Securing the Future with WatchGuard XTM
Network Security Solutions
© 2009 WatchGuard Technologies

© 2009 WatchGuard Technologies

IP Networking Technology is Converging
More clients, more traffic hits the network than ever before!
VoIP
Internet
Mobile
Computing
New Applications
PC Computing
Power
Wireless
LAN

Network Speed is Accelerating
Broadband for Small Business (US)
Comcast: 6 to 50 Mbps
16 Mbps for $99/mo.
Quest: up to 20 Mbps
Verizon: up to 50 Mbps

Threats are Rapidly Evolving!

Bot Client (Trojan) Most Popular Payload

Malware Volume Out of Control x3 x6 ???

Malware Delivery More Dynamic/Agile
Between their increased reliance on botnets and the introduction of new evasion techniques, the servers that deliver malware have become much more dynamic and agile
Dynamic malware networks supported by bot networks
Fast Flux DNS
Domain Flux

“European cyber-gangs target small US firms”
• Fortune 500 companies are not the only targets
– Attackers use malware planted on corporate computers to initiate fraudulent wire transfers
– Cyber criminals stole $750,000 from a small school district near Pittsburgh
– Unique Industrial Product Co., a plumbing equipment supply company in Texas, lost $1.2 million
– JM Test, an electronics calibration co., lost over $90,000

Businesses are More Accountable Than Ever!
• Regulations get tough on irresponsible handling of
Personally Identifiable Information (PII).
– Hefty fines for non-disclosure
– Legal fees
• Businesses can’t operate without adequate network security.
– PCI-DSS: comply or lose ability to process credit card transactions
– HIPAA: comply or lose license.
• Direct losses can be massive.

Within This Environment, You Need the
Best Solution!
Competing Solutions Your Solution with WatchGuard
“We’re extremely satisfied with the WatchGuard products…switching to a single provider has made our internal IT department’s work considerably easier.
´
Martin Korn, Head of IT &
Central Service, Novoferm
GmbH

WatchGuard is Bringing New Solutions…
May-09
SSL 100
Sept-09
Fireware
XTM 11
Sept-09
XTM 1050
Oct-09
XTM 8 Series
Nov-09
XCS Messaging
Security

Featuring XTM Series Network Security
Appliances
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
WatchGuard
XTM 1050

14
Proactively blocks viruses, worms, spyware, trojans, and blended threats
Out of the box
Over 600,000 appliances shipped since 1996

At the Best Value!
MSRP, 1yr Security Bundle vs. UTM Throughput
1 800
1 600
1 400
NSA E6500
XTM 830
1 200
1 000
XTM 820
XTM 530
XTM 810
NSA E5500
800
600
400 XTM 510
XTM 505
NSA 3500
200
0
$-
SRX 210
TZ200
$5 000  $10 000
70
100
$15 000
120
$20 000
250
200
$25 000
XTM 1050
$30 000  $35 000
SonicWall
Fortinet
Juniper
WG XTM line

Gartner Magic Quadrant
SMB Multifunction Firewalls

© 2009 WatchGuard Technologies

XTM Series Target Markets
XTM 2 Series
• Retail, Healthcare
• Education, Finance
XTM 5
Series
• Retail, Healthcare
• Education Finance
XTM 8
Series
1050
• Retail, Healthcare
• Education, Finance

 10 Gbps Firewall
Throughput
 2 Gbps VPN
Throughtput
 XTM Security
Platform
 Powerful, Flexible
Management Tools
 Optional Fiber Module
 Dual hot swap power supplies and fans
 Affordable Enterprise-
Grade Security!

WatchGuard XTM 8 Series Solution
• Up to 5 Gbps Firewall
Throughput
• Up to 1.2 Gbps XTM
Throughtput
• XTM Security Platform
 Best Price for the
Performance!
 Investment Protection
 A natural fit!

