Post on 18-Dec-2015
UNFETTERED APP USE SHOULD WORRY YOU
You lose countless hours of productivity to non-business apps
Many apps tunnel right past your firewall
You lack visibility in what apps do on your network
Most malware propagates via 3rd party and web apps
Sources: X-Force, Websense, Whitehat Security, Imperva, & 7Scan
BUSINESSES HAVE GOOD REASON TO BE CONCERNED ABOUT APPLICATION USE!
BUSINESS USE OF WEB 2.0
Only applications deemed necessary by
IT to perform a job function are allowed
24%
Limited use (e.g., set times of day or
maximum hours per week) regardless of
business need, is allowed
16%
Only applications deemed necessary by
business groups to perform a job
function are allowed33%
We don’t have an official policy
23%
Other3%
Don’t know1%
40% of IT Securitygroups act as
Web 2.0 roadblocks
Nearly one quarter of organizations still lacka Web 2.0 usage policy
Source: Forrester Research, Forrsights Security Survey, Q3 2010
Base: 1,033 SMB & enterprise IT security decision makers
IT-determined access more common
in enterprises (28%) than in SMBs (19%)
WEB 2.0 SECURITY MEASURES TOO COARSE
Source: Forrester Research, Forrsights Security Survey, Q3 2010 Base: 787 SMB & enterprise IT security decision makers
WATCHGUARD® XTM
WatchGuard XTM 5 Series
WatchGuard XTM 8 Series
WatchGuard XTM 1050
WatchGuard XTM 2 Series
APPLICATION CONTROL
How does WatchGuard solve the problem? Ability to identify, control, and report on 1800+ applications and sub-functions,
regardless of port or protocol used Behavioral detection of complex applications Granular controls of applications All integrated into the standard Firewall policy table
APPLICATION CONTROL USE CASESSample Customer Scenarios
WG Application Control lets you: Block usage of peer to peer applications Allow Marketing department access to Facebook Limit application usage to restricted hours Report on the top applications used in the
company Allow MSN Instant Messaging, but disallow file
transfer over MSN IM
GRANULAR APPLICATION CONTROL 11.4 Features and Benefits
Application Control Feature Customer Benefit
Block specific applications at global, department, group, and individual levels
Keep productivity high; prevent security threats
Control sub-functions, e.g. allow access to MSN, but block MSN File Transfer
Balance of permissiveness and threat mitigation
Control access to applications or sub-functions by department
Create, enforce, and monitor fine-grained acceptable use policies
Control access to applications by time of day. Productivity during key business hours, employee perks during off-hours
Control applications by category Ease of use
Centralized management of Application Control
Enforce a consistent application control policy across multiple locations.
Automatic updates of application signatures Maintain a consistent security posture in a world of dynamic applications
Detailed application usage reporting Monitor adherence to acceptable use policies—by user, group, department, etc
SAMPLE APPLICATIONS
Category Example Applications
Instant Messaging QQ; MSN; Yahoo; GoogleTalk
Mail/Collaboration Hotmail; Gmail; Yahoo; MS Exchange
Web 2.0 Facebook; LinkedIn; Twitter
P2P Gnutella, Foxy, Winny; Bittorrent;
Remote Access Terminals
TeamViewer; GoToMyPC
Database MS SQL; Oracle
File Transfer Peercast; Megaupload
Voice Over IP Skype
Streaming Media QuickTime; YouTube; Hulu
Games Xbox Live; Second Life
Network Mgt MS Update; Adobe; Norton; McAfee
Web bypass Ultrasurf; Avoidr; Circumventor
Approved applications Approved applications
Unapproved or harmful applications
Unapproved or harmful applications
13
APPLICATION CONTROL - CONFIGURATION Applications
organized by category
Easy to search Granular
control
APPLICATION INFORMATION
14http://www.watchguard.com/SecurityPortal/AppDB.aspx
APPLICATION CONTROL - REPORTS Application Usage
Users Categories Blocked Applications
15WatchGuard Training
TODAY’S WATCHGUARD FOR TODAY’S BUSINESS
Fireware XTM 11.4 advances WatchGuard’s vision of extensible threat management, helping businesses combat threats, enhance productivity, and focus on business goals.
State of the Art Policy Enforcement
Superior Security
Enhanced Authentication
Superior Manageability and
Visibility