SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
FORM 10-K
FOR ANNUAL AND TRANSITION REPORTS
PURSUANT TO SECTION 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934
| x | ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the fiscal year ended December 31, 2002
OR
| ¨ | TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the transition period from to
Commission file number 000-26819
WATCHGUARD TECHNOLOGIES, INC.
(Exact name of registrant as specified in its charter)
| Delaware |
91-1712427 | |
| (State or other jurisdiction of incorporation or organization) |
(I.R.S. Employer Identification No.) |
505 Fifth Avenue South, Suite 500, Seattle, WA 98104
(Address of principal executive offices) (zip code)
(206) 521-8340
(Registrant’s telephone number, including area code)
Securities registered pursuant to Section 12(b) of the Act:
None
Securities registered pursuant to Section 12(g) of the Act:
Common Stock, $.001 par value
Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports) and (2) has been subject to such filing requirements for the past 90 days. Yes x No ¨
Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. x
Indicate by check mark whether the registrant is an accelerated filer (as defined in Exchange Act Rule 12b-2) Yes x No ¨
The aggregate market value of the voting and nonvoting common equity held by nonaffiliates of the registrant, based on the last sales price of the registrant’s common stock on June 28, 2002, as reported on the Nasdaq National Market, was approximately $141,543,691.
As of March 17, 2003, there were 32,828,311 shares of the registrant’s common stock outstanding.
DOCUMENTS INCORPORATED BY REFERENCE
The information required by Part III of this report, to the extent not set forth herein, is incorporated into this report by reference to the registrant’s definitive proxy statement for the annual meeting of stockholders to be held on May 22, 2003. The definitive proxy statement will be filed with the Securities and Exchange Commission within 120 days after December 31, 2002, the end of the fiscal year to which this report relates.
ANNUAL REPORT ON FORM 10-K
FOR THE FISCAL YEAR ENDED DECEMBER 31, 2002
TABLE OF CONTENTS
| Page | ||||
| PART I | ||||
| ITEM 1. |
3 | |||
| ITEM 2. |
35 | |||
| ITEM 3. |
35 | |||
| ITEM 4. |
35 | |||
| PART II | ||||
| ITEM 5. |
MARKET FOR REGISTRANT’S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS |
36 | ||
| ITEM 6. |
36 | |||
| ITEM 7. |
MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS |
38 | ||
| ITEM 7A. |
57 | |||
| ITEM 8. |
58 | |||
| ITEM 9. |
CHANGES AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURE |
86 | ||
| PART III | ||||
| ITEM 10. |
87 | |||
| ITEM 11. |
87 | |||
| ITEM 12. |
SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT |
87 | ||
| ITEM 13. |
87 | |||
| ITEM 14. |
87 | |||
| ITEM 16. |
88 | |||
| PART IV | ||||
| ITEM 15. |
EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON FORM 8-K |
89 | ||
PART I
Forward-Looking Statements
Our disclosure and analysis in this annual report contain forward-looking statements, which provide our current expectations or forecasts of future events. Forward-looking statements in this annual report include, without limitation:
| • | information concerning possible or assumed future operating results, trends in financial results and business plans, including those relating to earnings growth and revenue growth; |
| • | statements about our costs and operating expenses relative to our revenues and about the expected composition of our revenues; |
| • | statements about our future capital requirements and the sufficiency of our cash, cash equivalents, investments and available bank borrowings to meet these requirements; |
| • | information about the anticipated timing of new product releases; |
| • | other statements about our plans, objectives, expectations and intentions; and |
| • | other statements that are not historical facts. |
Words such as “believes,” “anticipates” and “intends” may identify forward-looking statements, but the absence of these words does not necessarily mean that a statement is not forward-looking. Forward-looking statements are subject to known and unknown risks and uncertainties and are based on potentially inaccurate assumptions that could cause actual results to differ materially from those expected or implied by the forward-looking statements. Our actual results could differ materially from those anticipated in the forward-looking statements for many reasons, including the factors described in the section entitled “Important Factors That May Affect Our Business, Our Results of Operations and Our Stock Price” in this annual report. Other factors besides those described in this annual report could also affect actual results. You should carefully consider the factors described in the section entitled “Important Factors That May Affect Our Business, Our Results of Operations and Our Stock Price” in evaluating our forward-looking statements.
You should not unduly rely on these forward-looking statements, which speak only as of the date of this annual report. We undertake no obligation to publicly revise any forward-looking statement to reflect circumstances or events after the date of this report, or to reflect the occurrence of unanticipated events. You should, however, review the factors and risks we describe in the reports we file from time to time with the Securities and Exchange Commission, or SEC.
Overview
WatchGuard is a leading provider of Internet security solutions designed to protect enterprises that use the Internet for e-commerce and secure communications. Our mission is to provide enterprises worldwide with stronger Internet security solutions by offering integrated, multi-layered defenses and tools that protect against known and future threats in a smart way by including simplified implementation and management and proactive security with our LiveSecurity Service. With the risk that threats and attacks will compromise multiple points in a corporate network, the requirements of a security solution have expanded beyond the core requirement of firewalls for access control and virtual private networks, or VPNs, for secure communications. The comprehensive nature of an effective security solution, however, requires a robust and intuitive system that simplifies the implementation and management of the system. Because the security landscape is constantly evolving, an effective security solution must also be dynamic to allow an enterprise to keep its defenses ahead of the latest threats and attacks.
3
Thousands of enterprises worldwide use WatchGuard’s award-winning products and services to address these challenges. These products and services include our high-performance Firebox and RapidStream firewall and VPN appliances for access control, secure communications and (with certain of our Firebox products) network-based intrusion protection capabilities, and our ServerLock technology and anti-virus solution for content and application security for servers and desktops with host-based intrusion protection capabilities. The centralized point-and-click management of our solutions allows even the non-security professional to effectively install, configure and monitor our security products while the networking features of our Firebox Vclass product line provide the functionality required for more complex network installations. In addition, our innovative subscription-based LiveSecurity Service enables our customers, with minimal effort, to protect their data and communications in a continuously changing environment.
Our core market spans the small- to medium-sized enterprise, or SME, market, from companies at the lower end, where ease-of-use is a key requirement, to companies at the high end, including those with high-speed connections supporting VPNs between the corporate headquarters and geographically dispersed branch offices, where performance, scalability and networking features are key requirements. In addition, with the recent addition of our RapidStream line of “Secured by Check Point” appliances, we also have the opportunity to leverage Check Point Software Technologies Ltd.’s established presence in the large enterprise market. Our security solutions also give enterprises a security management choice. An enterprise can manage its own Internet security with our product offerings or outsource its security management to an Internet service provider, or ISP, or other managed service provider implementing our managed security solutions. For the service provider, our technology improves the economics of managed security services through a scalable delivery platform that enables the service provider to remotely configure and manage thousands of customer sites quickly and easily.
We sell our Internet security solutions indirectly to end-users through thousands of distributors and resellers, with customers located in over 125 countries. We also sell directly and indirectly to a number of service providers that implement our managed security solution. As of December 31, 2002, we had shipped over 150,000 of our security appliances.
We initially incorporated in Washington in 1996 and reincorporated in Delaware in 1997. References to “we,” “our,” “us” and “WatchGuard” in this annual report refer to WatchGuard Technologies, Inc., our subsidiaries and our predecessor. Our executive offices are located at 505 Fifth Avenue South, Suite 500, Seattle, Washington 98104, and our telephone number is (206) 521-8340. We make available on our Web site, free of charge, copies of our annual report on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, and amendments to those reports filed with or furnished to the SEC, as soon as reasonably practicable after filing or furnishing the information to the SEC. This information can be found in the investor relations portion of our Web site, which is located at www.watchguard.com. You may also inspect and copy the documents that we have filed with the SEC, at prescribed rates, at the SEC’s Public Reference Room at 450 Fifth Street, N.W., Washington, D.C. 20549. You may obtain information regarding the operation of the Public Reference Room by calling the SEC at 1-800-SEC-0330. In addition, the SEC maintains a Web site that contains reports, proxy and information statements and other information regarding issuers that file with the SEC, at http://www.sec.gov.
Industry Background
Reliance on the Internet
The growth in the Internet has provided enterprises, regardless of size, with new revenue opportunities through global distribution of products and services and has enabled significant reductions in sales and marketing costs through automation and instantaneous access. Because of its affordability, global reach and versatility, the Internet is a particularly powerful and necessary tool for enterprises. Enterprises are increasingly required to establish secure Internet access to facilitate and support strategic business objectives. In a marketplace that is becoming more competitive, enterprises are increasingly utilizing new business tools and initiatives, such as remote access, e-commerce, online customer service and supply chain management to gain competitive advantage.
4
The need for Internet security
The increased importance of e-commerce and the proliferation and growth of corporate intranets have dramatically increased the openness of computer networks, with the Internet becoming a widely accepted platform for many business-to-business and business-to-consumer transactions. The accessibility and relative anonymity of users in open computing environments, however, make systems and the integrity of information stored on them increasingly vulnerable to security threats. Open systems present inviting opportunities for computer hackers, terrorists, curious or disgruntled employees and contractors, and competitors to compromise, alter or destroy sensitive information within the system or to disrupt operations and Internet access. In addition, open computing environments are complex and typically involve a variety of hardware, operating systems and applications supplied by a variety of vendors, making networks difficult to manage, monitor and protect from unauthorized access. In addition, because even smaller organizations are rapidly adopting public-facing Web and application servers, they now face the types of threats and vulnerabilities that had been previously reserved for much larger organizations that could deploy sufficient personnel to meet that challenge.
New attacks and security vulnerabilities are created or discovered on almost a daily basis. According to the Computer Emergency Response Team, a federally funded research and development center, not only is the number of cyber incidents and attacks increasing at an alarming rate, but the number of vulnerabilities is increasing as well. The number of vulnerabilities, or faults in software and hardware that may permit unauthorized network access or allow an attacker to cause network damage, has increased almost four-fold in two years, from 1,090 reported vulnerabilities in 2000 to 4,129 reported vulnerabilities in 2002. The annual Computer Security Institute, or CSI, survey conducted in 2002 highlights the potential risks faced by organizations connected to the Internet. The CSI survey revealed that 90% of companies responding had experienced security breaches and that 70% of these breaches were considered serious, with companies experiencing theft of proprietary information, financial fraud, or sabotage of data or networks. The average loss due to financial fraud or theft was estimated at over $1 million. But the risks extend beyond outside attackers—71% of surveyed companies reported insider attacks. In addition to an increase in the number of attacks, the speed of propagation of these attacks is increasing as well. For example, NIMDA, an automated Internet attack that was a blend of a computer worm and a computer virus, spread across the United States in approximately one hour, lasted for days, and attacked approximately 86,000 computers. Code Red, another Internet attack, infected approximately 150,000 computer systems in approximately 14 hours. Organizations therefore often do not have the luxury of waiting for an alert about a current threat, but must be proactive in their defense against Internet security attacks.
The need for increased Internet security has been recognized at the highest national levels. In November 2002, President George W. Bush signed legislation creating the Department of Homeland Security. For fiscal year 2004, the Bush administration has requested $4.7 billion for Internet security, up from $4.2 billion in fiscal year 2003 and $2.7 billion in fiscal year 2002.
The Internet security challenge
Adequate Internet security is not a response to a single challenge, but rather a response to a variety of business requirements. For example, because enterprises need to control the flow of information between their internal networks and the Internet, they need firewalls, which are important components of a comprehensive security solution. A firewall, a security component that varies in complexity, is designed to block access from the Internet to an enterprise’s internal networks, as well as control the flow of and access to information shared between the networks and the Internet. A comprehensive security solution should also integrate several other sophisticated security layers, such as VPNs, to enable encrypted communications between points on the Internet, and content and application security for servers and desktops to protect critical data and services against unauthorized or unintentional changes.
Even a comprehensive solution, however, must be easy to install, configure and manage to be truly effective. With businesses increasingly establishing secure Internet access for branch offices, trading partners and traveling employees, an enterprise must deploy point solutions such as firewalls and VPNs to fully protect the
5
corporate network, as well as protect multiple servers and desktops in various locations. Without a robust, intuitive and easy-to-use system to manage these point solutions, the complexity and difficulty of successfully implementing a corporate information security solution rises dramatically.
To further complicate matters, the dangers against which an effective Internet security solution must protect are dynamic rather than static, with new types of intrusion schemes, worms, viruses and other security threats and vulnerabilities emerging constantly. CERT handled 82,094 security incidents in 2002, approximately 56% more than the 52,658 security incidents handled in 2001, and almost four times the 21,756 security incidents handled in 2000. In addition, unless an enterprise can timely and easily implement updates across the enterprise’s point solutions protecting its network, the enterprise may need dedicated, and expensive, security experts to proactively identify, obtain and manually implement these updates quickly and correctly.
The Internet security opportunity
According to the VPN and Firewall Products Quarterly Worldwide Market Share and Forecasts for 4Q02 report from Infonetics Research, Inc., “end-user demand is clearly a fundamental driver for deployment of VPN and firewall products, and demand is skyrocketing.” Infonetics reports that the worldwide market for VPN and firewall appliances reached $1.4 billion in 2002 and is forecasted to grow to $2.2 billion in 2006, at a compound annual growth rate, or CAGR, of 22%. In addition, Infonetics believes that most end-users are moving from a model of centralized Internet connectivity to distributed connectivity, taking advantage of the cost savings offered by VPNs.
Enterprises require a robust, comprehensive Internet security solution that secures all vulnerable points in the corporate network, that can be installed, configured and managed easily, and that can be kept up to date quickly and effectively, all for an economical price. In addition, many enterprises would rather outsource the management of their Internet security to ISPs and other managed service providers. Service providers face challenges, however, in delivering affordable security services that can be rapidly and economically deployed to thousands of customer sites and easily managed from a central location.
The WatchGuard Solution
WatchGuard’s security products and services offer an innovative approach to Internet security. Our solution has the following key benefits:
| Stronger Security |
For enterprises of all sizes, we offer a strong, multi-layered defense and tools to protect against known and future threats. At its core, our solution includes a firewall for access control and filtering of dangerous content such as worms and viruses, and VPN capability for secure, encrypted communication between remote offices, mobile employees and trading partners. Beyond this, our solution provides network-based intrusion protection capabilities through WatchGuard’s proxies and provides host-based intrusion prevention capabilities and server security to protect against unauthorized or unintentional access to and manipulation of critical content and applications residing on a server, such as Web site defacement and the deposit of malicious code. In addition, we offer proxies that are comprehensive and customizable, real-time network monitoring, dynamic content blocking, packet reassembly and scalable appliances. Finally, our solution provides an additional line of defense with signature-based anti-virus protection to secure the desktop.
| |
| Smartly Done |
We implement our security solution in a smart way with management tools geared toward the needs of the customer base they serve, quick and easy VPN creation and use, “drop-in” firewall configuration, comprehensive reporting, product bundles that simplify implementation and management and our unique LiveSecurity solution, all contained within a security appliance for ease of firewall and VPN deployment. Our subscription-based LiveSecurity Service is designed to keep our customers’ security solutions up to date with |
6
| (1) information alerts that offer timely analyses of breaking Internet security news combined with instructions on how customers can keep their networks secure, (2) virus alerts with information from McAfee.com Corporation, or McAfee, that provide real-time virus alerts and specific information on how customers can protect their systems, (3) security threat responses that provide detailed information on high-profile security vulnerabilities as they develop, including information on how they may affect systems and what we are doing to help our customers keep their networks secure and, when appropriate, software updates to address the specific threat, (4) software updates, (5) support flashes with tips for managing WatchGuard products, (6) expert editorials to provide continuing education about Internet security, (7) Web-based and interactive technical support and (8) Web-based and interactive customer training. |
Strategy
Our objective is to be the leading provider of Internet security solutions to SMEs worldwide and opportunistically expand our presence into other market segments. Our strategy to achieve these goals is based on the following key elements:
Continue to extend our leadership position in our core portion of the SME market and expand into the high end of the SME market with technological innovation
We intend to both solidify and further extend our SME market leadership position by expanding and enhancing our integrated Internet security solutions. We plan to accomplish this by increasing the breadth and depth of our multi-layered defense with additional intrusion detection and prevention, or IDP, technology, vulnerability assessment tools and services, and enhanced spam filtering and application layer security, while integrating these layers in a single, easily-managed appliance. Over time, we also intend to converge the security, management and hardware technology of our core product lines while preserving our existing customer base. This will allow us to provide higher performance appliances to the lower end of the SME market and increase the security features and functionality available to the higher end of the SME market, in addition to reducing our development and manufacturing costs and our time-to-market for future technology.
Expand, enhance and leverage our innovative LiveSecurity Service
Our subscription-based LiveSecurity Service is an innovative, value-added security service that provides information and virus alerts, threat responses, software updates, support flashes and expert editorials, along with training and technical support, over the Internet directly to our subscribers and service provider partners. We plan to expand and enhance our LiveSecurity Service, and therefore the value of our subscription service, by adding new software and services through internal development and partnering with third-party providers. We also intend to better leverage this relationship with our installed customer base by increasing the number of software and service add-ons sold through this service to these existing customers. As we expand and enhance our LiveSecurity Service, we plan to ensure that it remains easy to implement and use by enterprises of all sizes and by service providers.
Utilize our innovative ASIC-based hardware technology to differentiate and distance our solutions from our competition
We intend to utilize our innovative application-specific integrated circuit, or ASIC, architecture to facilitate the integration and efficiency of additional security layers in our easily-managed security appliance, while reducing our manufacturing costs and increasing our product development flexibility. We expect that our next-generation ASIC-based solutions will accomplish this with hardware designed to accelerate the performance of these additional layers without degrading the performance of the core firewall and VPN functionality and allow
7
“stacking” of multiple ASICs to leverage the same technology across a broad range of products. We believe this will allow us to provide a multi-layered defense integrated into an appliance that offers customers significant price and performance benefits.
Leverage third-party technology and resources to enhance our product offerings and penetrate the large enterprise market
In addition to utilizing internal development efforts, we plan to increase the breadth and depth of our multi-layered defense by leveraging the technology of third parties, which may involve either partnering or acquisition strategies. We also plan to continue to leverage Check Point’s established presence in the large enterprise market by making a Check Point software solution available on the same hardware platforms we utilize for our core product lines, which allows us to address a market we could not otherwise efficiently address. This strategy allows us to further increase our time-to-market and reduce our development risk while gaining the benefit of other parties’ expertise in particular technologies or markets.
Continue to expand WatchGuard brand awareness
We believe that we have an opportunity to make the WatchGuard brand synonymous with Internet security worldwide. We will continue to participate in public relations activities, seminars and trade shows, both domestically and abroad, to secure WatchGuard’s position as an expert and innovator in Internet and network security, as well as leverage our Web site and increase our end-user demand generation activities. Through online and print advertising, direct mail, e–mail and telemarketing campaigns, and particularly through our Web site and sales tools, we intend to leverage our marketing activities worldwide to uniquely position WatchGuard in the marketplace and clearly communicate the benefits of our comprehensive solutions to our customers and partners. We also intend to introduce innovative programs designed to simplify the purchase of our products, and to offer end-users product and service options that allow them to customize the solution to better address their needs. We will also strengthen our focus on specific vertical markets, such as state and local government agencies and education and health care organizations, to expand our customer base and provide the right solutions to address the special needs of these vertical markets.
We have not determined a schedule for implementing these components of our strategy. The timing for executing our strategies will depend on market conditions, the availability of strategic opportunities and the availability of management resources.
