SlideShare uma empresa Scribd logo

Miercom Unified Threat Management Report - WatchGuard M270

BAKOTECH
BAKOTECH

Miercom was engaged by WatchGuard Technologies, Inc. to conduct an independent, comparative performance assessment of its Firebox M270 against similar leading UTM network security appliances: Cisco Meraki MX84, Fortinet FortiGate 100E, SonicWall NSA 2650 and Sophos XG 210. All products were exposed to increasing traffic loads, with different protocols, while evaluating the impact on network performance. When identifying competitive equipment for this report, selected rack mount appliances were those closest in price (MSRP) to the Firebox M270. In each case this required models to be included that had a closer equivalent price to the WatchGuard Firebox M370. Product comparisons were made using the following scenarios: firewall, additional security features and full UTM mode. Firewall performance measured transport and application network layer traffic. Then security features were individually enabled to evaluate the impact on performance for HTTP and HTTPS loads. Finally, the full set of security functions was enabled (firewall, intrusion prevention system, antivirus and application control) over HTTP and HTTPS.

Tecnologia
1 de 15
Baixar para ler offline
Unified Threat Management Comparative Throughput Performance WatchGuard Firebox M270 Cisco Meraki MX84 Fortinet FortiGate 100E SonicWall NSA 2650 Sophos XG 210 2 August 2018 DR180622E Miercom.com www.miercom.com
WatchGuard M270 Competitive UTM 2 DR180622E Copyright © 2018 Miercom 2 August 2018 Contents Executive Summary.................................................................................................................3 Introduction...............................................................................................................................5 Products Tested........................................................................................................................6 How We Did It ..........................................................................................................................8 Test Tools................................................................................................................................8 Test Bed Diagram ................................................................................................................9 Performance Testing...........................................................................................................11 Stateless UDP 1518-Byte and UDP IMIX Throughput ....................................... 11 Stateful Throughput (HTTP/HTTPS) ..........................................................................12 About Miercom.....................................................................................................................15 Customer Use and Evaluation.........................................................................................15 Use of This Report................................................................................................................15
WatchGuard M270 Competitive UTM 3 DR180622E Copyright © 2018 Miercom 2 August 2018 Executive Summary Unified Threat Management (UTM) appliances are a consolidated security product with routing, firewall, intrusion prevention, antivirus, Virtual Private Network (VPN) and other protective measures for small to mid-size business networks. While these devices carry the power and functionality of a next generation firewall and secure web gateway, the performance has traditionally been impacted by intensive traffic processing. By testing performance of across a variety of UTM products, it creates an objective view of processing advantages and shortfalls, thereby allowing manufacturers to best optimize their products. Miercom was engaged by WatchGuard Technologies, Inc. to conduct an independent, comparative performance assessment of its Firebox M270 against similar leading UTM network security appliances: Cisco Meraki MX84, Fortinet FortiGate 100E, SonicWall NSA 2650 and Sophos XG 210. All products were exposed to increasing traffic loads, with different protocols, while evaluating the impact on network performance. When identifying competitive equipment for this report, selected rack mount appliances were those closest in price (MSRP) to the Firebox M270. In each case this required models to be included that had a closer equivalent price to the WatchGuard Firebox M370. Product comparisons were made using the following scenarios: firewall, additional security features and full UTM mode. Firewall performance measured transport and application network layer traffic. Then security features were individually enabled to evaluate the impact on performance for HTTP and HTTPS loads. Finally, the full set of security functions was enabled (firewall, intrusion prevention system, antivirus and application control) over HTTP and HTTPS. Key M270 Performance Findings • Outperforms more costly competitors’ models with security running • Highest realistic IMIX UDP performance of 1.5 Gbps and 4.7 Gbps for 1518-byte frames • Highest UTM HTTP throughput at 1.2 Gbps, outperforming vendors by at least 48% • Superior encrypted UTM throughput at 661 Mbps, surpassing closest competitor by 11%
WatchGuard M270 Competitive UTM 4 DR180622E Copyright © 2018 Miercom 2 August 2018 Based on results of our testing, the WatchGuard Firebox M270 displayed exceptional performance, outperforming its competitors for stateless and stateful traffic throughput scenarios with different firewall features enabled. Its high-rate performance with security features enabled earns it the Miercom Performance Verified certification. Robert Smithers CEO Miercom
WatchGuard M270 Competitive UTM 5 DR180622E Copyright © 2018 Miercom 2 August 2018 Introduction Unified Threat Management devices are an evolving class of network edge security platforms that incorporate and perform multiple security functions in a single appliance. The devices tested for this report all address and incorporate the following security functions: Security Function Acronym Description Firewall FW Controls and filters the flow of traffic, providing a relatively low- level barrier to protect a trusted internal network from an unsecure network (such as the Internet). Intrusion Prevention System IPS Monitors all network activity, looking for malicious behavior based on known-threat signatures, statistical anomalies, or stateful protocol analysis. If malicious or highly suspicious packets are detected, they are identified, logged, reported and, depending on IPS settings, automatically blocked from access to the internal network. Application Control AppCtrl Enforces policies regarding security and resources (network bandwidth, servers, etc.) by restricting or controlling which application traffic can pass through the UTM, usually in either direction. Security-wise, Application Control is intended to reduce occurrences of infection, attacks and malicious content. Hypertext Transfer Protocol Proxy/Antivirus HTTP Proxy/AV The security appliance is a proxy for HTTP traffic. This is where a client issues a “get” request and retrieved files are buffered in memory in the security appliance. Files are then sent to an antivirus engine that looks for viruses and removes packets containing malicious content. Proxy-based virus and content scanning is a more secure and accurate method than stream- based inspection of client/server traffic. With Proxy/AV scanning is performed during the handshake of data transfer. Hypertext Transfer Protocol Secure HTTPS The security device responds to incoming encrypted connection requests on the secure socket layer (SSL), and then actively scans and blocks packets containing malicious content, like HTTP/AV processing. The HTTPS encryption/decryption process places an appreciable load on the security device that directly impacts its overall throughput rate. Unified Threat Management UTM An all-inclusive security setting, where multiple functions are performed by the same, single security device. The functions typically include: firewall, IPS, AV, VPN (control of virtual private network tunnels), content filtering, and sensitive data loss prevention. While security is certainly important, it does place a load on network performance. This report documents the effect of security on data throughput for each UTM device. Knowing the impact security places on performance can help IT departments decide on the best fit for their business from similar network security products.
