WatchGuard Technologies, a spearhead in integrated security platforms, today announced its new Advanced Persistent Threat (APT) solution, WatchGuard APT Blocker.
Delivering real-time threat visibility and protection in minutes, not hours, APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox, using the industry’s most sophisticated full-system-emulation environment for detecting APTs and zero day malware. The WatchGuard solution from its part integrates with the company’s visibility tool, WatchGuard DimensionTM, providing an instant, single view of advanced threats, along with other top trends, applications and threats covered by WatchGuard’s security technologies.
APT Blocker arrives pre-installed on all WatchGuard Unified Threat Management (UTM) and Next-Gen Firewall (NGFW) appliances with a free 30-day trial. WatchGuard has extended their proprietary proxy-based architecture to detect suspicious files and send them for full-system emulation and analysis in the cloud. By way of adding an additional layer to the deep-packet-inspection engine, WatchGuard’s highly respected detection capabilities now extend from the universe of known threats (malware for which there is a known pattern) into the unknown.
As stated by Corey Nachreiner, Director of Security Strategy and Research for WatchGuard Technologies: “Nearly 88 percent of today’s malware can morph to avoid detection by signature-based AntiVirus solutions. That means today’s AntiVirus solutions remain necessary for catching known threats but alone, they’re no longer sufficient. APT Blocker’s full-system emulation approach to sandboxing provides simple, rapid protection, which doesn’t rely on a traditional, signature-based approach to detect and stop advanced malware; in a solution that scales to inspect millions of objects at any given time.”
WatchGuard’s UTM and NGFW security platforms were purpose-built to streamline the process of adding newly-emerging technologies such as APT management, meaning customers can array this sophisticated technology in a couple of clicks. Persistent with the strategy of working with best-of-breed technology partners, WatchGuard has teamed with industry veteran and APT heavyweight, Lastline, for cloud-based, full-system-emulation inspection capabilities. Lastline’s founding team has been doing advanced malware research for more than 10 years and their commercial products have significant credibility in protecting businesses against today’s unknown APT threats.
“WatchGuard is recognized as a leader in the network security space,” held Brian Laing, Vice President of Products for Lastline. Supplementing that – “We are thrilled to strike up this partnership to combat advanced cyber threats. With nearly a million red WatchGuard appliances installed worldwide and our unique, cloud-based sandboxing capabilities for detecting advanced malware, companies worldwide now instantly will have access to the industry’s most sophisticated technologies to stop evasive malware designed to bypass traditional security products.”
Factually, APT targets were exclusively governments and large enterprises whose critical infrastructures were stymied by the likes of Stuxnet and Duqu. But at the moment, advanced threats have evolved to target much smaller organizations and corporations to similarly devastating effect. “Since today’s APT targets are not anticipating these threats, they are not sufficiently protected. Often relying almost entirely on AntiVirus and digital-signature solutions, these networks are almost completely vulnerable,” Nachreiner purported.
APT Blocker is now available and arrives pre-installed with a free 30-day trial with the launch of version 11.9 of WatchGuard’s Fireware security platform, which comprises other best-of-breed services such as: AntiVirus, AntiSpam, Application Control and DLP. Fireware also comes standard with WatchGuard Dimension, the company’s award-winning, real-time visibility solution.
Key highpoints of version 11.9 takes account of:
- Improved application-traffic management, allowing users to control and limit application bandwidth, preserving it for business-critical applications;
- Expanded administrator-audit and change-tracking visibility for improved HIPAA and PCI compliance, including tying firewall rule changes to individuals;
- Customizable DLP signatures that allow companies to build on the extensive pre-defined rule sets of WatchGuard’s DLP solution;
- Enhanced IPv6 support including link aggregation, VLANS and dynamic routing;
- New custom network zone that allows administrators to quickly segregate wireless guest networks and meet PCI-standard requirements for appliances with integrated wireless.
*Malwise-An Effective and Efficient Classification System for Packed and Polymorphic Malware, Deakin University, Victoria, June 2013