Products and Services
Our comprehensive security solutions include an integrated suite of security and management software, an Internet security appliance and a dynamic Internet-based service to keep security defenses current. These solutions provide access control, VPN, intrusion prevention capabilities and content and application security for servers and desktops. Enterprises may use our products to internally manage their Internet security or elect to outsource security management to a service provider implementing our managed security solution.
Security Layers
Firewall and VPN
By using our Firebox products, an enterprise can quickly and affordably deploy comprehensive perimeter security protection and VPN capability across its network, but still retain centralized control and administration. In addition, our LiveSecurity Service enables enterprises to augment their information technology staff with our security experts, which we believe substantially reduces personnel costs. Our Firebox III products include an initial one-year subscription to our LiveSecurity Service and our Firebox SOHO and Firebox Vclass products include an initial 90-day subscription to our LiveSecurity Service.
8
We currently offer the following Firebox III/Firebox SOHO and Firebox Vclass models:
| Firebox Model |
Firebox 4500 |
Firebox 2500 |
Firebox 1000 |
Firebox 700 |
Firebox 500 |
Firebox SOHO 6 & SOHO 6tc | ||||||
| Recommended For |
Corporate Headquarters and Large Enterprises, Wire Speed VPN Support |
Medium to Large Enterprises, High Volume Web Traffic |
Mid-Size Business or Branch Office |
Smaller Business or Remote Office |
Stand-Alone Firewall for Small Office |
Small Stand-Alone or Remote | ||||||
| Authenticated Users |
5000 |
5000 |
1000 |
250 |
250 |
10 (upgrades to 50) | ||||||
| User License |
Unlimited |
Unlimited |
Unlimited |
Unlimited |
Unlimited |
10 (upgrades to 50) | ||||||
| Firewall Throughput |
200 Mbps |
200 Mbps |
200 Mbps |
150 Mbps |
75 Mbps |
75 Mbps | ||||||
| VPN Throughput (3DES Encryption + SHA1) |
100 Mbps |
75 Mbps |
60 Mbps |
5 Mbps |
5 Mbps |
20 Mbps | ||||||
| Hardware Encryption Acceleration |
Yes |
Yes |
Yes |
No |
No |
Yes | ||||||
| Branch Office/Mobile User VPNs |
3000** |
2000** |
1300** |
150** |
50** |
6* | ||||||
| Interfaces |
Three RJ-45 10/100TX Ethernet, DB-9 Serial Port, PCI Expansion Option |
Three RJ- DB-9 Serial Port, PCI Expansion Option |
Three RJ-45 10/100TX Ethernet, DB-9 Serial Port, PCI Expansion Option |
Three RJ-45 10/100TX Ethernet, DB-9 Serial Port |
Three RJ-45 10/100TX Ethernet, DB-9 Serial Port |
6 RJ-45 10BaseT Ethernet | ||||||
| * | Included in SOHO 6tc; optional on SOHO 6 |
| ** | Total number of Branch Office plus Mobile User VPN Tunnels |
9
| Firebox Vclass Models |
Firebox V200* |
Firebox V100 |
Firebox V80 |
Firebox V60 |
Firebox V60L |
Firebox V10 | ||||||
| Recommended For |
VPN concentrator, data center firewall, multi-tenant security |
VPN concentrator, data center firewall, multi-tenant security |
High-speed VPN tunnel connecting data centers, data center firewall, Fast Ethernet firewall, multiple T3 firewall |
VPN concentrator, Fast Ethernet firewall, HQ for SMEs |
VPN concentrator, mid-sized enterprise |
Small standalone or branch office firewall and VPN | ||||||
| Concurrent Sessions |
500,000 |
250,000 |
128,000 |
16,000 |
8,000 |
2,000 | ||||||
| User License |
Unlimited |
Unlimited |
Unlimited |
Unlimited |
250 |
Unlimited | ||||||
| Firewall Throughput |
2Gbps |
600 Mbps |
200 Mbps |
200 Mbps |
100 Mbps |
75 Mbps | ||||||
| VPN Throughput (3DES Encryption + SHA1) |
1.2 Gbps |
300 Mbps |
150 Mbps |
100 Mbps |
50 Mbps |
20 Mbps | ||||||
| Hardware Encryption Acceleration |