XTM 1050 and 8 Series Speed and Power!
 Intel Multi-Core Processor
 10-12 Copper 1-Gb Interfaces
 2 USB, 1 Serial DB9
 2 Gb SDRAM Memory
 1 GB Flash Memory
 1U – 2U Rack Mounts
 Complies with NRTL/C, CB, RoHS, WEEE,
REACH
 Security Certifications in progress: ICSA,
FIPS 140-2, EAL4

Reaching New Heights is a Family Affair!
Firewall Throughput
XTM Throughput
1-Gig Interfaces
XTM 810
3 Gbps
900 Mbps
10
XTM 820
4 Gbps
1.1 Gbps
10
XTM 830
5 Gbps
1.3 Gbps
10
XTM 1050
10 Gbps
>1.4 Gbps
12
Concurrent Connections (bidirectional)
BOVPN
500,000
1000
750,000
2000
1,000,000
6000
>1,250,000
7000
MUVPN (IPSec)
MUVPN (SSL)
VLANs
Management with
Logging/Reporting
Model Upgrade
Security Platform
600 to 2000
1000
200
WatchGuard
System Manager
Yes
Fireware XTM
Pro
700 to 6000 800 to 8000 15,000
4000
300
WatchGuard
System Manager
Yes
Fireware XTM
Pro
6000 15,000
400 500
WatchGuard
System Manager
No
WatchGuard
System
Manager
No
Fireware XTM
Pro
Fireware XTM
Pro

WatchGuard XTM 5 Series Solution
• Uncompromised performance with 2.3 Gb/s Firewall and
800 Mb/s XTM.
• 7 Ethernet ports including 6 GbE
• 4 models from which to choose the best fit.
• Runs Fireware XTM 11.2.1 or higher
• Managed with WSM 11.2.1 or higher
• Market leading value!

Not All Mid-Size Companies are the Same!
Firewall Throughput
XTM Throughput
Concurrent Connections
(bi-directional)
BOVPN
MUVPN (IPSec)
MUVPN (SSL)
XTM 505*
850 Mb/s
275 Mb/s
40,000
65
5/75
1/65
Local User Database Max.
500
Management with
Logging/Reporting
Model Upgrade
WSM 11.2.1
Yes
Security Platform Fireware XTM
11.2.1
XTM 510
1.4 Gb/s
400 Mb/s
50,000
75
25/100
1/75
500
WSM 11.2.1
Yes
Fireware XTM
11.2.1
*XTM 505 is sold with bundled UTM only
XTM 520
1.9 Gb/s
600 Mb/s
100,000
200
50/300
1/300
1000
WSM 11.2.1
Yes
Fireware XTM
11.2.1
XTM 530
2.3 Gb/s
800 Mb/s
350,000
600
400/1000
1/600
2500
WSM 11.2.1
No
Fireware XTM
11.2.1

2500
Leading Value for Rack Mount Appliances!
UTM Throughput (Mbps) vs 1-year UTM Advertised Price
(USD)
2000
1500
1000
XTM 530
XTM 520
NSA 4500
500
XTM 510
XTM 505
0
$1 500  $2 500  $3 500  $4 500  $5 500  $6 500  $7 500  $8 500  $9 500
Astaro
Cisco
Fortinet
Juniper
SonicWall
WatchGuard

5 Series Package Contents
• 1 XTM appliance
• 1 rack mount kit
• 2 ethernet cables
• 1 management cable (RJ-45)
• 1 power cord
• Getting Started Guide
• Hardware warranty card
• LiveSecurity Service activation card
• 4 rubber pads for the bottom of the device.

WatchGuard XTM 2 Series Solution
• Powerful tabletop appliance with XTM security – perfect for small business.
• 6 Ethernet ports total including 3 GbE
• Wireless-N dual-band (802.11 a/b/g/n)
• Performance to max out your pipe – up to 190 Mb/s firewall and 40 Mb/s XTM.
• Rich networking and management features!