WatchGuard M270 Competitive UTM 6 DR180622E Copyright © 2018 Miercom 2 August 2018 Products Tested Product Firmware Version WatchGuard Firebox M270 Build: 12.2.B563533 (beta) Fortinet FortiGate 100E 5.6.4 B1575 Meraki MX84 13.28 SonicWall NSA 2650 6.5.1.1-42n Sophos XG 210 SFOS 17.0.0 GA MR-8 WatchGuard Firebox M270 The Firebox M270 is the latest and powerful offering in WatchGuard’s Firebox UTM series. It offers enterprise- grade security to small and mid-size businesses with eight 1-GE ports. Its firewall throughput is specified to reach a maximum of 5 Gbps. This model uses the newest generation of Intel Atom processors, with Intel Quick Assist Technology (Intel QAT) for high performance hardware-based security acceleration. This provides optimum performance of network traffic, including HTTPS content inspection and faster throughput in VPN tunnels. Supported security features include: firewall, virtual private networking with SSL and IPSec, intrusion prevention, application proxies for various protocols (HTTPS, HTTPS, SMTP, DNS and others) and antivirus. Routing is policy based, and reporting is simple. SonicWall Network Security Appliance (NSA) 2650 The SonicWall NSA 2600 is a simple but effective next generation firewall for securing small businesses, branch offices and campuses. Its eight 1-GE ports support a firewall throughput of up to 1.9 Gbps. Supported security features include: deep packet inspection firewall, stateful packet inspection firewall, application intelligence and control, intrusion prevention, antivirus, antispyware, content and URL filtering and SSL inspection.
WatchGuard M270 Competitive UTM 7 DR180622E Copyright © 2018 Miercom 2 August 2018 Fortinet FortiGate 100E The FortiGate 100E is an enterprise-grade firewall solution for unified security and policy management. There are twenty ports – 2 WAN, 1 DMZ, 1 Management, 2 High Availability, and 14 Switch ports. It is specified to provide throughput of up to 7.4 Gbps for firewall, 500 Mbps for IPS and 360 Mbps for UTM. Supported security features include: firewall policies, virtual private networking with SSL and IPSec, intrusion prevention, application control and next generation firewall. Meraki MX84 The Meraki MX84 is a UTM solution for medium sized branch office networks. This cloud-managed product includes SD-WAN capabilities and a 500 Mbps stateful firewall performance, as well as a 320 Mbps throughput UTM protection. Supported security features include: firewall policies, virtual private networking with SSL and IPSec, intrusion prevention, application control and next generation firewall. Sophos XG 210 The Sophos XG 210 firewall provides a unified management system to create policies based on user and applications for powerful network protection, with six ports to support up to 14 Gbps of firewall throughput and 1.7 Gbps next generation firewall performance. Supported security features include: firewall, virtual private networking, intrusion prevention, application control, web filtering and antivirus.
WatchGuard M270 Competitive UTM 8 DR180622E Copyright © 2018 Miercom 2 August 2018 How We Did It Miercom used hands-on testing designed to simulate real-world threat environments, providing a robust, realistic assessment of product capability and effectiveness. Testing identifies the strengths and weaknesses of each Device Under Test (DUT). The methodology was intended to validate product specifications regarding UDP, HTTP and HTTPS traffic flow processing. Realistic UDP, HTTP and HTTPS traffic flows were produced and circulated through the test network, acting as typical client-server requests and file transfers. To determine the impact of security measures on performance, each DUT was analyzed for data throughput with individual features enabled. In some cases, devices are unable to disable firewall inspection, so this fundamental security layer was tested first. This low-level process represents the highest achievable throughput for each UTM product. As additional security services are enabled, the performance is compared to the firewall throughput to determine the impact of protection. Throughput is just one useful metric when implementing network security appliances in a business environment; security is equally important. But network performance impact helps IT departments make a practical choice between similar, highly secure network appliances. Test Tools Some of the test tools featured above are used for real-time traffic generation, traffic monitoring and data capture throughout testing. During testing, the Spirent C100-S3 (v4.85) was used to generate traffic loads and collect throughput data. Source: Miercom
WatchGuard M270 Competitive UTM 9 DR180622E Copyright © 2018 Miercom 2 August 2018 Test Bed Diagram For the UDP performance test, we used Spirent Test Center; for stateful traffic, we used Spirent Avalanche. When testing the Meraki MX84, we used a switch between the trust and trusted sides of the network, as it requires cloud access to work. External client traffic was sent from the Spirent Test Center or Avalanche to each DUT using three 1-GE links to three ingress LAN ports, and server responses were received via three 1-GE links to three egress LAN ports, for a total of six interfaces. Traffic represented real-world, high-stress network activity by using client-server connections of both stateless UDP and stateful HTTP/S traffic. For initial firewall tests, stateless UDP and stateful HTTP and HTTPS traffic were used. For stateless traffic, 250 bidirectional discrete flows of UDP packets were sent on all six 1-GbE interfaces, delivering a total of 6 Gbps to and through the DUT. This was sent in two loads for two separate tests: 1. UDP with all large, 1518-byte packets 2. UDP with IMIX of 66-byte (60.7 percent), 594-byte (23.7 percent) and 1518-byte (15.7 percent) packets for a total of 10,000 packets Throughput for each DUT was observed for the maximum rate in megabits per seconds (Mbps) before a single packet was lost. Results are featured on page 11. UTM Device under Test (DUT) 1-GE links on LAN interfaces Six internal networks • UDP (1518-byte and IMIX) • 100 simulated users per interface with 100 HTTP/HTTPS GET requests per user, retrieving the same 1 MB .dat (binary) file Source: Miercom Spirent Avalanche Traffic Generator
WatchGuard M270 Competitive UTM 10 DR180622E Copyright © 2018 Miercom 2 August 2018 For stateful traffic, there were 100 users on the client side sending an HTTP GET request to download 1 MB binary .dat file from 100 simulated servers. There were 100 GET requests per user on the client side. This procedure was followed for both: 1. HTTP 2. HTTPS using ECDHE-RSA-AES128-GCM-SHA256 3. HTTPS using AES256-SHA256 for SonicWall only (does not support the above cipher suite) Throughput was observed for its maximum rate in Mbps before any transaction of file transfer failed. This testing was repeated for each DUT with additional individual security services enabled and with full UTM mode. Performance was compared to the firewall throughput to determine the effect the security service has on each DUT. Stateful throughput using HTTPS was tested with decryption capabilities enabled. However, the Sophos XG 210 required enablement of at least one security feature. In Sophos’ case, any configuration with decryption required that AV was also enabled. Therefore, HTTPS FW only performance for Sophos is not available. Additionally, the performance of HTTPS with IPS only enabled for Sophos was not available, as it would automatically require AV enablement. Cisco Meraki does not support any HTTPS decryption/proxy and was not tested. Results are detailed on pages 13-14 to maintain fair comparisons.
WatchGuard M270 Competitive UTM 11 DR180622E Copyright © 2018 Miercom 2 August 2018 Performance Testing Stateless UDP 1518-Byte and UDP IMIX Throughput This test measured the maximum rate of traffic of the security appliance under test in Mbps. Only the firewall security service was enabled since it is the most basic and fundamental service of a security appliance. For the first test, stateless bidirectional UDP 1518-byte packets were sent on all six interfaces for a maximum of 6 Gbps of traffic. Then the second stateless traffic test used bidirectional UDP IMIX traffic, wherein the packet size varied using the following distribution: 60.7 percent small packets (66-byte), 23.7 percent mid-sized packets (594-byte), and 15.7 percent large packets (1518-bytes). Chart 1: Unified Threat Management Throughput for Stateless UDP Traffic Stateless UDP traffic was generated to determine the firewall packet routing capabilities of each product. The DUT used 6x1GbE ports, where three were ingress from client to server and the other three were egress from server to client. Maximum line rate performance was 6 Gbps. For 1518-byte packets, the WatchGuard Firebox M270 achieved 94.5 percent of its expected maximum throughput of 4.96 Gbps. This UTM outperformed Fortinet by 68.3 percent and Sophos by 39.5 percent. While the Cisco Meraki achieved full line-rate performance for 1518-byte traffic, WatchGuard had the highest throughput for realistic IMIX traffic at 1.5 Gbps. 4687 1485 6000 296 1486 1317 4776 979 2835 566 0 1000 2000 3000 4000 5000 6000 1518 byte UDP IMIX UDP Watchguard Firebox M270 4687 1485 Cisco Meraki MX84 6000 296 Fortinet FortiGate 100E 1486 1317 SonicWall NSA 2650 4776 979 Sophos XG 210 2835 566 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Firewall UDP Throughput (Mbps) Source: Miercom
