security decisions.

18 Remediation With Instant-On Encryption: The WatchGuard Email Encryption Subscription
WatchGuard Encryption technology is an optional subscription, available with all XCS appliance models, for companies that want or require an encryption solution that is tightly integrated with their security. It provides easy-to-use, business-class encryption to securely transmit and receive private and sensitive information. The transparent nature of the WatchGuard Encryption solution lends to its ease of use. Tightly integrated within the WatchGuard XCS appliances, all sent from the organization passes through the XCS data loss prevention engine. The system identifies outgoing messages that meet pre-defined policies for confidentiality and automatically encrypt identified messages which contain sensitive or confidential information with no special action required by the sender. Messages can also be manually set for encryption by typing a simple command in the subject header of a message. The is then processed and encrypted locally, retrieving the session key for the registered envelope service. Encrypted messages are sent as HTML attachments to ordinary messages and are directly delivered to the recipient who can decode and view the encrypted messages using any Web browser. Encrypted messages can be opened with any program and any web browser running on any operating system. The process is quite simple: recipients open an HTML attachment, enter a password and view the secure message. The recipient enters credentials and is verified by the registered envelope service, generating the key to decrypt the .

19 Centralized Policy Management For Data Loss Prevention
Includes pre-defined compliance dictionaries that can be used for privacy and compliance to industry regulations Allows you to set policies by domain, group, or individual users Reduces complexity Ensures consistent application of security policies across

20 Detailed Logging & Reporting of Policy Violations
XCS provides reporting alerts of policy violations for compliance audits, with granular reporting of the violation incident.

21 WatchGuard XCS Strong Email Security at An Affordable Price
WatchGuard XCS provides many advantages to small businesses. Highly Effective Perimeter Security With the most effective next-generation reputation service technology available, your system processes only clean, wanted traffic, blocking threats from ever entering your network. Multi-Layer Approach Our defense-in-depth approach and sophisticated anti-spam and anti-malware engines ensure your security is never compromised. Easy-to-Use You don’t need a PhD in security and administration to use WatchGuard XCS. With its intuitive Web GUI, configuration and management are made simple – all you have to do is set-it-and-forget-it. XCS will do the rest! Instant-On Data Loss Prevention Protect your most business-critical assets with comprehensive content controls and instant remediation based on your policies to safeguard sensitive outgoing information. Always On Security Multiple layers of redundancy so you never lose a message and ensures service levels with infinite scalability. Strong Security at an Affordable Price WatchGuard XCS delivers the best value with the strongest, defense-in-depth security to prevent threats.

22 Thank you. Questions?

Download ppt "WatchGuard XCS Threat Prevention"

Similar presentations

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in e-mails Integrated.

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
The Threat Within September 2004. Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
© 2009 WatchGuard Technologies WatchGuard XCS Extensible Content Security Superior Security with Lowest TCO.

© 2009 WatchGuard Technologies WatchGuard XCS Extensible Content Security Superior Security with Lowest TCO.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.
Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.

Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.

Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.
Norman Email Protection Powerful and flexible Email Protection Gateway.

Norman Protection Powerful and flexible Protection Gateway.
Maintaining a Secure Messaging Environment Across Email, IM, Web and Other Protocols Jim Jessup Regional Manager, Information Risk Management Specialist.

Maintaining a Secure Messaging Environment Across , IM, Web and Other Protocols Jim Jessup Regional Manager, Information Risk Management Specialist.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
© 2009 WatchGuard Technologies WatchGuard Email Encryption Subscription Ensuring Privacy and Compliance of Messages.

© 2009 WatchGuard Technologies WatchGuard Encryption Subscription Ensuring Privacy and Compliance of Messages.

Similar presentations

Ads by Google