introducing watchguard dimension. oceans of log data the 3 dimensions of big data volume –“log...
TRANSCRIPT
Introducing WatchGuard Dimension
Oceans of Log DataThe 3 Dimensions of Big Data
• Volume– “Log Everything - Storage is Cheap”– Becomes too much data – Hiding what's important– Retention can be years – Required by regulation
• VarietyTranslating large volumes of disparate information
into decisions - FW, AV, IPS, Content Control, etc…
• VelocityThe speed at which the data is created, stored, analyzed and visualized.
Top 5 Reasons for Logging
80% of respondents collect logs from firewalls
• Detect / Track suspicious behavior • Support Forensics analysis and correlation• Prevent incidents• Meet / Prove Compliance• Detect advanced Persistent threat style Malware
Sorting Through the NoiseSANS Eighth Annual 2012 Log and Event Management Survey Results
Top 3 Challenges with Logs
• Key events from normal background activity• Correlation of information from multiple sources • Lack of analytics capabilities
35% of respondents spend ZERO time reviewing logs
ONLY 24% of respondents review logs as a normal part of work flow
Gap Between Logging and Security
In 66% of cases, the breach wasn’t discovered for months or even years.
1% of breaches discovered bylog analysis
Executive Summary – 2013 Verizon Data Breach Investigation Report
Making Better Decisions
Business leaders are using new tools to analyze and run their business.
Why not do the same for security?
WatchGuard DimensionBrings big data visibility to network security
• How many viruses were blocked? • Were intrusion attempts stopped? • Is private data leaking from our
company? • How effective is our anti-spam solution? • Who is using the most bandwidth?• Which applications are using the most
bandwidth?• What sites has a particular user visited?• What applications does a user use?
“Zero Install” – flexible deployment options
Simply import a virtual appliance
• ONE INSTALL Includes OS, database, utilities, and WatchGuard server software
Private Cloud
Public Cloud
OR
Download WatchGuard Diemsion from your WatchGuard Account to start seeing what you are missing
Configure the Firewall to Send Messages• Set the same log encryption key
as used on WatchGuard Dimension
• Enable Logging for All Policies You Want Visibility
• Enable Enhanced Logging for Proxies
DemoDrill down into
detail information about domains
Or Users …
Or Web Categories …
WatchGuard DimensionBETTER VISIBILITY, STRONGER SECURITY
User Defined Access
Create and Email Reports
View Groups Of Firewalls…
View Individual Firewalls
WatchGuard DimensionBETTER VISIBILITY, STRONGER SECURITY
Drill down into detail information about domains
or users…
or web categories…
WatchGuard DimensionBETTER VISIBILITY, STRONGER SECURITY
Identify the user that is taking all of the bandwidthIdentify the user
and all the applications that he is using
WatchGuard DimensionBETTER VISIBILITY, STRONGER SECURITY
Identify policy violations