APT Blocker

Unmask Hidden Threats Before They Strike

Organizations of all sizes are suffering from sophisticated attacks that evade traditional signature-based defenses, leading to the loss of personal information, many dollars, and permanent reputation damage. WatchGuard APT Blocker puts a stop to those fast paced and protracted threats by using a next-generation cloud sandbox that simulates physical hardware, exposing malware designed to evade traditional network security defenses.

Key Features

Provides advanced protection against ransomware, zero-day threats, and evolving malware

Thoroughly analyzes a good range of executables and documents, including office file types

Seamless integration with WatchGuard Dimension for complete visibility

Deploy in seconds as a part of an integrated security solution

Delivers Instant threat response with automated alerts

Average analysis time of less than two minutes

watchguard APT Blocker review

Combat Evolving Threats

As threats continue to evolve and become more complex, there's not one technology which will provide complete threat protection on its own. That’s why at WatchGuard, we take a layered approach to network security, continually staying before the evolving threat landscape with a collection of powerful security services. Signature-based defenses are still critical as a first line of defense, eliminating known threats at the gateway.* However, you continue to need last-mile protection against unknown attacks that make it past the first layers of security. That’s where APT Blocker comes in, providing your next level in advanced malware detection and prevention.

Prevent, Detect, and Resolve

WatchGuard APT Blocker focuses on behavioral analysis to work out if a file is malicious, identifying and submitting suspicious files to a cloud-based sandbox where the code is emulated, executed, and analyzed to work out its threat potential. If the suspected file is found to be malicious, APT Blocker quickly takes action to confirm your network and digital assets stay secure.

watchguard APT Blocker Exception
Watchguard APT Blocker

Full System Emulation Simulates Physical Hardware

Modern malware, including advanced persistent threats, ransomware, and zero-day attacks, are designed to acknowledge and evade traditional defenses. APT Blocker’s full system emulation – which simulates physical hardware including CPU and memory – provides the most comprehensive level of protection against advanced malware.

Easy to Use

WatchGuard APT Blocker not only provides comprehensive protection against advanced malware, it does with an easy and intuitive interface. From the management console, you'll access easy-to-use controls that enable you to allow, drop, block, or quarantine by severity level, also as set customized notifications for when APT Blocker detects a threat.

Watchguard APT Blocker configuration
Watchguard APT Blocker configuration

Unparalleled Visibility

Gain complete visibility into the advanced threats attempting to attack your network, including the protocols used, threat IDs, sender source, and also the specific varieties of malicious activities that might have happened if APT Blocker didn't take action.

How It Works

WatchGuard APT Blocker works in tandem with WatchGuard Gateway AntiVirus for the final word solution in detecting and preventing advanced malware. If the file passes the Gateway AntiVirus* scan, a hash of the file is shipped to the APT Blocker cloud sandbox to work out if it's a known threat. If the hash of the file isn't recognized, APT Blocker prompts the Firebox to send the complete file, which is executed in an environment that simulates physical hardware for comprehensive threat analysis. Administrators are then alerted if the file is suspicious with a threat rating.

*APT Blocker requires a WatchGuard Gateway AntiVirus subscription

Watchguard APT Blocker Configuration