| WatchGuard®
provides true zero day protection through the intelligent layered
security capabilities of its Firebox® X unified threat management
(UTM) appliances, shutting down many new and unknown attacks
without the need for a signature. What "Zero Day" is All
About:
There’s a lot of buzz in the security industry about “zero
day” attack protection, but vendors differ substantially in
the protection they really provide.
- Zero day threats are new or unknown attacks for which
a patch or signature has not been written
- Zero day protection, therefore, means being protected
against a new and unknown threat before the vulnerability
is discovered and the exploit is created and launched
True Zero Day Protection Is Built into the Firebox® X
Architecture:
The intelligent layered security of the Firebox X combines
key security capabilities able to defend against classes of
attacks and to protect against variants even before they are
known. Some of these capabilities include:
- Protocol anomaly detection blocks malicious traffic
that does not conform to established protocol standards
- Pattern matching flags and removes high-risk
files, such as .exe and scripting files, viruses, spyware,
and trojans from the system by fully inspecting the entire
packet
- Behavior analysis identifies and stops traffic
from hosts exhibiting suspicious behaviors, including DoS
and DDoS attacks, port scans, and address scans
What Signatures Bring to a Security Solution:
Some vendors make zero day claims but in reality their security
solutions rely solely on signature-based scanning.
Signature-based security technologies fingerprint each new
attack after it emerges, so protection comes when this fingerprint,
or signature, is added to the system. This is not zero day protection.
By their nature, signatures are reactive; they cannot protect
against new and unknown attacks without an update.
Signature-based scanning provides a granular layer of protection
against spyware, viruses, worms, trojans, and blended threats
by identifying known malicious code within business-critical
traffic and files. But this technique is only one piece of a
comprehensive unified threat management solution.
22 of the 30 most significant viruses and their variants
released in 2003 to 2006 were blocked by default on the
Firebox®, protecting our customers before signatures were
made available.*
The Window of Vulnerability:
Signature-based solutions block what has already been identified.
Your network is still exposed from the time a new exploit has
been launched until a signature or patch is developed and then
deployed.
Considering the speed and destructiveness of today’s attacks,
even a few minutes without protection can be devastating. The
reality is, it can sometimes be hours, days, even weeks before
a signature or patch is developed and deployed, making this
window of vulnerability every IT manager’s nightmare.
Robust, Up-front Protection:
True zero day protection that’s in place even before the
vulnerability is known is at the heart of our Firebox X security
solutions.
*Based on most commonly used method
of propagation (SMTP)
WatchGuard protects you in the window of vulnerability:
Zero day protection means being protected
against a new and unknown threat during the window of vulnerability
timeframe.
|
WatchGuard
Zero Day Protection