If you have any of the XTM series of firewalls manufactured by WatchGuard, plan to replace them as all XTM models are in the process of being phased out. End of life for this hardware means that soon there won’t be any support or replacement parts from the manufacturer, and software updates will stop.
Using old technology isn’t a great idea for many reasons. When equipment goes out of support, the manufacturer won’t be able to help or provide spare parts if something breaks.
Vulnerabilities are eventually exposed in software that is not consistently updated and patched. That means that even if the hardware keeps working, the firewall won’t be able to serve its ultimate purpose as a security barrier if newly discovered holes in the software can be exploited.
Advanced Security Tools in Modern Firewalls
When it comes to your WatchGuard XTM firewall, updating to the next generation of models will not only help you maintain the security layer that it’s intended to provide, it will give you added benefits that are built into the new models.
There has been a dramatic change in the tools that are available on the new models of WatchGuard firewalls which takes their capability light years beyond what the XTM series is capable of.
Predator Protection from Endpoint Detection and Response
One of the best new tools included in modern firewalls is Endpoint Detection and Response (EDR). EDR acts like a real-time sensor for your computers and your network.
Think of it this way – your old firewall locked the doors to prevent predators from invading your network. A firewall with EDR locks all the doors and posts armed guards to monitor the perimeter of your property.
How Traditional Firewalls Work
The original purpose of a firewall was to allow certain kinds of traffic into your network, and block undesirable traffic. The firewall was programmed to recognize which traffic is allowed and which is not, and the list of suspicious traffic grew as the software received updates from the manufacturer.
This worked because the list of suspicious traffic was kept current through software updates. The flaw in this process is that it’s always been possible for a new exploit that wasn’t on the list to sneak through the firewall.
Enter EDR.
EDR Defends the Good Guys in the Cyber Arms Race
There’s an arms race going on in the cyber world that we can’t see. Cyber criminals are continually developing new ways to make money by going after your data via fraud, kidnapping, and theft.
The cyber good guys are continually developing new ways to thwart the bad guys and Endpoint Detection and Response technology is, to date, one of the best tools that organizations can use to defend against cyber predators.
How Endpoint Detection and Response Works
When it’s activated, EDR puts a program on each computer that is on your network. The program scans each computer in real-time looking for behavior that isn’t normal for that particular machine. It establishes a baseline for the normal types of traffic that it sees so that it can recognize what’s not normal.
When the EDR program identifies something that’s suspicious – like a website that the user has never been to, or a program that no one in the company has ever run – it’s going to shut down either a particular action or the whole computer in order to isolate the threat and stop it from doing any damage.
EDR Added to Firewall Capabilities to Meet Evolving Threats
Say that someone in your company gets an email that is intended to deliver a cryptovirus that will capture and encrypt all of your data. What the cyber criminal wants to happen is for the recipients to click on a link in the email. The link sends them to a website where the virus is downloaded. The infection immediately spreads from one user to your whole network and you’ve got a big problem on your hands.
In this scenario, the cyber criminals might be putting up multiple new websites each day in order to bypass firewalls. (Recall that traditional firewalls need to get information about suspicious websites in order to block them.) With modern firewalls like the next generation of WatchGuard equipment, this tactic doesn’t work anymore because EDR will identify the website as suspicious.
Crypto viruses are just one example of cyber attacks that your firewall with EDR can defend against. Modern firewalls with tools like EDR can stop a whole range of unwanted activities from hacking and zombie attacks, to preventing any of your computers from becoming a piece of a botnet.
What to Do if You Have a WatchGuard XTM Firewall
You can find out exactly when your WatchGuard XTM series firewall is going out of support on the WatchGuard website. Depending on the model you have, you may have some time to plan for your upgrade but the longer you wait, the more your cyber risk will increase.
If you haven’t considered a managed firewall in the past, now might be the right time. With a managed firewall, you lease the hardware instead of purchasing it, so you never have to worry about replacing the hardware again. The hardware will be swapped out automatically when it reaches the end of its usable life, giving you a predictable budget and the peace of mind that you’re always up to date.
Here at Accent, we work with companies to not only assure that they’re using the right hardware and software that will defend against cyber attacks, we make sure that their level of security matches up with their level of risk.
Get in touch to schedule an IT Risk and Security Assessment, and get an objective view of how your IT team is managing security.