You are on page 1of 20


NITHIN.V.S Network security consultant Secure Network solutions

Dear sir, With reference to your requirement for UTM-Firewall would like to produce before you what all advantages you can have ,,with a watchguard purchase over Fortigate firewall. Also given a brief insight into features of watchguard.


1.)BETTER UTM PERFORMANCE Performance of fortinet severly drops-down once utm features are in effect due its ASIC architecture.

Watchguard offers In-built Logging & Reporting features.I.E you can have complete logs & reports regarding network usage at no extra cost.In case of fortinet you would have to go for a seperate device ―FORTI-ANALYZER‖(Around 80,000 extra). 3 ) ” SCALABILITY” Watchguard is the only UTM vendor offering SCALABILITY.I.E suppose in 2 years your network users increased in event of a new lab set-up etc,In case of fortinet the only option would be to replace existing box and buy a new box.But with watchguard you can have upgrade from existing box to any higher model in series by a ―SUBSCRIPTION UPDATE‖.You thus save a box-purchase.

Nithin.V.S Secure Network Solutions, Kerala

The custom silicon allows their boxes to run very fast for packet filtering and VPN. security.I.e the entire box performance goes doen antivirus/IPS enabled. and ease of use. . however. Fortinet’s UTM product strategy is based heavily on its ASIC technology.WATCHGUARDADVANTAGE WatchGuard and Fortinet offer similar overall capabilities. WatchGuard offers an unbeatable combination of performance. but at a considerable penalty for general-purpose tasks such as AV and IPS scanning.

cost-effective solution without additional hardware to purchase and maintain. including HTTP. worms.)SPAM BLOCKER 3. SMTP. FTP. Gateway AV scans traffic on all major protocols.WATCHGUARD UTM BUNDLE 1.)WEB-BLOCKER 4. FEATURES: Flexible administrator control Have the flexibility to define the action to be taken when malware is identified – enabling the network to allow. and rogueware.)GATEWAY-ANTIVIRUS 2. HTTPS. TCP. spyware. and POP3 to block all types . You shall not pass Scans all major protocols. quarantine. block. you have an easy-to-manage.)APPLICATION CONTROL 5. and protocol. It works in tandem with the application layer content inspection of the XTM to provide real-time protection against known viruses. user/group. or lock questionable traffic based on type. using continually updated signatures to detect and block all types of malware.)REPUTATION ENABLED DEFENSE 6.)INTRUSION PREVENTION GATEWAY-ANTIVIRUS Gateway AntiVirus (GatewayAV) is a fully integrated security subscription for WatchGuard XTM appliances and comes from industry leader ―AVG‖. And because Gateway AV is integrated with WatchGuard XTM security appliances. trojans.

and tag mail for easy identification and forwarding to dedicated Exchange folders.N. Dynamic analysis Dynamic heuristic analysis uses code emulation to identify polymorphic viruses and dangerous code that signatures don't catch. It's the best solution in the industry at distinguishing legitimate communication from spam in real time.SpamBlocker provides real-time spam detection for immediate protection from outbreaks. Works on both SMTP and POP3. and which users and groups can receive bulk mail. Optimized for better network performance Buffered scanning process ensures optimum performance for in-line HTTP scanning.quarantine. blocking nearly 100% of unwanted emails. adware.and also Tag spam mails. Spam accounts for up to 95% of global email and remains the most common method of spreading viruses. and dialers.P. It bogs down network traffic and leads unsuspecting users to malicious web sites designed to steal sensitive personal and company information. with comprehensive compression format support. Block.But with watchguard Spam-blocker we have options to Block. you still have the ability to stop spam cold by adding a spamBlocker subscription to your WatchGuard® XTM security solution FEATURES: Flexible administrator control Decide how messages will be processed.Later in H.L we couldnt block incoming spam mails in your mail-server as fortinet offers only means to ―TAG‖ spam mails. Quarantine suspect traffic Suspect email can be flagged to go into quarantine. allow.of malware. where administrator can restrict access or allow users to review quarantined files through automatic email alerts. SPAM-BLOCKER Spam-blocker in watchguard comes from industry leader ―COMMTOUCH‖ with patented R. Compressed file scanning Compressed and encoded files are decompressed for inspection. Stronger security for web surfing Multi-layered inspection of HTTP traffic indentifies spyware. Pervasive as it is. Use whitelists and blacklists to allow mail from trusted domains. . keyloggers.D technology and offers significant advantages over fortinet Spam detection.

cost-effective solution with no additional hardware to buy. bulk mail. full-featured quarantine for spam. WEB-BLOCKER Web-blocker in watchguard comes from ―WEB-SENSE‖. Daily incremental database updates URL database is updated daily to give you the most current protection available. Spam quarantine Users can create a safe. Optimized for better network performance Requires minimal bandwidth and CPU power because most of the processing is done outside the Internet gateway. and department requirements to meet specific business and user needs. It helps conserve network bandwidth. WebBlocker blocks malicious sites to keep your network protected from risky web content. It allows IT administrators to manage web access and content for stronger security and control of web surfing. prevent legal liability from inappropriate content. .It's a fully integrated security subscription for all WatchGuard XTM appliances. FEATURES: Strong administrative control Configure up to 54 web categories to stop the sites and web tools you most want to block. and suspect email messages. host addresses. Virus outbreak detection New! A powerful layer of real-time anti-virus protection employs RPD technology to recognize and stop malware with excellent accuracy. groups. you have an easy-to-manage. time of day. Acceptable Use enforcement Allows you to enforce your acceptable use policies to protect your business from legal liabilities. and increase employee productivity while it guards the network against malicious attacks from rogue websites. Granular control allows for custom configuration. domains. And because WebBlocker is integrated with the WatchGuard security appliance. Customizable open-access policies Create custom "Allowed" exception lists for certain web sites. Local override Administrators can enter a password to temporarily override blocked sites.Strong protection Best in the industry at distinguishing legitimate communication from spam outbreaks in real time. blocking nearly 100% of unwanted email before it reaches the internal mail server. or URLs so you can keep mission-critical access open. Flexible configuration Configure web access by users.

