APT Blocker

Advanced Malware Detection and Prevention

Organizations of all sizes have been plagued by sophisticated attacks that evade traditional signature-based defenses, resulting in the loss of personal information, millions of dollars, and permanent reputation damage. WatchGuard APT Blocker puts a stop to these fast moving and persistent threats by using a next-generation cloud sandbox that simulates physical hardware, exposing malware designed to evade traditional network security defenses.

Key Features

Thoroughly analyzes a wide range of executables and documents, including office file types

Thoroughly analyzes a wide range of executables and documents, including office file types

Seamless integration with WatchGuard Dimension for complete visibility

Deploy in seconds as part of an integrated security solution

Delivers Instant threat response with automated alerts

Average analysis time of less than two minutes

Thumbnail: APT Blocker Threats

Combat Evolving Threats

As threats continue to evolve and become more complex, there is not one technology that can provide complete threat protection on its own. That’s why at WatchGuard, we take a layered approach to network security, continually staying ahead of the evolving threat landscape with a suite of powerful security services. Signature-based defenses are still critical as a first line of defense, eliminating known threats at the gateway. However, you still need protection against unknown attacks that make it past the first layers of security. That’s where APT Blocker comes in, providing your next level in advanced malware detection and prevention.

Thumbnail: APT Blocker Prevent, Detect, Resolve

Prevent, Detect, and Resolve

WatchGuard APT Blocker focuses on behavioral analysis to determine if a file is malicious, identifying and submitting suspicious files to a cloud-based sandbox where the code is emulated, executed, and analyzed to determine its threat potential. If the suspected file is found to be malicious, APT Blocker quickly takes action to ensure your network and digital assets stay secure.

Thumbnail: APT Blocker Full System Emulation

Full System Emulation Simulates Physical Hardware

Modern malware, including advanced persistent threats, ransomware, and zero-day attacks, are designed to recognize and evade traditional defenses. APT Blocker’s full system emulation – which simulates physical hardware including CPU and memory – provides the most comprehensive level of protection against advanced malware.

Screenshot: APT Blocker

Easy to Use

WatchGuard APT Blocker not only provides comprehensive protection against advanced malware, it does with a simple and intuitive user interface. From the management console, you can access easy-to-use controls that enable you to allow, drop, block, or quarantine by severity level, as well as set customized notifications for when APT Blocker detects a threat.

Screenshot: APT Blocker

Unparalleled Visibility

Gain complete visibility into the advanced threats attempting to attack your network, including the protocols used, threat IDs, sender source, and the specific types of malicious activities that would have happened if APT Blocker did not take action.

How it Works

WatchGuard APT Blocker works in tandem with WatchGuard Gateway AntiVirus for the ultimate solution in detecting and preventing advanced malware. If the file passes the Gateway AntiVirus scan, a hash of the file is sent to the APT Blocker cloud sandbox to determine if it is a known threat. If the hash of the file is not recognized, APT Blocker prompts the Firebox to send the full file, which is executed in an environment that simulates physical hardware for comprehensive threat analysis. Administrators are then alerted if the file is suspicious with a threat rating.

APT Blocker: How it Works Diagram

Award-Winning Security and Visibility Platform

Firebox Subscriptions Photo

All of WatchGuard’s Security Services are delivered as an integrated solution within an easy-to-manage and cost-effective Firebox appliance. It’s in WatchGuard’s DNA to deliver advanced IT security technologies for small to midsize organizations and distributed enterprises. We take these enterprise-grade technologies and make them easy to deploy and easy to manage. You face the same threats as enterprise organizations, shouldn’t you have the same level of security?

Discover all of our Security Services >


About WatchGuard

WatchGuard has deployed nearly a million integrated, multi-function threat management appliances worldwide. Our signature red boxes are architected to be the industry's smartest, fastest, and meanest security devices with every scanning engine running at full throttle. Why buy WatchGuard? Find out here.



  • Global Headquarters
    505 Fifth Avenue South, Suite 500
    Seattle, WA 98104, United States
  • Phone
    1.800.734.9905 US & Canada