WatchGuard Security Appliance Keeps Close Watch on Network Activity

 
 
By Frank Ohlhorst  |  Posted 2015-02-27
 
 
 
 
 
 
 
 
 
  • Previous
    WatchGuard Security Appliance Keeps Close Watch on Network Activity
    Next

    WatchGuard Security Appliance Keeps Close Watch on Network Activity

    By Frank Ohlhorst
  • Previous
    M500 Dashboard Lets IT Staff Keep an Eye on Network Activity
    Next

    M500 Dashboard Lets IT Staff Keep an Eye on Network Activity

    The M500 offers an intuitive browser-based dashboard that makes it easy to ascertain what is occurring throughout the network. A quick glance demonstrates top application activity, top destinations, top client activity and policies being executed. What's more, administrators can quickly drill down into other informative areas to troubleshoot traffic or better understand traffic patterns.
  • Previous
    M500 Supports Centralized Management of Large Networks
    Next

    M500 Supports Centralized Management of Large Networks

    The M500 is a member of the WatchGuard family of products that are managed via a centralized system. Each M500 has integrated controls that allow it to become part of a larger, centralized management structure, offering support for administrators looking to unify the control of several devices at various locations, such as branch offices and remote sites.
  • Previous
    The Appliance Provides Protection Against Port Probes, ICMP Attacks
    Next

    The Appliance Provides Protection Against Port Probes, ICMP Attacks

    Out of the box, the M500 offers the ability to quickly take on some security roles. The device provides the capability to define or modify default packet handling rules, so that once deployed it can immediately offer protection against the most common forms of attack, such as port probes, ICMP attacks and so forth.
  • Previous
    FireWatch Displays Graphical View of Network Activity
    Next

    FireWatch Displays Graphical View of Network Activity

    The M500's OS offers some very powerful observational capabilities. For example, the FireWatch Application view screen gives a graphical representation of what is occurring on the network and uses sized boxes to illustrate activity.
  • Previous
    FireWatch Drills Down Into Traffic Details
    Next

    FireWatch Drills Down Into Traffic Details

    The observational prowess of the M500 is further evidenced by the device's ability to drill down into traffic details from the FireWatch Destination tab, which shows what sites are being visited and by whom.
  • Previous
    Network Interfaces Dialog Simplifies Device Setup
    Next

    Network Interfaces Dialog Simplifies Device Setup

    The Network Interfaces dialog makes it simple to set up what mode the device should operate in and how each of the ports on the device is defined. This allows the unit to be deployed on one of several modes, making it easy to implement in a number of network infrastructures.
  • Previous
    Defining Policies for How the Network Handles Applications
    Next

    Defining Policies for How the Network Handles Applications

    One of the most powerful aspects of the M500 is the ability to define detailed policies for how applications are dealt with. The device comes with thousands of predefined applications and allows administrators to add more. Administrators can then define policies for how a user can interact with a particular application, helping to secure the traffic around that application and to block unauthorized applications with ease.
  • Previous
    An Intuitive Interface Enables Policy Definition
    Next

    An Intuitive Interface Enables Policy Definition

    Policy definition proved quite straightforward by using an intuitive interface that separates policy elements via tabs. From one screen, administrators can drill down into policy-based controls for applications, traffic, proxies and even scheduling when a policy is active. Other critical elements, such as intrusion prevention and logging, can be enabled with just a simple click.
  • Previous
    M500 Can Detect Threats Hidden in Encrypted HTTPS Traffic
    Next

    M500 Can Detect Threats Hidden in Encrypted HTTPS Traffic

    One of the M500's key features is the ability to deal with SSL traffic from HTTPS-based connections. The device can decode encrypted HTTPS traffic and detect any threats hidden within. An HTTPS-proxy defined policy makes that possible and offers varying levels of scanning, as well as certificate verification. Administrators can easily define what actions should be taken with encrypted traffic to fine-tune both performance and throughput based upon need.
  • Previous
    Polices Are Compiled Into a List for Easy Management
    Next

    Polices Are Compiled Into a List for Easy Management

    All defined policies are gathered into a list, making it simple to enable, disable, modify or even clone policies. The list supports drill-down, preventing the need to open any other management sessions to delve deeper into individual policy controls.
  • Previous
    M500 Also Enforces Content Filtering
    Next

    M500 Also Enforces Content Filtering

    The content filtering system employed by the M500 uses common definitions to ease policy definition. Administrators have the power to pick and choose content categories as well as define what happens when a particular category is accessed.
  • Previous
    M500 Employs Subscription Model to Implement Security Features
    Next

    M500 Employs Subscription Model to Implement Security Features

    The M500 uses a subscription model to enable security features. The subscription services screen offers quick insight on what services are enabled and the usage of each subscription, making it a little easier to demonstrate the value offered by the services provided by the device.
  • Previous
    The Appliance Provides an Overview of System Activity
    Next

    The Appliance Provides an Overview of System Activity

    The M500 includes real-time capabilities that offer an interactive view of what is occurring on the device. The traffic management screen shows active traffic, loads and connections (source and destination). Administrators can drill down, filter or sort traffic reporting via a variety of methods, making forensics chores a little easier to deal with.
 

Secure Sockets Layer encryption has helped secure network traffic from interception and data theft for more than 20 years. However, SSL has a dark side, one where hackers and cyber-criminals can hide a wide range of viruses, malware and other dangerous payloads from discovery by security appliances. WatchGuard Technologies aims to eliminate those problems with the M500, a powerful security appliance that can delve into encrypted traffic looking for hidden payloads. The M500 incorporates WatchGuard's latest operating system and is powered by Intel processors to deliver the performance needed to decrypt and encrypt traffic on the fly. The device also comes with thousands of predefined applications that allow administrators to define policies on how a user can interact with a particular application to boost the security of traffic related to that application. Designed to be deployed at the edge of the network, the M500 also can be integrated with a central management system, making it an excellent addition to branch offices and distributed networks alike. This slide show looks at the various features in the M500 appliance that can help keep malware threats at bay.

 
 
 
 
 
Frank Ohlhorst Frank is an award-winning technology journalist, professional speaker and IT business consultant with over 25 years of experience in the technology arena. He has written for several leading technology publications, including ComputerWorld, TechTarget, PCWorld, ExtremeTech, Tom's Hardware and business publications, including Entrepreneur, Forbes and BNET. Ohlhorst was also the Executive Technology Editor for Ziff Davis Enterprise's eWeek and formerly the director of the CRN Test Center.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel