Network security vendor WatchGuard Technologies Inc. has shipped a new edition of the operating system that powers its Firebox Unified Security Platform appliances equipped with an artificial intelligence engine that’s designed to predict, detect, and block zero-day malware.
Called IntelligentAV and based on technology from Cylance Inc., of Irvine, Calif., the new antivirus scanning service is an integrated component of the newly introduced Fireware version 12.2, and is the latest addition to an expanding set of built-in Firebox malware defenses that includes earlier Threat Detection and Response, Gateway AntiVirus, and APT Blocker components.
“Data from our quarterly Internet Security Report shows that nearly half of all malware targeting our customers is zero day. Traditional signature-based antivirus, while still an important part of one’s overall security posture, no longer provides adequate protection against modern malware, which is often obfuscated to evade detection,” said Brendan Patterson, vice president of product management at WatchGuard Technologies, in a press statement. “That’s why WatchGuard believes that layering multiple advanced security solutions is the best way for businesses to protect their assets and their customer’s data. IntelligentAV is the latest example of how we use best-in-class technologies to deliver high-performance layered security for customers.”
“The threat of zero day malware is a big issue for our clients, and IntelligentAV is an important part of a strong ‘defense in-depth’ strategy,” said Tony Petrella, vice president of engineering at Charlottesville, Va.-based solution provider Advanced Network Systems Inc., in a press statement. “Having an AI component provides a more robust, proactive defense against new forms of malware and ransomware that legacy AV would typically miss.”
Other upgrade in Fireware 12.2 also include:
Firebox Cloud Management Upgrades: WatchGuard System Manager for management of multiple Firebox Cloud instances hosted on Amazon Web Services or Microsoft Azure.
Geo-Blocking by Policy: Users can set granular policies to restrict certain traffic types to or from specific countries.
TLS Proxy Protocols: Enables proxy and malware inspection for the POP3S and SMTPS (or POP3 and SMTP over TLS) mail retrieval protocols.
WebBlocker Updates: The ability to generate alerts by categories (for example, weapons, militancy, or mental health issues).
Multiple Server Certificates: Users can now host multiple different servers and applications behind a single Firebox, each with their own proxy certificate.