WatchGuard M270 Competitive UTM 12 DR180622E Copyright © 2018 Miercom 2 August 2018 Stateful Throughput (HTTP/HTTPS) Most Internet traffic uses the stateful Layer-7 application protocol HTTP to establish client-server connections over Layer-4 Transmission Control Protocol (TCP). Networks can upload and download files from the public Internet using HTTP, requiring high-level processing and inspection for malicious content. The most basic inspection is done using a firewall, with additional security services available from vendor to vendor. The most popular services include: decryption, IPS, AV and application control. The test results below reflect similar security appliances with firewall and decryption enabled as an initial test, and additional security features applied using the following configurations: 1. FW. Only the firewall was enabled to HTTP traffic stream. 2. FW + IPS. IPS was enabled, in addition to the firewall. 3. FW + AV. Web/HTTP proxy and AV processing was enabled, in addition to the firewall. Prior to the performance testing of this configuration scenario, a special test virus look- alike, called EICAR, was included in the files sent to ensure the appliance’s antivirus processing was appropriately configured, scanning files and flagging viruses. 4. FW + AV + IPS. AV and IPS were enabled, in addition to the firewall. 5. Full UTM. Where the appliance’s AV, IPS and Application Control were all concurrently enabled and applied, in addition to the firewall. The Spirent Avalanche generated increasing loads of HTTP test traffic over three pairs of interface where 100 simulated clients per interface launched 100 GET requests to 100 simulated servers, resulting in a download retrieval of 1 MB binary file. Client and server sides were separated by different LANs. Similarly, stateful HTTPS traffic loads were sent through the DUT using the configuration and test setup. The ECDHE-RSA-AES128-GCM-SHA256 encryption standards were used to secure traffic on the application layer with HTTPS, except for SonicWall as it does not support that cipher suite. We used AES256-SHA256 for SonicWall only. When the 1 MB binary file was requested, each packet was decrypted and re-encrypted before transfer. This processing was expected to place a load on the security appliance and throughput. The importance of encrypted traffic is to combat security threats, but attackers commonly use this very countermeasure to obfuscate malware until it reaches its destination. Each DUT should be capable of examining encrypted messages without severely degrading its throughput.
WatchGuard M270 Competitive UTM 13 DR180622E Copyright © 2018 Miercom 2 August 2018 Chart 2: Unified Threat Management Throughput for Stateful HTTP Traffic Stateful HTTP traffic was generated using 6x1GbE ports of each DUT. Three ports acted as the client side, requested a 1 MB data file. The remaining three ports acted as the server side, responding with the file. The throughput from the egress ports was measured for a maximum line rate performance of 3 Gbps. The WatchGuard Firebox M270 maintained the best performance with FW+AV, FW+IPS+AV and UTM security features enabled. Its highest performance was observed for the firewall feature, where vendors were expected to see their best performance, reaching nearly 2.5 Gbps. Sophos achieved line rate performance for the FW only configuration. WatchGuard showed its next best performance for FW+AV, decreasing from its highest throughput by only 19 percent. In contrast, competitive performance fell by as much as 92 percent. With UTM threat protection enabled, WatchGuard achieved over 1.2 Gbps of throughput to outperform its best competitor by 47.8 percent. 0 500 1000 1500 2000 2500 3000 FW FW+IPS FW+AV FW+IPS +AV UTM Watchguard Firebox M270 2485 1821 2003 1285 1237 Cisco Meraki MX84 200 200 200 200 200 Fortinet FortiGate 100E 2706 2475 238 192 190 SonicWall NSA 2650 1748 1186 365 356 350 Sophos XG 210 3000 1205 712 658 646 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Security Features HTTP Throughput (Mbps) Source: Miercom
WatchGuard M270 Competitive UTM 14 DR180622E Copyright © 2018 Miercom 2 August 2018 Chart 3: Unified Threat Management Throughput for Stateful HTTPS Traffic Stateful encrypted HTTPS traffic was generated using 6x1GbE ports of each DUT. As with the HTTP performance tests, the throughput from three egress ports was measured following the download of a 1 MB file from server to client. The maximum line rate was 3 Gbps. The Cisco Meraki MX84 does not support HTTPS, indicated by N/A. The Sophos XG 210 is unable to support encrypted traffic without the AV feature enabled, as reflected above. The WatchGuard Firebox M270 outperformed all vendors for every feature enabled with the firewall configuration. WatchGuard had the highest UTM performance at 661 Mbps – 11 percent higher than its best competitors and as much as 82 percent more than the SonicWall NSA 2650. 0 200 400 600 800 1000 1200 FW+IPS FW+AV FW+IPS +AV UTM Watchguard Firebox M270 1030 972 680 661 Cisco Meraki MX84 0 0 0 0 Fortinet FortiGate 100E 213 698 616 589 SonicWall NSA 2650 153 147 120 118 Sophos XG 210 0 698 616 589 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Security Features HTTPS Throughput (Mbps) Source: Miercom N/A N/A N/A N/A N/A
WatchGuard M270 Competitive UTM 15 DR180622E Copyright © 2018 Miercom 2 August 2018 About Miercom Miercom has published hundreds of network product analyses in leading trade periodicals and other publications. Miercom’s reputation as the leading, independent product test center is undisputed. Private test services available from Miercom include competitive product analyses, as well as individual product evaluations. Miercom features comprehensive certification and test programs including: Certified Interoperable, Certified Reliable, Certified Secure and Certified Green. Products may also be evaluated under the Performance Verified program, the industry’s most thorough and trusted assessment for product usability and performance. Customer Use and Evaluation We encourage customers to do their own product trials, as tests are based on the average environment and do not reflect every possible deployment scenario. We offer consulting services and engineering assistance for any customer who wishes to perform an on-site evaluation. In some cases, we had previously observed better performance throughput for some of the vendors’ products tested, but the environment, including different firmware versions, test tools and traffic composition, was different. Use of This Report Every effort was made to ensure the accuracy of the data contained in this report but errors and/or oversights can occur. The information documented in this report may also rely on various test tools, the accuracy of which is beyond our control. Furthermore, the document relies on certain representations by the vendors that were reasonably verified by Miercom but beyond our control to verify to 100 percent certainty. This document is provided “as is,” by Miercom and gives no warranty, representation or undertaking, whether express or implied, and accepts no legal responsibility, whether direct or indirect, for the accuracy, completeness, usefulness or suitability of any information contained in this report. All trademarks used in the document are owned by their respective owners. You agree not to use any trademark in or as the whole or part of your own trademarks in connection with any activities, products or services which are not ours, or in a manner which may be confusing, misleading or deceptive or in a manner that disparages us or our information, projects or developments. © 2018 Miercom. All Rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the authors. Please email reviews@miercom.com for additional information.

Recomendados

Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
Kaveh Khosravi
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
Jimmy Saigon
 
1500024 en
1500024 en1500024 en
1500024 en
Alber Louis
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - SigfoxMake things come alive in a secure way - Sigfox
Make things come alive in a secure way - Sigfox
Sigfox
 
Fortinet, держи марку!
Fortinet, держи марку!Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
 
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
NAIM Networks, Inc.
 
AGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldAGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real World
Cisco Russia
 

Recomendados

Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
Kaveh Khosravi
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
Jimmy Saigon
 
1500024 en
1500024 en1500024 en
1500024 en
Alber Louis
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - SigfoxMake things come alive in a secure way - Sigfox
Make things come alive in a secure way - Sigfox
Sigfox
 
Fortinet, держи марку!
Fortinet, держи марку!Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
 
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
[이동식 원격 데이터센터 컨퍼런스] 이동식 원격 데이터센터의 군 활용-국방대 권태욱 교수
NAIM Networks, Inc.
 
AGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldAGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real World
Cisco Russia
 
Ds nsa series_4500
Ds nsa series_4500Ds nsa series_4500
Ds nsa series_4500
Yustinus Malawau
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewalls
Sapna Kumari
 
Kaspersky Kesb ep10 no_cm_v01a
Kaspersky Kesb ep10 no_cm_v01aKaspersky Kesb ep10 no_cm_v01a
Kaspersky Kesb ep10 no_cm_v01a
Igor Pandzic
 
Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
Abdullah Deeb
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
Julian Ernesto Martinez Oliva
 
How to use mtr 2
How to use mtr 2How to use mtr 2
How to use mtr 2
Eduardo Narvaez
 
Firewall
FirewallFirewall
Firewall
Apo
 
checkpoint
checkpointcheckpoint
checkpoint
Mayank Dhingra
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
 
Network and network security
Network and network securityNetwork and network security
Network and network security
Ruchi Gupta
 
High end security for low-end microcontrollers
High end security for low-end microcontrollersHigh end security for low-end microcontrollers
High end security for low-end microcontrollers
Milosch Meriac
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
 
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
Kaspersky
 
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADARITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
csandit
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architecture
ijsrd.com
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
ShilaThak
 
Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija ppt
Girija Sankar Dash
 
Security technology
Security technologySecurity technology
Security technology
Praveen Kumar V
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
L. Duke Golden
 
Utm
UtmUtm
Utm
Abhishek Srivastava
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 

Mais conteúdo relacionado

Mais procurados

network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewalls
Sapna Kumari
 
Firewall
FirewallFirewall
Firewall
Apo
 
Network and network security
Network and network securityNetwork and network security
Network and network security
Ruchi Gupta
 
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADARITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
csandit
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architecture
ijsrd.com
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
ShilaThak
 

Mais procurados (20)

Ds nsa series_4500
Ds nsa series_4500Ds nsa series_4500
Ds nsa series_4500
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewalls
 
Kaspersky Kesb ep10 no_cm_v01a
Kaspersky Kesb ep10 no_cm_v01aKaspersky Kesb ep10 no_cm_v01a
Kaspersky Kesb ep10 no_cm_v01a
 
Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
How to use mtr 2
How to use mtr 2How to use mtr 2
How to use mtr 2
 
Firewall
FirewallFirewall
Firewall
 
checkpoint
checkpointcheckpoint
checkpoint
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
Network and network security
Network and network securityNetwork and network security
Network and network security
 
High end security for low-end microcontrollers
High end security for low-end microcontrollersHigh end security for low-end microcontrollers
High end security for low-end microcontrollers
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
 
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
 
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADARITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
 
Next Generation Network: Security and Architecture
Next Generation Network: Security and ArchitectureNext Generation Network: Security and Architecture
Next Generation Network: Security and Architecture
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
 
Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija ppt
 
Security technology
Security technologySecurity technology
Security technology
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
 

Semelhante a Miercom Unified Threat Management Report - WatchGuard M270

Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 
Unlocking the Promise of UTM Protection
Unlocking the Promise of UTM ProtectionUnlocking the Promise of UTM Protection
Unlocking the Promise of UTM Protection
Kerry Desberg
 
CyberoamNGSeriesUTMBrochure
CyberoamNGSeriesUTMBrochureCyberoamNGSeriesUTMBrochure
CyberoamNGSeriesUTMBrochure
bakar kazmi
 

Semelhante a Miercom Unified Threat Management Report - WatchGuard M270 (20)

Utm
UtmUtm
Utm
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
 
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalA guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
 
CONSULTCORP- CYBEROAM CR50ING
CONSULTCORP- CYBEROAM CR50INGCONSULTCORP- CYBEROAM CR50ING
CONSULTCORP- CYBEROAM CR50ING
 
fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeur
 
Bizhub v care security white paper version 2
Bizhub v care security white paper version 2Bizhub v care security white paper version 2
Bizhub v care security white paper version 2
 
CONSULTCORP CYBEROAM CR200ING
CONSULTCORP CYBEROAM CR200INGCONSULTCORP CYBEROAM CR200ING
CONSULTCORP CYBEROAM CR200ING
 
Unlocking the Promise of UTM Protection
Unlocking the Promise of UTM ProtectionUnlocking the Promise of UTM Protection
Unlocking the Promise of UTM Protection
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
 
Note8
Note8Note8
Note8
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
CONSULTCORP CYBEROAM CR300ING
CONSULTCORP CYBEROAM CR300INGCONSULTCORP CYBEROAM CR300ING
CONSULTCORP CYBEROAM CR300ING
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
 
CONSULTCORP- CYBEROAM CR35ING
CONSULTCORP- CYBEROAM CR35INGCONSULTCORP- CYBEROAM CR35ING
CONSULTCORP- CYBEROAM CR35ING
 
Elevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdfElevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdf
 
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall InnovationChrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
 
NGFW - An Updated Overview
NGFW - An Updated Overview NGFW - An Updated Overview
NGFW - An Updated Overview
 
MMPL Watchguard overview
MMPL Watchguard overviewMMPL Watchguard overview
MMPL Watchguard overview
 
CyberoamNGSeriesUTMBrochure
CyberoamNGSeriesUTMBrochureCyberoamNGSeriesUTMBrochure
CyberoamNGSeriesUTMBrochure
 

Mais de BAKOTECH

F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложенийF5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложений
BAKOTECH
 
WatchGuard Internet Security Report
WatchGuard Internet Security ReportWatchGuard Internet Security Report
WatchGuard Internet Security Report
BAKOTECH
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от Ixia
BAKOTECH
 
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIACloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIA
BAKOTECH
 
Network Visibility for Dummies
Network Visibility for DummiesNetwork Visibility for Dummies
Network Visibility for Dummies
BAKOTECH
 
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии
BAKOTECH
 

Mais de BAKOTECH (20)

SOAR
SOARSOAR
SOAR
 
Upd pci compliance
Upd pci compliance Upd pci compliance
Upd pci compliance
 
Threat Detection & Response
Threat Detection & ResponseThreat Detection & Response
Threat Detection & Response
 
WatchGuard SD-WAN
WatchGuard SD-WAN WatchGuard SD-WAN
WatchGuard SD-WAN
 
WatchGuard WIPS
WatchGuard WIPSWatchGuard WIPS
WatchGuard WIPS
 
WatchGuard Authpoint
WatchGuard Authpoint WatchGuard Authpoint
WatchGuard Authpoint
 
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
 
F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложенийF5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложений
 
WatchGuard Internet Security Report
WatchGuard Internet Security ReportWatchGuard Internet Security Report
WatchGuard Internet Security Report
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от Ixia
 
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIACloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIA
 
Network Visibility for Dummies
Network Visibility for DummiesNetwork Visibility for Dummies
Network Visibility for Dummies
 
SIEM for Beginners
SIEM for BeginnersSIEM for Beginners
SIEM for Beginners
 
SIEM для чайников
SIEM для чайниковSIEM для чайников
SIEM для чайников
 
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии
 
Надежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТНадежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТ
 
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
 
Внутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveITВнутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveIT
 
Обзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов OracleОбзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов Oracle
 
Toad for Oracle для разработчиков – обзор, советы и скрытые возможности
Toad for Oracle для разработчиков – обзор, советы и скрытые возможностиToad for Oracle для разработчиков – обзор, советы и скрытые возможности
Toad for Oracle для разработчиков – обзор, советы и скрытые возможности
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Último (20)

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Miercom Unified Threat Management Report - WatchGuard M270

  • 1. Unified Threat Management Comparative Throughput Performance WatchGuard Firebox M270 Cisco Meraki MX84 Fortinet FortiGate 100E SonicWall NSA 2650 Sophos XG 210 2 August 2018 DR180622E Miercom.com www.miercom.com
  • 2. WatchGuard M270 Competitive UTM 2 DR180622E Copyright © 2018 Miercom 2 August 2018 Contents Executive Summary.................................................................................................................3 Introduction...............................................................................................................................5 Products Tested........................................................................................................................6 How We Did It ..........................................................................................................................8 Test Tools................................................................................................................................8 Test Bed Diagram ................................................................................................................9 Performance Testing...........................................................................................................11 Stateless UDP 1518-Byte and UDP IMIX Throughput ....................................... 11 Stateful Throughput (HTTP/HTTPS) ..........................................................................12 About Miercom.....................................................................................................................15 Customer Use and Evaluation.........................................................................................15 Use of This Report................................................................................................................15
  • 3. WatchGuard M270 Competitive UTM 3 DR180622E Copyright © 2018 Miercom 2 August 2018 Executive Summary Unified Threat Management (UTM) appliances are a consolidated security product with routing, firewall, intrusion prevention, antivirus, Virtual Private Network (VPN) and other protective measures for small to mid-size business networks. While these devices carry the power and functionality of a next generation firewall and secure web gateway, the performance has traditionally been impacted by intensive traffic processing. By testing performance of across a variety of UTM products, it creates an objective view of processing advantages and shortfalls, thereby allowing manufacturers to best optimize their products. Miercom was engaged by WatchGuard Technologies, Inc. to conduct an independent, comparative performance assessment of its Firebox M270 against similar leading UTM network security appliances: Cisco Meraki MX84, Fortinet FortiGate 100E, SonicWall NSA 2650 and Sophos XG 210. All products were exposed to increasing traffic loads, with different protocols, while evaluating the impact on network performance. When identifying competitive equipment for this report, selected rack mount appliances were those closest in price (MSRP) to the Firebox M270. In each case this required models to be included that had a closer equivalent price to the WatchGuard Firebox M370. Product comparisons were made using the following scenarios: firewall, additional security features and full UTM mode. Firewall performance measured transport and application network layer traffic. Then security features were individually enabled to evaluate the impact on performance for HTTP and HTTPS loads. Finally, the full set of security functions was enabled (firewall, intrusion prevention system, antivirus and application control) over HTTP and HTTPS. Key M270 Performance Findings • Outperforms more costly competitors’ models with security running • Highest realistic IMIX UDP performance of 1.5 Gbps and 4.7 Gbps for 1518-byte frames • Highest UTM HTTP throughput at 1.2 Gbps, outperforming vendors by at least 48% • Superior encrypted UTM throughput at 661 Mbps, surpassing closest competitor by 11%
  • 4. WatchGuard M270 Competitive UTM 4 DR180622E Copyright © 2018 Miercom 2 August 2018 Based on results of our testing, the WatchGuard Firebox M270 displayed exceptional performance, outperforming its competitors for stateless and stateful traffic throughput scenarios with different firewall features enabled. Its high-rate performance with security features enabled earns it the Miercom Performance Verified certification. Robert Smithers CEO Miercom
  • 5. WatchGuard M270 Competitive UTM 5 DR180622E Copyright © 2018 Miercom 2 August 2018 Introduction Unified Threat Management devices are an evolving class of network edge security platforms that incorporate and perform multiple security functions in a single appliance. The devices tested for this report all address and incorporate the following security functions: Security Function Acronym Description Firewall FW Controls and filters the flow of traffic, providing a relatively low- level barrier to protect a trusted internal network from an unsecure network (such as the Internet). Intrusion Prevention System IPS Monitors all network activity, looking for malicious behavior based on known-threat signatures, statistical anomalies, or stateful protocol analysis. If malicious or highly suspicious packets are detected, they are identified, logged, reported and, depending on IPS settings, automatically blocked from access to the internal network. Application Control AppCtrl Enforces policies regarding security and resources (network bandwidth, servers, etc.) by restricting or controlling which application traffic can pass through the UTM, usually in either direction. Security-wise, Application Control is intended to reduce occurrences of infection, attacks and malicious content. Hypertext Transfer Protocol Proxy/Antivirus HTTP Proxy/AV The security appliance is a proxy for HTTP traffic. This is where a client issues a “get” request and retrieved files are buffered in memory in the security appliance. Files are then sent to an antivirus engine that looks for viruses and removes packets containing malicious content. Proxy-based virus and content scanning is a more secure and accurate method than stream- based inspection of client/server traffic. With Proxy/AV scanning is performed during the handshake of data transfer. Hypertext Transfer Protocol Secure HTTPS The security device responds to incoming encrypted connection requests on the secure socket layer (SSL), and then actively scans and blocks packets containing malicious content, like HTTP/AV processing. The HTTPS encryption/decryption process places an appreciable load on the security device that directly impacts its overall throughput rate. Unified Threat Management UTM An all-inclusive security setting, where multiple functions are performed by the same, single security device. The functions typically include: firewall, IPS, AV, VPN (control of virtual private network tunnels), content filtering, and sensitive data loss prevention. While security is certainly important, it does place a load on network performance. This report documents the effect of security on data throughput for each UTM device. Knowing the impact security places on performance can help IT departments decide on the best fit for their business from similar network security products.
  • 6. WatchGuard M270 Competitive UTM 6 DR180622E Copyright © 2018 Miercom 2 August 2018 Products Tested Product Firmware Version WatchGuard Firebox M270 Build: 12.2.B563533 (beta) Fortinet FortiGate 100E 5.6.4 B1575 Meraki MX84 13.28 SonicWall NSA 2650 6.5.1.1-42n Sophos XG 210 SFOS 17.0.0 GA MR-8 WatchGuard Firebox M270 The Firebox M270 is the latest and powerful offering in WatchGuard’s Firebox UTM series. It offers enterprise- grade security to small and mid-size businesses with eight 1-GE ports. Its firewall throughput is specified to reach a maximum of 5 Gbps. This model uses the newest generation of Intel Atom processors, with Intel Quick Assist Technology (Intel QAT) for high performance hardware-based security acceleration. This provides optimum performance of network traffic, including HTTPS content inspection and faster throughput in VPN tunnels. Supported security features include: firewall, virtual private networking with SSL and IPSec, intrusion prevention, application proxies for various protocols (HTTPS, HTTPS, SMTP, DNS and others) and antivirus. Routing is policy based, and reporting is simple. SonicWall Network Security Appliance (NSA) 2650 The SonicWall NSA 2600 is a simple but effective next generation firewall for securing small businesses, branch offices and campuses. Its eight 1-GE ports support a firewall throughput of up to 1.9 Gbps. Supported security features include: deep packet inspection firewall, stateful packet inspection firewall, application intelligence and control, intrusion prevention, antivirus, antispyware, content and URL filtering and SSL inspection.
