WatchGuard® Network Security Products at a glance

5. Inspect HTTPS traffic—while safeguarding privacy:
of security technology to complement WatchGuard’s award-
An increasing proportion of Internet traffic runs over encrypted
winning foundation. This “all-star lineup” outpaces firewalls from
HTTPS channels. Though the “S” on the end of HTTPS stands for
other vendors who rely only on in-house technology rather than
“secure,” the encryption of these transactions renders the traffic
acknowledged best-in-class capabilities for specialized functions.
Since 1996, WatchGuard Technologies has provided over one-half
invisible to traditional firewalls. Full inbound and outbound HTTPS
At the same time, the deep integration of these functions and an
inspection in WatchGuard solutions closes the loophole that other
intuitive user interface streamline the creation and monitoring of
million network security appliances to hundreds of thousands of
security products leave wide open. URL filtering, AV scanning,
the holistic security policy, giving customers best-in-class security
and a host of other security functions carried out on HTTPS traffic,
while eliminating the complexity and cost of managing disparate
individual features of those products have evolved and grown
identify and stop threats before they can affect your business.
point solutions.
tremendously over that time, the underlying WatchGuard philosophy
9. Connect Your People Securely:
has remained the same: to deliver strong security that is easy to
Virtual Private Networking (VPN) is ultimately about securely
manage and monitor, at an excellent price. WatchGuard’s family of all-in-one solutions delivers enterprise-grade network
Additionally, the data is not exposed to human eyes, so the risk of
an intentional or unintentional privacy violation is eliminated.
The WatchGuard® Story
customers worldwide. While the technologies, performance, and
6. Make Voice over IP Simple and Safe For Your Business:
connecting people to the resources they need. Businesses today
Voice over IP (VoIP) is an extremely useful tool in business
have distributed workforces and need to provide privacy over
today for decreasing telecommunication costs and increasing
public lines. By deploying VPNs businesses can deliver secure,
Internet from a security risk to a business empowerment tool.
productivity. However, it carries inherent risks, because the VoIP
encrypted connectivity for traveling employees, remote offices
1. Complete Security Capabilities Now & into the Future:
and telecommuters that require access to critical corporate
3. Know What is Happening On Your Company’s Network:
protocols are complex and varied in their implementations.
WatchGuard enables organizations to define, enforce, and audit
“Visibility IS security” – and great visibility is one of the most
WatchGuard provides application-layer VoIP security, allowing
network resources. WatchGuard provides a multitude of ways to
a strong security and acceptable use policy, with a range of
important ways to ensure compliance with policies. WatchGuard
businesses to take advantage of VoIP while minimizing exposure
easily and securely create and manage these connections. The
capabilities unmatched in its class. With WatchGuard network
Dimension™ enables a business to gain deep real-time and
and risk to critical systems and data. With a WatchGuard
unique “drag and drop VPN” enables an organization to connect
security solutions, organizations can:
historical insights into the network and user events and activities.
solution, organizations don’t have to “wire around the firewall”
offices almost instantly, without error, even when dynamic IP
to take advantage of the huge cost savings and communication
addresses are in use. Mobile VPN enables road warriors, virtual
capabilities VoIP offers.
employees, collaborators, and any other authorized person to
7. Making the Most of the Network:
As Internet use has increased, so have temptations, distractions,
and security risks online. Organizations require more than a simple
“allow/deny” security policy. WatchGuard includes a rich set of
tools for maximizing the business value of every dollar spent
connect to corporate resources from anywhere, at any time,
■
■
from a variety of devices including laptops, smartphones, and
the popular Apple® iOS devices. You can rest assured that with
■
VPN support your critical corporate network resources are
protected.
on Internet connectivity. Traffic Shaping and QoS tools allow
10. User Friendly:
organizations to define which types of traffic are most important,
WatchGuard recognizes that many small businesses do not have a
and which types are less important or prohibited, ensuring that
dedicated IT security staff. With this recognition comes a dedication
business traffic always wins out over recreational or discretionary
to creating interfaces that take the hard work and guess work out of
traffic. VPN failover, WAN failover, and High Availability features
business security. Task flows are designed for maximum efficiency,
ensure that mission-critical data keeps flowing, even in the event
and interfaces use plain language that enables even security novices
of failure or degradation of equipment or connectivity.
to create, monitor, and audit strong security and acceptable use
8. Best-In-Class Security:
protection for small to midsize businesses, keeping your network secure and employee productivity high, and turning the
policies.
Attackers and malware constantly advance, making use of an
extensive worldwide underground market for crimeware. To
defend against these threats, WatchGuard also works globally,
combining advanced capabilities from the world’s best suppliers
U.S. Sales: 1.800.734.9905 • International Sales: 1.206.613.0895 • Web: www.watchguard.com
No express or implied warranties are provided for herein. All specifications are subject to change and expected future products, features or functionality will be provided on an if and
when available basis. ®2014 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, Fireware, and LiveSecurity are registered trademarks of WatchGuard
Technologies, Inc. in the United States and/or other countries. All other tradenames are the property of their respective owners. Part No. WGCE66683_022414
■
D
efend Resources with powerful firewall, anti-malware,
and intrusion prevention.