The Network Edge has Range!
Firewall Throughput
XTM Throughput
VPN Throughput
Concurrent Connections
(bi-directional)
MUVPN (IPSec)
MUVPN (SSL)
Wireless
Management with
Logging/Reporting
Model Upgrade
Security Platform
XTM 21
110 Mb/s
18 Mb/s
35 Mb/s
10,000
XTM 22
150 Mb/s
30 Mb/s
55 Mb/s
20,000
XTM 23
190 Mb/s
40 Mb/s
55 Mb/s
30,000
1/11
1/11
802.11 a/b/g/n
(XTM 21-W)
3G Extend Accessory
WSM 11.2.1
5/25
1/25
5/55
55/55
802.11 a/b/g/n
(XTM 22-W)
3G Extend Accessory
WSM 11.2.1
802.11 a/b/g/n
(XTM 23-W)
3G Extend Accessory
WSM 11.2.1
Yes Yes No
Fireware XTM 11.2.x
Fireware XTM 11.2.x
Fireware XTM Pro
11.2.x

A WatchGuard XTM Product for Everyone!
Throughput in Mb/s
10 000
9 000
8 000
7 000
6 000
5 000
4 000
3 000
2 000
1 000
-
XTM 21 XTM 22 XTM 23 XTM 505 XTM 510 XTM 520 XTM 530 XTM 810 XTM 820 XTM 830 XTM
1050
Firewall

WorldWide Certifications for All XTM Series
EMC/Safety
• FCC, NRTL/C (US)
• ICES (CAN)
• DoC, CB (EU)
• KTL (Korea)
• 2 Series Wireless
Hazardous Waste
• RoHS
• WEEE
• REACH
Security
(pending)
• ICSA, VPN & Firewall
• FIPS 140-2
• Common Criteria,
EAL4+
Import/Export
• NOM (Mex)
• IRAM (Argentina)
• ECCN (US)
• CCC (China)

© 2009 WatchGuard Technologies

Management
Client
Fireware XTM OS Fireware XTM Pro
Servers
WebUI
CLI

– VPN
– Authentication
– Stateful Firewall
– Deep Packet Inspection
(Proxy Architecture)
– VoIP Security
– Additional Content Security

Proxy-based for inspection at all OSI layers
Full-
Featured
Management
Hardware
XTM Security enables layered protection in a single device
Dedicated, custom hardware for max performance and value

– Static IP, DynDNS, PPPoE, DHCP (server, client, relay)
– NAT: Static, Dynamic, 1:1, IPSec NAT Traversal, Policy-based
NAT, Virtual IP
– Static and Dynamic Routing (BGP, OSPF, RIP v1/v2)
– QoS: 8 priority queues, diffserv, modified strict queueing
– VLAN: bridging, tagging, routed
– High Availability, active/active (FireCluster) and active/passive
– Port independence
– WAN failover
– Load balancing
– Transparent mode and drop-in mode.

• Fireware XTM Pro includes advanced networking features
• Fireware XTM Pro comes standard on XTM 23, XTM 8 Series and XTM 1050
• An upgrade from Fireware XTM to Fireware XTM Pro is available for other
XTM 2 Series and XTM 5 Series models.

WatchGuard System Manager
– Rich reporting out of the box
– Interactive realtime management
– Log, report, quarantine, WebBlocker and management servers with self-health monitoring.
– Alarms and Notifications: SNMP, email, system alerts
– Role-based Access Control
– Web-based report services
– Drag-and-drop VPN creation saves hours

WatchGuard Gateway AntiVirus
• What it is:
– Blocks Viruses, Worms, Trojans, Spyware, Adware
• Inbound and outbound coverage
• HTTP, HTTPS, FTP, SMTP, POP3, TCP-UDP
– Signatures and Behavioral Techniques
• Static and dynamic heuristics (code emulation)
• Value
– Complements server and desktop solutions
– Stop malware before it gets to the corporate network
– Prevents corruption and loss of data

AntiVirus Features
• Signature updates checked every hour
• Full compressed file support
– ZIP, RAR, TAR, GZIP,
ARC, CAB etc.
– Multiple levels
• WatchGuard System
Manager and Web UI configuration
– Status Dashboard

•Securely, Simply, Detecting Mass Outbreaks in Real-time
•How it works:
– Detects the repetitive component of each outbreak
– Uniquely identifies the DNA of each outbreak
– Compares incoming messages with spam DNA in real-time
Analyzing Internet Traffic
Classification
DNA
Real time detection center
Query
RPD™ (Recurrent Pattern Detection) Patent Pending
Technology
43