Application Control makes it simple to create and enforce acceptable use policies at your company. Once you establish your policy. . You can use this information to demonstrate compliance. block. you can selectively allow. or restrict access to applications based on a user's department.Centralized logging and reporting Generate graphical reports of web access. Application Control allows you to see in real-time what's being accessed on your network and by whom. APPLICATION-CONTROL Application-control enables IT administrators to monitor and control access to web and business applications to enforce policy. job function. and time of day for the data you need to make security policy decisions. and protect productivity and network bandwidth. usage. evaluate employee need. and refine acceptable use policies. and time of day. With Application Control.

organized by category..FEATURES Intuitive and Effective Exercise fine-grained control over more than 1.. to ensure applications that exhibit certain patterns of behavior don't escape the gaze of Application Control — including encrypted applications that are specifically designed to bypass ordinary security measures. Signatures. That means no additional software to buy in order to have complete visibility into network activity. Dynamic Updates New applications and new versions are released constantly.800 applications. Reporting Out of the Box Real-time reporting and monitoring are included. Application Control stays current with regular application signature updates. REPUTATION-ENABLEDDEFENSE . regardless of destination address or L7 protocol..and then Some Sophisticated Behavioral Analysis works overtime. Application Control lets you drill down from application category ("P2P") to application name ("Facebook") and down to application function ("Facebook Chat").

It works in tandem with the application layer content inspection of the XTM to provide real-time protection against network threats. IPS scans traffic on all major protocols. INTRUSIONPREVENTIONSERVICE Intrusion Prevention Service (IPS) is a fully integrated security subscription for all WatchGuard XTM appliances. And because IPS is integrated with WatchGuard XTM security appliances. cross-site scripting (XSS). cross-site scripting. including SQL injections. you have an easy-to-manage. . and remote file inclusions. block. buffer overflows. Comprehensive threat signatures Signatures cover a broad range of threats. user/group. FEATURES Flexible administrator control Have the flexibility to define the action to be taken when malware is identified – enabling the network to allow. using continually updated signatures to detect and block all types of threats. or lock questionable traffic based on type. and buffer overflows. SQL injections. denial of service. and severity. protocol. including spyware.Reputation scores from Kaspersky database. cost-effective solution without additional hardware to purchase and maintain.

FTP. Automated source blocking IP addresses identified as the source of an attack are automatically blocked to prevent further malicious traffic from entering your network. including HTTP. DNS. HTTPS.Continually updated database Signatures are updated without interruption as new threats emerge. and protocol-based attacks. application. TCP. and POP3 to block network. Highly effective scanning Scans all protocols. so you never have to leave your network exposed. UDP. SMTP. Granular control Assign specific actions to take depending on the level of the threat – each signature has a severity assigned. .

.)Traffic-Monitor Can used for real-time network traffic-analysis and monitoring and is a powerful tool for trouble-shooting. TOOLS TO LOOK OUT 1.)Firebox system-Manager a.REAL-TIMETRAFFICMONITORINGTOOLS With watchguard unlike fortigate we can now have a complete understanding of what is happening in your network.

b. .)Bandwidth Meter Shows real-time bandwidth consumption of all interfaces.

.)Service Watch Shows real time traffic-usage of all services used(http.https etc).c.

. In Fortigate no possible way to have real-time analysis other than tedious command-line monitoring.2.)Host-watch Shows real-time visualisaton of all connections from your network.

WATCHGUARD LOGGING & REPORT SERVER Unlike Fortinet which requires expensive FORTI-ANALYZER for watchguard log & report server are in-built.N.More than 55 categories of reports are available .)PER-CLIENT BANDWIDTH USAGE Reports the bandwidth usage of every internet connected systems in network. . 1.Every traffic in network is stored in log-server which report server collects and prepares scheduled as well as On-demand reports. Highlighting the one's of significance as far as H.L is concerned.

APPLICATION-USAGE REPORTS Displays appication usage trend in network. .

PER-CLIENT AUDIT REPORTS Displays complete list of all web-sites requested by every user in network.1.16/IT-MANAGER . 10.0.

.TRAFFIC-TREND REPORTS Displays internet bandwidth usage and connections in a 24 hour interval/hour.

size of mail and time of sending. . NOTE:For demonstration only.with recepient details.MAIL-SEND REPORTS Displays complete list of mails send from the network.complete suite of reporting includes 58 type of reports.

S Network Security Consultant Secure Network Solutions Kerala.Ph:08129400133 .For any queries please contact: Nithin.V.