Interactive real-time monitoring features help pinpoint significant
C
onnect Offices Securely and allow road warriors and
virtual employees to access corporate resources from
anywhere, anytime, with nearly any device.
corrective or diagnostic actions directly from the monitoring
E
xtend best-in-class security to the WLAN by adding
wireless access points. The AP100, 102, and AP200 let you
harness the power of mobile devices without putting
network assets at risk.
while Report Manager includes over 60 predefined reports, with
Enforce Acceptable Use with WebBlocker, spamBlocker,
Application Control, and Reputation Enabled Defense –
tools that safeguard employee Internet use while providing
IT with deep visibility into usage patterns.
2. Stay Secure on a Tight Budget:
WatchGuard appliances deliver the best price-performance
in the industry, ensuring that you can get rock-solid security
as well as the performance your business needs to proceed
unimpeded. What’s more, with the unique model upgradability,
you can choose the appliance that fits your needs today, with
the ability to upgrade to a higher model within the series via a
simple license key. An assortment of upgrade packages makes
it easy to custom-tailor the solution to the organization’s exact
needs.
activities as they happen, and let the administrator take immediate
interface. WSM’s centralized logging features unique TCP-based,
encrypted log channels for maximum reliability and security,
an intuitive user interface that uses plain language, easy- to-read
graphics, and drill-down and pivot controls.
4. Centrally Manage Your Organization’s Security:
Distributed organizations and Managed Security Services Providers
(MSSPs) need the ability to manage large numbers of appliances
from a single location, with simplicity and scalability. WatchGuard
System Manager, bundled with every UTM appliance, is rich in
tools that support policy creation, management, and enforcement
across multiple locations. Role-Based Access Control supports the
delegation of duties according to function within the organization,
and every function can be centrally managed – including firewall,
VPN, intrusion prevention, URL filtering, web security, anti-virus
and anti-spam services, appliance software updates and more.
And, beyond the centralized management
capabilities in WSM, WatchGuard UTM solutions
may be managed via a Web UI or a Command
Line Interface (CLI) for ultimate flexibility.
©2009 WatchGuard Technologies, Inc.
WatchGuard® Network Security Products at a glance
Firebox®
T10
XTM 2 Series
XTM 3 Series
XTM 5 Series
XTM 800 Series
XTM 2520
–
upgradable to XTM 26
25/25-W
26/26-W
33/33-W
330
–
upgradable to XTM 525
515
525
–
upgradable to XTM 545
535
545
–
upgradable to 860/870
upgradable to 870
860
870
1520-RP
1525-RP
2520
Firewall throughput
200 Mbps
240 Mbps
540 Mbps
850 Mbps
1.4 Gbps
2 Gbps
2.5 Gbps
3 Gbps
3.5 Gbps
8 Gbps
11 Gbps
14 Gbps
14 Gbps
25 Gbps
35 Gbps
VPN throughput
30 Mbps
40 Mbps
60 Mbps
100 Mbps
240 Mbps
250 Mbps
350 Mbps
550 Mbps
750 Mbps
8 Gbps
8 Gbps
10 Gbps
10 Gbps
10 Gbps
10 Gbps
AV throughput
70 Mbps
95 Mbps
142 Mbps
175 Mbps
340 Mbps
1.5 Gbps
1.7 Gbps
1.8 Gbps
2 Gbps
4 Gbps
5.5 Gbps
7 Gbps
8 Gbps
9 Gbps
9.7 Gbps
IPS throughput
80 Mbps
100 Mbps
226 Mbps
328 Mbps
640 Mbps
1.6 Gbps
2 Gbps
2.4 Gbps
2.8 Gbps
5 Gbps
7 Gbps
9 Gbps
11 Gbps
13 Gbps
15 Gbps
UTM throughput
55 Mbps
80 Mbps
108 Mbps
146 Mbps
298 Mbps
850 Mbps
1 Gbps
1.4 Gbps
1.7 Gbps
3 Gbps
4 Gbps
5.7 Gbps
6.7 Gbps
6.7 Gbps
3
5
5
5
7
6[a]
6[a]
6[a]
6[a]
14
14
14[b]
14
6 and four 10G
SFP+[c]
12 and four 10G
SFP+[c]
1 Serial / 1 USB
1 Serial / 1 USB
1 Serial / 1 USB
1 Serial / 1 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
1 Serial / 2 USB
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
7,500
10,000
30,000
40,000
40,000
40,000
50,000
100,000
350,000
1,000,000
1,250,000
1,500,000
2,000,000
2,000,000
2,500,000
VLAN support
10
20/50 (incl/max)
20/50 (incl/max)
75
75
100
200
300
400
750
750
1,000
2,000
3,000
4,000
Authenticated users limit
200
500
500
500
500
500
500
1,000
2,500
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Unrestricted
Branch Office VPN
5
10
40
50
50
65
75
200
600
5,000
6,000
7,000
10,000
10,000
Unrestricted
Mobile VPN IPSec (incl/max)
5
5/10
5/40
5/55
5/55
75/75
100/100
300/300
1,000/1,000
10,000
12,000
14,000
15,000/15,000
20,000/20,000
Unrestricted
Mobile VPN SSL / L2TP
5
11
25
55
55
65
75
300
600
10,000
12,000
14,000
15,000
20,000
Unrestricted
–
–
850
XTM 1500 Series
–
–
–
