WatchGuard on virtualisation...
Many of WatchGuard’s customers use virtual editions of our security products but usage is most common among our managed service provider clients.
Virtualisation is the simplest and most effective way to achieve the elasticity and flexibility required for private and public clouds.
Traditionally, network security has been designed as a ‘one appliance, one application’ model and designed with physical networking in mind.
Firewalls and UTM appliances are leveraged in network designs based on the fundamental notions of:
• Perimeter enforcement – protecting the “inside” from the “outside” – with network architectures that are built on this separation
• All traffic flows over physical networks, so security can be implemented by interposing physical devices on the wire
With virtualisation, those fundamental assumptions may not be true:
• Network architectures blur the definition of the “perimeter” with private resources spanning locations using VPNs
• Multiple organisations and applications within a business, and multiple businesses hosted by a service provider, can be on the same side of a physical perimeter
• Compliance and privacy requirements make it necessary to offer security and auditability between entities within the same virtual infrastructure
• Mobile users can easily bring malware into a shared infrastructure
• For service providers, the ability to offer full protection is even more critical when multiple customers are hosted on the same server farm – or even on the same server
• Physical appliances cannot offer in-line protection in a dynamic virtual infrastructure
• High-availability and live motion capabilities can mean that applications do not always run on the same physical servers
• Traffic can pass over virtual-only networks within a server, making it impossible to interpose a physical device
Tackling Security Challenges
UTM combines several layers of security into a single appliance. WatchGuard architecture consists of different security layers working cooperatively with one another to dynamically detect, block and report on malicious traffic while passing benign traffic through as efficiently as possible.
Each layer performs different security functions. Zero day protection is a consistent theme throughout the different layers - which means that WatchGuard protects businesses from new, unknown threats. WatchGuard offers all this through a virtual appliance.
Management is MUCH harder in the Virtual World
It’s very easy to instantly spin up new VMs but this flexibility represents a management and reporting challenge. Security policies must be assigned by VM, zone or both, rather than by the traditional location or network connection. WatchGuard solves this problem two ways.
First, we automate configuration deployment. Every new instance automatically connects to a management server and downloads its own unique and specialised configuration.
Secondly, we’ve created world class data visualisation tools. WatchGuard Dimension instantly turns raw network data into actionable security intelligence.
Together it’s a knock out combination AND we are the only UTM Firewall vendor that bundles both services free of charge as a value add!
By Pat Devlin, regional director Australia and New Zealand, WatchGuard Technologies