WatchGuard Technologies claims that its new Advanced Persistent Threat (APT) solution delivers real-time threat visibility and protection in minutes, not hours.
The WatchGuard APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox, using a full-system-emulation environment for detecting APTs and zero day malware. The WatchGuard solution integrates with the company’s visibility tool, WatchGuard Dimension, providing an instant, single view of advanced threats,along with other top trends, applications and threats covered by WatchGuard’s security technologies.
APT Blocker comes pre-installed on all WatchGuard Unified Threat Management (UTM) and Next-Gen Firewall (NGFW) appliances with a free 30-day trial. WatchGuard has extended their proprietary proxy-based architecture to detect suspicious files and send them for full-system emulationand analysis in the cloud.
“Nearly 88 percent of today’s malware can morph to avoid detection by signature-based AntiVirus solutions,” said Corey Nachreiner, director of security strategy and research for WatchGuard Technologies. “That means today’s AntiVirus solutions remain necessary for catching known threats but alone,they’re no longer sufficient. APT Blocker’s full-system emulation approach to sandboxing provides simple, rapid protection, which doesn’t rely on a traditional, signature-based approach to detect and stop advanced malware; in a solution that scales to inspect millions of objects at any given time.”
WatchGuard’s UTM and NGFW security platforms were purpose-built to simplify the process of adding newly-emerging technologies such as APT management, meaning customers can deploy this sophisticated technology in a couple of clicks.
Continuing the strategy of working with best-of-breed technology partners, WatchGuard has teamed with industry veteran and APT heavyweight, Lastline, for cloud-based, full-system-emulation inspection capabilities.
“With cloud-based sandboxing capabilities for detecting advanced malware, companies worldwide now instantly will have access to the industry’s most sophisticated technologies to stop evasive malware designed to bypass traditional security products,” said Brian Laing, vice president of products for Lastline.
Historically, APT targets were exclusively governments and large enterprises whose critical infrastructures were stymied by the likes of Stuxnet and Duqu. But today, advanced threats have evolved to target much smaller organisations and corporations to similarly devastating effect. Scott Robertson, Vice President of Asia Pacific for WatchGuard Technologies adds, “Since today’s APT targets are not anticipating these threats, they are not sufficiently protected. Often relying almost entirely on AntiVirus and digital-signature solutions, these networks are almost completely vulnerable.”
APT Blocker is now available and comes pre-installed with a free 30-day trial with the launch of version 11.9 of WatchGuard’s Fireware security platform, which includes other best-of-breed services such as: AntiVirus, AntiSpam, Application Control and DLP. Fireware also comes standard with WatchGuard Dimension, the company’s real-time visibility solution.
Major highlights of version 11.9 include:
• Improved application-traffic management, allowing users to control and limit application bandwidth, preserving it for business-critical applications;
• Expanded administrator-audit and change-tracking visibility for improved HIPAA and PCI compliance, including tying firewall rule changes to individuals;
• Customizable DLP signatures that allow companies to build on the extensive pre-defined rule sets of WatchGuard’s DLP solution;
• Enhanced IPv6 support including link aggregation, VLANS and dynamic routing;
• New custom network zone that allows administrators to quickly segregate wireless guest networks and meet PCI-standard requirements for appliances with integrated wireless.