–
Throughput and Connections
Interfaces 10/100/1000
I/O Interfaces
Nodes supported (LAN IPs)
Concurrent connections
(bi-directional)
up to 10 Gbps
VPN Tunnels
Operating System Features
General
IP address assignment: static, DynDNS, PPPoE, DHCP (server, client, relay) / Port independence / VLAN support / Transparent/drop-in mode
Advanced Networking[e]
Dynamic routing (BGP, OSPF, RIPv1,2) / Policy-based routing / NAT: static, dynamic, 1:1, IPSec traversal, policy-based PAT / Traffic shaping & QoS: 8 priority queues, DiffServ, modified strict queuing / Virtual IP for server load balancing[d]
Availability [e]
High availability (active/passive, and active/active for clustering) / VPN failover / Multi-WAN failover / Multi-WAN load balancing / Link aggregation (802.3ad dynamic, static, active/backup) / Wireless WAN failover available with WatchGuard Broadband wireless bridge accessory
Wireless
Integrated Wireless
Integrated 802.11a/b/g/n available in model numbers ending in “-W”
Wireless Access Points
All models support AP100, AP102 (indoor/outdoor), and AP200 wireless access points to extend UTM security capabilities to the WLAN / Includes MAC filtering, client reporting, Captive Portal technology, 802.1X authentication, and PCI compliant scan and reporting
Wireless WAN
All models support WatchGuard Broadband Extend wireless bridge devices for cellular connectivity / Some direct connect USBs are supported
Subscriptions
Security Services
Data Loss Prevention / Application Control / Intrusion Prevention Service / WebBlocker / Gateway AntiVirus / spamBlocker / Reputation Enabled Defense
LiveSecurity® Service
Multi-year LiveSecurity subscriptions are available for all models / LiveSecurity Plus with 24/7 support and Gold-level service are available as purchase options for XTM models 330 and higher
Throughput rates are determined using multiple flows through multiple ports and will vary depending on environment and configuration. Contact your WatchGuard reseller or call WatchGuard directly (1.800.734.9905) for help determining the right model for your network.
Every WatchGuard appliance includes these features:
Security Capabilities
Logging & Reporting with WatchGuard Dimension™
Management Software
User Authentication
LiveSecurity Service Upgrade Options
• S tateful packet firewall, deep application inspection,
application proxies: HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3
• Blocks spyware, DoS attacks, fragmented packets,
malformed packets, blended threats and more
• Protocol anomaly detection, behavior analysis,
pattern matching
• Static and dynamic blocked sources list
• VoIP: H.323 and SIP, call setup and session security
•
•
•
•
•
•
•
•
WatchGuard appliances can be managed with:
•
•
•
•
•
•
• R
emote Installation Services for comprehensive assistance
with the initial setup, configuration, VPN installation
• P
remium 4-Hour Hardware Replacement to ensure maximum
uptime
• L iveSecurity Platinum for complex environments. Includes
assigned Technical Support Manager to help you achieve
your strategic goals with WatchGuard products
Multi-appliance log aggregation
Public & private cloud-ready
I ncludes 70 pre-defined reports, executive summary
Visibility tools include FireWatch, ThreatMap
S pecial reports for HIPAA and PCI compliance
SNMP v2 & v3, Syslog
Encrypted log channel
Email delivery of PDF reports
• C
ommand line interface with direct connects and scripting
• Web UI for single device management from anywhere
• WatchGuard System Manager: intuitive, centralized console
providing interactive real-time monitoring and logging;
includes drag-and-drop VPN creation, rich historical reporting
• S implified configuration and deployment with RapidDeploy
XTM 5 Series models include one 10/100 interface. [b]XTM 870 appliances come with 6 copper and 8 fiber 10/100/1000 interfaces under model number WatchGuard XTM 870-F.
networking, are not available on the Firebox T10. Visit www.watchguard.com/T10 for details.
[a]
Fiber ports can operate as 10GBase-SR/SW or 1000Base-SX.
[c]
[d]
Transparent Active Directory Authentication (single sign-on)
R
ADIUS, LDAP, Secure LDAP, Windows Active Directory
RSA SecurID® and VASCO
Local database
802.1X for wireless appliances (XTM 25-W, 26-W, 33-W)
M
icrosoft® Terminal Services and Citrix XenApp
environments supported
Server load balancing is not available on XTM 2 Series, 3 Series, and Firebox T10 appliances. [d]Some features, including clustering and advanced
Download PDF
Similar pages