By appointing Mumbai-based Roundrobin Tech Services as its national distributor for India & SAARC region, WatchGuard has undertaken an aggressive solution approach for addressing a transforming India where opportunities galore high. In an interaction with Digital Edge, Marc Laliberte, Information Security Threat Analyst, WatchGuard Technologies, Inc., discusses about the evolving network technologies, and the focus the company puts on the promising Indian market with its numerous UTM (unified threat management) and NGFW (next generation firewall) systems & solutions. Excerpts!
Do you think the cyber security threat scenarios around new-age enterprises, critical infrastructure, government institutions, and now smart-cities, have gone from bad to worse? Do you feel enterprise mobility, cloud and big data have added complexity to the already vexed cyber security conditions?
It is true that an increase in technology adoption by enterprises and government institutions creates a larger ‘attack surface’ for these entities to defend. Moving sensitive information from behind office doors up into the cloud creates new threats which must be mitigated. The push for increased information sharing and Internet of Things (IoT) devices by India’s smart-cities initiative also creates new challenges for protecting important data. That said, cyber security defenses are available to match these threats. With proper planning and execution, would-be victims can put in place a strong enough defense to mitigate attacks by all adversaries, whether they be a lone wolf or a competing nation state.
Do you think firewalling—which has been the central element of any meaningful network security architecture—needed to be augmented for countering modern-day threats, and the arrival of NGFW (next generation firewall) systems is the answer to that quest?
Well, properly implemented firewalling is the foundation to a strong security posture. Segmenting sensitive systems from the open internet and other networks that have access to the internet is an absolute must if you are to have any hope in preventing an attack. However, simple stateful firewalls are not enough on their own. With the introduction of unified threat management (UTM) and next generation firewalls (NGFW), IT professionals can add additional capabilities, such as application identification tools, intrusion prevention system (IPS) solutions and visibility, into one appliance to more effectively stop attacks. Not only do UTM and NGFW systems lower the cost of a strong defense, they also simplify it for the administrator.
Do you think gateway firewalling needs to be buttressed by ISFW (internal segmentation firewall) systems for bringing wider security measures to organizations because there are various sensitive departments within enterprises which need to be protected from insider threats or even intruders who have succeeded in breaking into enterprise LAN environment?
The internal segmentation firewalls (ISFWs) are not anything new. The network DMZ is an old but still appropriate concept. Segmenting off systems of various security levels has always been, and will always be, a best practice. The idea of the ISFW is nothing more than extending NGFW services to the internal network. If IT professionals are not already following this practice, they need to be. An external attacker always aims to compromise the most vulnerable system and then pivot from there to compromise the end target. Insider threats typically follow the same path with the benefit that they already have access to an inside system. Preventing the attacker’s lateral movement through the network is a must and using NGFW services internally can do just that.
What are the latest NGFW systems which are being offered by WatchGuard, which can defend networks of enterprises, critical infrastructure and smart cities? What are the key features of these systems? By the way what are the enterprise verticals which beacon WatchGuard with greater promise in India?
WatchGuard offers UTM (unified threat management) and NGFW (next generation firewall) systems designed for small to midsize businesses and distributed enterprises. All of WatchGuard’s UTM and NGFW systems offer the best throughput in their class, the best real-time visibility tools and broader application control. This means that the remote office of a dozen workers can have the same protection as the HQ housing thousands of workers. By using a WatchGuard appliance, IT professionals cover all of their defenses with security suites including IPS, antivirus, sandboxed advanced persistent threat (APT) blocking, and application control. All WatchGuard appliances can also report in to WatchGaurd Dimension to provide critical network security visibility. WatchGuard is the perfect security option for the Indian market, which continues to aggressively adopt information technology in new areas. WatchGuard UTM and NGFW systems and the Dimension platform help reduce the complexity of securing and monitoring a rapidly expanding network of information systems and IoT devices.
Do you think NGFWs are integrated network security systems which should not be seen from the prism of UTM (unified threat management) systems?
The industry defines an NGWF as a firewall solution that includes IPS (intrusion prevention systems) and application identification, while a UTM is a firewall solution that includes those features along with URL categorization, email security, and antivirus scanning. NGFW solutions are typically identified as a more streamlined and performance-based solution to match the need for securing huge volumes of traffic produced by enterprises, while UTM solutions are an “everything in one box” concept for ease of management. WatchGuard breaks this model by combining the enterprise-grade speed and efficiency of a NGFW with the full security suite of a UTM. Instead of having to choose between the best throughput and the best security in one appliance, IT professionals can have both.
Do you think CIOs and CISOs of enterprises and government organizations have yet to adopt the best network security practices in India? Do you think WatchGuard can help them in having much better network security practices including effective deployments of NGFWs?
The smart-cities initiative in India creates the effect of forcing organizations to rapidly adopt new technologies. Rapid change often comes with security oversights or shortcuts. While I’m confident that plenty of organizations in India are following best practices, I’m also sure that a large portion are sacrificing the best security in order to keep up with the quick pace of technology adoption. WatchGuard can help this second group deploy the best security in a short time frame by leveraging the WatchGuard RapidDeploy platform. Instead of requiring hours of expensive on-site configuration time, IT professionals can use RapidDeploy to store a manually or automatically created firewall configuration in the cloud and then simply ship and plug in the firewall at the final location to complete setup.