  • 7. WatchGuard M270 Competitive UTM 7 DR180622E Copyright © 2018 Miercom 2 August 2018 Fortinet FortiGate 100E The FortiGate 100E is an enterprise-grade firewall solution for unified security and policy management. There are twenty ports – 2 WAN, 1 DMZ, 1 Management, 2 High Availability, and 14 Switch ports. It is specified to provide throughput of up to 7.4 Gbps for firewall, 500 Mbps for IPS and 360 Mbps for UTM. Supported security features include: firewall policies, virtual private networking with SSL and IPSec, intrusion prevention, application control and next generation firewall. Meraki MX84 The Meraki MX84 is a UTM solution for medium sized branch office networks. This cloud-managed product includes SD-WAN capabilities and a 500 Mbps stateful firewall performance, as well as a 320 Mbps throughput UTM protection. Supported security features include: firewall policies, virtual private networking with SSL and IPSec, intrusion prevention, application control and next generation firewall. Sophos XG 210 The Sophos XG 210 firewall provides a unified management system to create policies based on user and applications for powerful network protection, with six ports to support up to 14 Gbps of firewall throughput and 1.7 Gbps next generation firewall performance. Supported security features include: firewall, virtual private networking, intrusion prevention, application control, web filtering and antivirus.
  • 8. WatchGuard M270 Competitive UTM 8 DR180622E Copyright © 2018 Miercom 2 August 2018 How We Did It Miercom used hands-on testing designed to simulate real-world threat environments, providing a robust, realistic assessment of product capability and effectiveness. Testing identifies the strengths and weaknesses of each Device Under Test (DUT). The methodology was intended to validate product specifications regarding UDP, HTTP and HTTPS traffic flow processing. Realistic UDP, HTTP and HTTPS traffic flows were produced and circulated through the test network, acting as typical client-server requests and file transfers. To determine the impact of security measures on performance, each DUT was analyzed for data throughput with individual features enabled. In some cases, devices are unable to disable firewall inspection, so this fundamental security layer was tested first. This low-level process represents the highest achievable throughput for each UTM product. As additional security services are enabled, the performance is compared to the firewall throughput to determine the impact of protection. Throughput is just one useful metric when implementing network security appliances in a business environment; security is equally important. But network performance impact helps IT departments make a practical choice between similar, highly secure network appliances. Test Tools Some of the test tools featured above are used for real-time traffic generation, traffic monitoring and data capture throughout testing. During testing, the Spirent C100-S3 (v4.85) was used to generate traffic loads and collect throughput data. Source: Miercom
  • 9. WatchGuard M270 Competitive UTM 9 DR180622E Copyright © 2018 Miercom 2 August 2018 Test Bed Diagram For the UDP performance test, we used Spirent Test Center; for stateful traffic, we used Spirent Avalanche. When testing the Meraki MX84, we used a switch between the trust and trusted sides of the network, as it requires cloud access to work. External client traffic was sent from the Spirent Test Center or Avalanche to each DUT using three 1-GE links to three ingress LAN ports, and server responses were received via three 1-GE links to three egress LAN ports, for a total of six interfaces. Traffic represented real-world, high-stress network activity by using client-server connections of both stateless UDP and stateful HTTP/S traffic. For initial firewall tests, stateless UDP and stateful HTTP and HTTPS traffic were used. For stateless traffic, 250 bidirectional discrete flows of UDP packets were sent on all six 1-GbE interfaces, delivering a total of 6 Gbps to and through the DUT. This was sent in two loads for two separate tests: 1. UDP with all large, 1518-byte packets 2. UDP with IMIX of 66-byte (60.7 percent), 594-byte (23.7 percent) and 1518-byte (15.7 percent) packets for a total of 10,000 packets Throughput for each DUT was observed for the maximum rate in megabits per seconds (Mbps) before a single packet was lost. Results are featured on page 11. UTM Device under Test (DUT) 1-GE links on LAN interfaces Six internal networks • UDP (1518-byte and IMIX) • 100 simulated users per interface with 100 HTTP/HTTPS GET requests per user, retrieving the same 1 MB .dat (binary) file Source: Miercom Spirent Avalanche Traffic Generator
  • 10. WatchGuard M270 Competitive UTM 10 DR180622E Copyright © 2018 Miercom 2 August 2018 For stateful traffic, there were 100 users on the client side sending an HTTP GET request to download 1 MB binary .dat file from 100 simulated servers. There were 100 GET requests per user on the client side. This procedure was followed for both: 1. HTTP 2. HTTPS using ECDHE-RSA-AES128-GCM-SHA256 3. HTTPS using AES256-SHA256 for SonicWall only (does not support the above cipher suite) Throughput was observed for its maximum rate in Mbps before any transaction of file transfer failed. This testing was repeated for each DUT with additional individual security services enabled and with full UTM mode. Performance was compared to the firewall throughput to determine the effect the security service has on each DUT. Stateful throughput using HTTPS was tested with decryption capabilities enabled. However, the Sophos XG 210 required enablement of at least one security feature. In Sophos’ case, any configuration with decryption required that AV was also enabled. Therefore, HTTPS FW only performance for Sophos is not available. Additionally, the performance of HTTPS with IPS only enabled for Sophos was not available, as it would automatically require AV enablement. Cisco Meraki does not support any HTTPS decryption/proxy and was not tested. Results are detailed on pages 13-14 to maintain fair comparisons.
  • 11. WatchGuard M270 Competitive UTM 11 DR180622E Copyright © 2018 Miercom 2 August 2018 Performance Testing Stateless UDP 1518-Byte and UDP IMIX Throughput This test measured the maximum rate of traffic of the security appliance under test in Mbps. Only the firewall security service was enabled since it is the most basic and fundamental service of a security appliance. For the first test, stateless bidirectional UDP 1518-byte packets were sent on all six interfaces for a maximum of 6 Gbps of traffic. Then the second stateless traffic test used bidirectional UDP IMIX traffic, wherein the packet size varied using the following distribution: 60.7 percent small packets (66-byte), 23.7 percent mid-sized packets (594-byte), and 15.7 percent large packets (1518-bytes). Chart 1: Unified Threat Management Throughput for Stateless UDP Traffic Stateless UDP traffic was generated to determine the firewall packet routing capabilities of each product. The DUT used 6x1GbE ports, where three were ingress from client to server and the other three were egress from server to client. Maximum line rate performance was 6 Gbps. For 1518-byte packets, the WatchGuard Firebox M270 achieved 94.5 percent of its expected maximum throughput of 4.96 Gbps. This UTM outperformed Fortinet by 68.3 percent and Sophos by 39.5 percent. While the Cisco Meraki achieved full line-rate performance for 1518-byte traffic, WatchGuard had the highest throughput for realistic IMIX traffic at 1.5 Gbps. 4687 1485 6000 296 1486 1317 4776 979 2835 566 0 1000 2000 3000 4000 5000 6000 1518 byte UDP IMIX UDP Watchguard Firebox M270 4687 1485 Cisco Meraki MX84 6000 296 Fortinet FortiGate 100E 1486 1317 SonicWall NSA 2650 4776 979 Sophos XG 210 2835 566 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Firewall UDP Throughput (Mbps) Source: Miercom