Yes Proprietary Intelligent ASIC |
Yes Proprietary Intelligent ASIC |
Yes Proprietary Intelligent ASIC |
Yes Proprietary Intelligent ASIC |
Yes Proprietary Intelligent ASIC |
Yes Proprietary Intelligent ASIC | ||||||
| Branch Office VPNs |
40,000 |
20,000 |
8,000 |
400 |
50 |
10 | ||||||
| Interfaces |
2 x 1000 BaseSX Gigabit, 2 x High Availability (Ethernet) ports, 1 x console port |
2 x 1000 BaseSX Gigabit, 2 x High Availability (Ethernet) ports 1 UPS port 1 x console port |
4 x 10/100 Ethernet, 2 x High Availability (Ethernet) ports 1 UPS port 1 x console port |
4 x 10/100 Ethernet, 2 x High Availability (Ethernet) ports 1 UPS port 1 x console port |
4 x 10/100 Ethernet, 2 x High Availability (Ethernet) ports** |
2 x 1000 BaseSX Gigabit, 1 x RS232 console port | ||||||
| * | Expected availability early-to mid-2003 |
| ** | High availability optional on Firebox V60L |
10
RapidStream currently offers the following models:
| RapidStream Model |
RapidStream |
RapidStream |
RapidStream 6100 |
RapidStream |
RapidStream | |||||
| Recommended For |
Large central enterprise sites, |
Central corporate sites with expanding traffic requirements, service providers, e-commerce |
Growing enterprises with VPN connectivity to remote sites and partners, corporate office, e-business |
Lower mid-size enterprises as a VPN concentrator, satellite branch offices, meshed VPN site |
Lower mid-size enterprises as a VPN concentrator, satellite branch offices, meshed VPN site | |||||
| Concurrent Sessions |
200,000 |
128,000 |
64,000 |
8,000 |
8,000 | |||||
| User License |
Unlimited |
Unlimited |
Unlimited |
Unlimited |
Unlimited | |||||
| Firewall Throughput |
2.0 Gbps |
600 Mbps |
200 Mbps |
200 Mbps |
200 Mbps | |||||
| VPN Throughput (3DES Encryption + SHA1) |
1.2 Gbps |
300 Mbps |
160 Mbps |
120 Mbps |
70 Mbps | |||||
| Hardware Encryption Acceleration |
Yes |
Yes |
Yes |
Yes |
Yes | |||||
| IPSec Tunnels |
40,000 |
20,000 |
8,000 |
400 |
400 | |||||
| Interfaces |
2 x 1000 |
2 x 1000 |
3 x 10/100 Ethernet ports, 2 x High Availability (10/100 Ethernet) ports, 1 x UPS port, 1 x DB-9 console port |
4 x 10/100 Ethernet ports, |
3 x 10/100 Ethernet ports, 1 x RJ-45 console port | |||||
| *RapidStream | 2200 currently available in North America and Europe only |
Server Security
For enterprises of all sizes, the ServerLock System provides host-based intrusion protection capabilities and server content and application security that protects critical data and services against unauthorized or unintentional access or manipulation, such as Web site defacement and the deposit of malicious code. This protection is offered through a combination of kernel-level software, secured remote communications, centralized management and a simplified dual-mode administrative model. We also offer an application-specific version of our server security software for Web sites residing on a Windows NT or Windows 2000 server using Microsoft IIS. Every standard ServerLock System product includes an initial one-year subscription to our LiveSecurity Service. We currently offer the following server security products:
| • | ServerLock for NT/2000; |
| • | ServerLock for Solaris; and |
| • | AppLock/Web. |
11
Desktop Security
Through our relationship with Network Associates, Inc., we currently offer desktop virus protection with the McAfee Virus Scan ASaP product for Microsoft Windows 98, NT and 2000 operating systems. Every standard Firebox product includes either one annual Virus Scan ASaP license for our SOHO-class Firebox products or five annual Virus Scan ASaP licenses for all of our other Firebox products. Additional licenses may also be purchased separately.