Story image

WatchGuard on virtualisation...

10 Apr 14

Many of WatchGuard’s customers use virtual editions of our security products but usage is most common among our managed service provider clients.

Virtualisation is the simplest and most effective way to achieve the elasticity and flexibility required for private and public clouds.

Traditionally, network security has been designed as a ‘one appliance, one application’ model and designed with physical networking in mind.

Firewalls and UTM appliances are leveraged in network designs based on the fundamental notions of:

• Perimeter enforcement – protecting the “inside” from the “outside” – with network architectures that are built on this separation

• All traffic flows over physical networks, so security can be implemented by interposing physical devices on the wire

With virtualisation, those fundamental assumptions may not be true:

• Network architectures blur the definition of the “perimeter” with private resources spanning locations using VPNs

• Multiple organisations and applications within a business, and multiple businesses hosted by a service provider, can be on the same side of a physical perimeter

• Compliance and privacy requirements make it necessary to offer security and auditability between entities within the same virtual infrastructure

• Mobile users can easily bring malware into a shared infrastructure

• For service providers, the ability to offer full protection is even more critical when multiple customers are hosted on the same server farm – or even on the same server

• Physical appliances cannot offer in-line protection in a dynamic virtual infrastructure

• High-availability and live motion capabilities can mean that applications do not always run on the same physical servers

• Traffic can pass over virtual-only networks within a server, making it impossible to interpose a physical device

Tackling Security Challenges

UTM combines several layers of security into a single appliance. WatchGuard architecture consists of different security layers working cooperatively with one another to dynamically detect, block and report on malicious traffic while passing benign traffic through as efficiently as possible.

Each layer performs different security functions. Zero day protection is a consistent theme throughout the different layers - which means that WatchGuard protects businesses from new, unknown threats. WatchGuard offers all this through a virtual appliance.

Management is MUCH harder in the Virtual World

It’s very easy to instantly spin up new VMs but this flexibility represents a management and reporting challenge. Security policies must be assigned by VM, zone or both, rather than by the traditional location or network connection. WatchGuard solves this problem two ways.

First, we automate configuration deployment. Every new instance automatically connects to a management server and downloads its own unique and specialised configuration.

Secondly, we’ve created world class data visualisation tools. WatchGuard Dimension instantly turns raw network data into actionable security intelligence.

Together it’s a knock out combination AND we are the only UTM Firewall vendor that bundles both services free of charge as a value add!

By Pat Devlin, regional director Australia and New Zealand, WatchGuard Technologies

The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.
Vodafone and PNSol champion new ‘invisble network’ broadband project
"As an industry, we've increased the speed of broadband to one gigabit and beyond, which is a remarkable achievement, but we now have to look beyond speed."
Top 3 cloud computing predictions – what’s in store for 2019?
Virtustream's Deepak Patil shares his predictions for how cloud computing will evolve in 2019.
London’s pricy data centres allow Frankfurt to overtake
According to a new report, data centre pricing in the UK is among the highest in Europe, which is seeing other countries prosper.
Rubrik welcomes $261m funding for new market expansion
The company intends to use the funds from new investor Bain Capital Ventures will go toward future innovation and expansion.
Survey finds retailers 'bullish' on hybrid cloud adoption
The retail industry takes no prisoners and that’s made clear in its 'on the pulse' adoption of new technologies.