WatchGuard® Technologies has announced its new Advanced Persistent Threat (APT) solution, WatchGuard APT Blocker. Delivering real-time threat visibility and protection in minutes, not hours, APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox, using the industry's most sophisticated full-system-emulation environment for detecting APTs and zero day malware. The WatchGuard solution integrates with the company's visibility tool, WatchGuard Dimension™ providing an instant, single view of advanced threats, along with other top trends, applications and threats covered by WatchGuard's security technologies.
APT Blocker comes pre-installed on all WatchGuard Unified Threat Management (UTM) and Next-Gen Firewall (NGFW) appliances with a free 30-day trial. WatchGuard has extended its proprietary proxy-based architecture to detect suspicious files and send them for full-system emulation and analysis in the cloud. By adding an additional layer to the deep-packet-inspection engine, WatchGuard's highly respected detection capabilities now extend from the universe of known malware threats, for which there is a known pattern, into the unknown.
"Nearly 88 percent of today's malware can morph to avoid detection by signature-based AntiVirus solutions*," said Corey Nachreiner, director of security strategy and research for WatchGuard Technologies. "That means today's AntiVirus solutions remain necessary for catching known threats but alone, they're no longer sufficient. APT Blocker's full-system emulation approach to sandboxing provides simple, rapid protection, which doesn't rely on a traditional, signature-based approach to detect and stop advanced malware; in a solution that scales to inspect millions of objects at any given time."
WatchGuard's UTM and NGFW security platforms were purpose-built to simplify the process of adding newly-emerging technologies such as APT management, meaning customers can deploy this sophisticated technology in a couple of clicks. Continuing the strategy of working with best-of-breed technology partners, WatchGuard has teamed with industry veteran and APT heavyweight, Lastline, for cloud-based, full-system-emulation inspection capabilities. Lastline's founding team has been doing advanced malware research for more than 10 years and its commercial products have significant credibility in protecting businesses against today's unknown APT threats.
"WatchGuard is recognised as a leader in the network security space," said Brian Laing, vice president of products for Lastline. "We are thrilled to strike up this partnership to combat advanced cyber threats. With nearly a million red WatchGuard appliances installed worldwide and our unique, cloud-based sandboxing capabilities for detecting advanced malware, companies worldwide now instantly will have access to the industry's most sophisticated technologies to stop evasive malware designed to bypass traditional security products."
Historically, APT targets were exclusively governments and large enterprises whose critical infrastructures were put at risk by the likes of Stuxnet and Duqu. But today, advanced threats have evolved to target much smaller organisations and corporations to similarly devastating effect.
"Since today's APT targets are not anticipating these threats, they are not sufficiently protected. Often relying almost entirely on AntiVirus and digital-signature solutions, these networks are almost completely vulnerable," Nachreiner said.
APT Blocker is now available and comes pre-installed with a free 30-day trial with the launch of version 11.9 of WatchGuard's Fireware security platform, which includes other best-of-breed services such as: AntiVirus, AntiSpam, Application Control and DLP. Fireware also comes standard with WatchGuard Dimension, the company's award-winning, real-time visibility solution.
Major highlights of version 11.9 include:
· Improved application-traffic management, allowing users to control and limit application bandwidth, preserving it for business-critical applications;
· Expanded administrator-audit and change-tracking visibility for improved HIPAA and PCI compliance, including tying firewall rule changes to individuals;
· Customisable DLP signatures that allow companies to build on the extensive pre-defined rule sets of WatchGuard's DLP solution;
· Enhanced IPv6 support including link aggregation, VLANS and dynamic routing;
· New custom network zone that allows administrators to quickly segregate wireless guest networks and meet PCI-standard requirements for appliances with integrated wireless.