  • 12. WatchGuard M270 Competitive UTM 12 DR180622E Copyright © 2018 Miercom 2 August 2018 Stateful Throughput (HTTP/HTTPS) Most Internet traffic uses the stateful Layer-7 application protocol HTTP to establish client-server connections over Layer-4 Transmission Control Protocol (TCP). Networks can upload and download files from the public Internet using HTTP, requiring high-level processing and inspection for malicious content. The most basic inspection is done using a firewall, with additional security services available from vendor to vendor. The most popular services include: decryption, IPS, AV and application control. The test results below reflect similar security appliances with firewall and decryption enabled as an initial test, and additional security features applied using the following configurations: 1. FW. Only the firewall was enabled to HTTP traffic stream. 2. FW + IPS. IPS was enabled, in addition to the firewall. 3. FW + AV. Web/HTTP proxy and AV processing was enabled, in addition to the firewall. Prior to the performance testing of this configuration scenario, a special test virus look- alike, called EICAR, was included in the files sent to ensure the appliance’s antivirus processing was appropriately configured, scanning files and flagging viruses. 4. FW + AV + IPS. AV and IPS were enabled, in addition to the firewall. 5. Full UTM. Where the appliance’s AV, IPS and Application Control were all concurrently enabled and applied, in addition to the firewall. The Spirent Avalanche generated increasing loads of HTTP test traffic over three pairs of interface where 100 simulated clients per interface launched 100 GET requests to 100 simulated servers, resulting in a download retrieval of 1 MB binary file. Client and server sides were separated by different LANs. Similarly, stateful HTTPS traffic loads were sent through the DUT using the configuration and test setup. The ECDHE-RSA-AES128-GCM-SHA256 encryption standards were used to secure traffic on the application layer with HTTPS, except for SonicWall as it does not support that cipher suite. We used AES256-SHA256 for SonicWall only. When the 1 MB binary file was requested, each packet was decrypted and re-encrypted before transfer. This processing was expected to place a load on the security appliance and throughput. The importance of encrypted traffic is to combat security threats, but attackers commonly use this very countermeasure to obfuscate malware until it reaches its destination. Each DUT should be capable of examining encrypted messages without severely degrading its throughput.
  • 13. WatchGuard M270 Competitive UTM 13 DR180622E Copyright © 2018 Miercom 2 August 2018 Chart 2: Unified Threat Management Throughput for Stateful HTTP Traffic Stateful HTTP traffic was generated using 6x1GbE ports of each DUT. Three ports acted as the client side, requested a 1 MB data file. The remaining three ports acted as the server side, responding with the file. The throughput from the egress ports was measured for a maximum line rate performance of 3 Gbps. The WatchGuard Firebox M270 maintained the best performance with FW+AV, FW+IPS+AV and UTM security features enabled. Its highest performance was observed for the firewall feature, where vendors were expected to see their best performance, reaching nearly 2.5 Gbps. Sophos achieved line rate performance for the FW only configuration. WatchGuard showed its next best performance for FW+AV, decreasing from its highest throughput by only 19 percent. In contrast, competitive performance fell by as much as 92 percent. With UTM threat protection enabled, WatchGuard achieved over 1.2 Gbps of throughput to outperform its best competitor by 47.8 percent. 0 500 1000 1500 2000 2500 3000 FW FW+IPS FW+AV FW+IPS +AV UTM Watchguard Firebox M270 2485 1821 2003 1285 1237 Cisco Meraki MX84 200 200 200 200 200 Fortinet FortiGate 100E 2706 2475 238 192 190 SonicWall NSA 2650 1748 1186 365 356 350 Sophos XG 210 3000 1205 712 658 646 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Security Features HTTP Throughput (Mbps) Source: Miercom
  • 14. WatchGuard M270 Competitive UTM 14 DR180622E Copyright © 2018 Miercom 2 August 2018 Chart 3: Unified Threat Management Throughput for Stateful HTTPS Traffic Stateful encrypted HTTPS traffic was generated using 6x1GbE ports of each DUT. As with the HTTP performance tests, the throughput from three egress ports was measured following the download of a 1 MB file from server to client. The maximum line rate was 3 Gbps. The Cisco Meraki MX84 does not support HTTPS, indicated by N/A. The Sophos XG 210 is unable to support encrypted traffic without the AV feature enabled, as reflected above. The WatchGuard Firebox M270 outperformed all vendors for every feature enabled with the firewall configuration. WatchGuard had the highest UTM performance at 661 Mbps – 11 percent higher than its best competitors and as much as 82 percent more than the SonicWall NSA 2650. 0 200 400 600 800 1000 1200 FW+IPS FW+AV FW+IPS +AV UTM Watchguard Firebox M270 1030 972 680 661 Cisco Meraki MX84 0 0 0 0 Fortinet FortiGate 100E 213 698 616 589 SonicWall NSA 2650 153 147 120 118 Sophos XG 210 0 698 616 589 Throughput(Mbps) WatchGuard Firebox M270 Unified Threat Management Competitive Security Features HTTPS Throughput (Mbps) Source: Miercom N/A N/A N/A N/A N/A
  • 15. WatchGuard M270 Competitive UTM 15 DR180622E Copyright © 2018 Miercom 2 August 2018 About Miercom Miercom has published hundreds of network product analyses in leading trade periodicals and other publications. Miercom’s reputation as the leading, independent product test center is undisputed. Private test services available from Miercom include competitive product analyses, as well as individual product evaluations. Miercom features comprehensive certification and test programs including: Certified Interoperable, Certified Reliable, Certified Secure and Certified Green. Products may also be evaluated under the Performance Verified program, the industry’s most thorough and trusted assessment for product usability and performance. Customer Use and Evaluation We encourage customers to do their own product trials, as tests are based on the average environment and do not reflect every possible deployment scenario. We offer consulting services and engineering assistance for any customer who wishes to perform an on-site evaluation. In some cases, we had previously observed better performance throughput for some of the vendors’ products tested, but the environment, including different firmware versions, test tools and traffic composition, was different. Use of This Report Every effort was made to ensure the accuracy of the data contained in this report but errors and/or oversights can occur. The information documented in this report may also rely on various test tools, the accuracy of which is beyond our control. Furthermore, the document relies on certain representations by the vendors that were reasonably verified by Miercom but beyond our control to verify to 100 percent certainty. This document is provided “as is,” by Miercom and gives no warranty, representation or undertaking, whether express or implied, and accepts no legal responsibility, whether direct or indirect, for the accuracy, completeness, usefulness or suitability of any information contained in this report. All trademarks used in the document are owned by their respective owners. You agree not to use any trademark in or as the whole or part of your own trademarks in connection with any activities, products or services which are not ours, or in a manner which may be confusing, misleading or deceptive or in a manner that disparages us or our information, projects or developments. © 2018 Miercom. All Rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the authors. Please email reviews@miercom.com for additional information.