• United States
Executive Editor

WatchGuard to bring Firebox and Vclass closer together

Mar 06, 20032 mins

* WatchGuard rolls out 12-month roadmap for Firebox and Vclass

WatchGuard has laid out a roadmap for the next year that will bring its two product lines, Firebox and Vclass, closer to a common set of features.

The two lines are based on separate hardware platforms: the older Firebox is built on Intel platforms, and Vclass is developed on the RapidCore ASICS that came to WatchGuard when it acquired RapidStream.

Currently, the Vclass gear lacks application-layer security features found on Fireboxes. These include a proxy that terminates TCP sessions and can filter them at the application layer for file types or strings of words that might be a virus signature. They also include finding and dropping traffic, such as protocol anomalies that might signal an intrusion.

Another feature, intelligent command mapping, streamlines protocol commands to drop unnecessary chatter. For example, SMTP requires only six commands, but actually contains more that can be used by hackers to gain unauthorized access, says Mark Stevens, WatchGuard’s senior vice president of network security.

The gear also masquerades internal network devices so they don’t reveal information that an intruder might use to crack into a network. For example, probing a mail server with an invalid e-mail address can generate a response that includes the mail server name, domain and IP address. This would be stripped off by Firebox.

WatchGuard is moving toward a single code for both its product lines that will bring these application-layer features to the Vclass boxes.

The Vclass equipment, which is higher performing and more expensive, will continue to support features desired by large businesses but are unnecessary or not wanted by small and midsized enterprises that would more likely buy from the Firebox line, Stevens says. An example of that is support for virtual LANs offered by Vclass but not Firebox, he says.

Both platforms will move toward being multifunction security platforms that will include firewall, VPN, intrusion detection, antivirus, vulnerability assessment and XML security for Web services. Adding some of these features will require partnering with other vendors, Stevens says.

The company wants to reach this goal within 12 months and will start rolling out features by mid-year. It also has a new box planned in each product family, Stevens says.