• What it is:
– Unique, real time spam blocking service for Firebox X and
XTM appliances
– Partnered with Commtouch, an industry leader in spam prevention and mitigation
• Value:
– Distinguishes legitimate communication from spam attacks, blocking 98% of unwanted e-mails
– Processing is done off the Fireware appliance so there is minimal impact to other network traffic processing
– Cost effective solution – no need for per user licensing or separate hardware/appliance

• Simple to setup
• WatchGuard System
Manager
• Web UI
• Flexible enough to handle spam in several different ways
• Different Categories for mail
• Confirmed Spam
• Bulk
• Suspect

• Another layer of virus prevention
– Uses RPD technology to detect email-borne malware outbreaks
– Included with spamBlocker - Complements Gateway AntiVirus
– New patterns are detected and added to the database in realtime
Several options for
Detected viruses

How it works
Real People around the globe
Researching the latest internet scams, spyware, and malicious sites
+
Artificial Intelligence
Tracking URL/IP changes, new site content, and retired sites
Daily Incremental
Updates
+
Fast and scheduled using minimal bandwidth
=
Block new scams and threats
Within hours
 Global URL database - English, German, Spanish, French, Italian, Dutch,
Japanese, Traditional Chinese, and Simplified Chinese sites
 24 x 7 x 365 worldwide Internet scanning with people and automation
 Reduces malicious Web content entering the network through 30 million blocked
URLs and Reduces unproductive Web surfing and potential liability
 Blocks access to IM/P2P download sites, WebMail and over 9,000+ spyware sites
47

• What it is:
– URL filtering with 54 categories
– Incremental updates to increase productivity and ensure the latest URL filtering protection
– Configurable Exceptions (Whitelist / Blacklist)
– Reports of web access, attempted policy violations, and
Internet usage
• Value:
– Increase employee productivity and limit liability
– Flexibility to block the specific site categories you require
– Increased legal and regulatory protection
– Pricing based on “Per Box” vs. “Per Seat”

User must type the password to get access to the destination
49

• What is it:
– Signature protection against known vulnerabilities
– Signatures updated on regular basis
• Value:
– Protects against SQL injection, cross-site scripting (XSS), buffer overflows, remote file inclusions, worms
– Protects against spyware
– Prevents attackers from running system code, crashing, or assuming control of systems behind Firebox or XTM appliance

• Specify action to take when signature matches
• Optional spyware signatures
• Option to scan http headers only to improve performance
• Signatures can be added to exclusion list

LiveSecurity
® for XTM Series
XTM 1050
XTM 8 Series
XTM 5 Series
XTM 2 Series
Hours
Incidents per year
Target response time
Advanced Hardware
Replacement
Software upgrades and patches
LiveSecurity ®
Broadcasts
Alerts and
* (6 AM - 6 PM in your local time zone)
Standard
Appliance bundles and renewals
Plus
Security bundles and renewals
Not offered Appliance bundles plus renewal SKUs
12 x 5*
5
4 hours
24 x 7
5
4 hours
Gold
NEW – single box coverage avail. soon
Not offered
24 x 7
No Limit
1 Hour

• Free trials available
• Individual Subscriptions
• Security Bundle
– Best Value
– Includes all 5 services
– 1, 2, or 3 year bundles or renewals

You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series
High Availability with
Fireware XTM OS with VPN, Auth,
WAN Failover features
(GAV, IPS, spamBlocker, WebBlocker)
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
WatchGuard
XTM 1050
LiveSecurity
Service with 24/7
Staff?
Best Price for industry!
Fireware XTM Pro with advanced
Dedicated for high throughput

You’re Ready to Answer Tomorrow’s Needs with WatchGuard XTM Series
Fireware XTM OS with VPN, Auth,
Proxy-driven DPI and XTM Services
(GAV, IPS, sB, WB)
High Availability with
FireCluster, VPN and
WAN Failover features
WatchGuard
XTM 2 Series
WatchGuard
XTM 5 Series
WatchGuard
XTM 8 Series
WatchGuard
XTM 1050
LiveSecurity
Service with 24/7
Technical Support
Best Price for
Performance in the industry!
Fireware XTM Pro with advanced networking
Dedicated appliances tuned for high throughput

© 2009 WatchGuard Technologies