WatchGuard Enhances UTM

WatchGuard releases update to heuristic zero-day protection engine

Dark Reading Staff, Dark Reading

September 19, 2007

2 Min Read
Dark Reading logo in a gray background | Dark Reading

SEATTLE -- WatchGuard Technologies, Inc., the technology leader in unified threat management (UTM) solutions, today announced the release of a new POP3 proxy to its already robust zero-day protection engine, giving users of the Firebox X Core and Peak UTM appliances another tool in the fight against network threats. WatchGuard’s heuristic zero-day protection engine pro-actively guards against malicious attacks, including zero-day threats, in which the vulnerability or virus has not yet been discovered. The added POP3 proxy provides POP3 level gateway protection, essentially putting a virtual watch guard at the email gateway monitoring for suspicious activity based on a programmed set of acceptable protocols, and taking aggressive action against unwelcome intrusion.

“By understanding the various classes of attacks, WatchGuard’s Firebox UTM solutions provide reliable protection on a very broad level against whole families of threats,” explained Tim Helming, a product manager for WatchGuard’s Core and Peak series UTM appliances. “Several thousands of new threats are launched each year, most of which use techniques that are closely related, and statistically predictable. It is rare that an entirely new class of attack emerges. By recognizing and neutralizing threats at the gateway, the WatchGuard Firebox appliances provide instantaneous protection that doesn’t require a signature or patch to be applied before receiving the benefit of security.”

Unlike with standard anti-virus email scanners, WatchGuard’s new POP3 proxy isn’t limited to just scanning for threats based on the currently available signature set. The proxy scans traffic passing through the gateway allowing only activity which conforms to acceptable protocols. Programs that execute outside acceptable protocols are disallowed entry to the network, effectively incapacitating the attack. By providing an engine that pro-actively identifies and eliminates threats before they’ve been discovered en-masse, WatchGuard is able to offer users of its Firebox X UTM appliances true zero-day threat protection – an ability that the other major UTM appliance vendors currently lack.

"With the other major UTM appliance vendors currently lacking a pro-active threat detection and elimination capability, WatchGuard has a distinct advantage in the marketplace," said Mark Romano, Director of Marketing Communications and Channel for WatchGuard. "WatchGuard recognizes the need for virus-specific security measures and we do employ them as one part of our overall security solution. We also recognize that signatures provide only a reactive solution, leaving networks exposed until the exploits are identified and patched. This does not constitute true zero-day protection. As more CIO's and CTO's become aware of this fact, they realize their networks are serving as guinea pigs for the anti-virus signature industry."

WatchGuard Technologies Inc. (Nasdaq: WGRD)

Read more about:

2007

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights