WatchGuard Wire (englisch)

Syndicate content
WatchGuard Product Update Blog
Updated: 14 weeks 6 days ago

Fireware 12.2.1 is now available

Mon, 09/17/2018 - 09:08

Fireware 12.2.1 General Availability
We are pleased to announce the General Availability (GA) of Fireware 12.2.1. Full details are covered in the What's New in 12.2.1 presentation, and there is also a recorded webinar of this content. Key highlights of the release include:

  • ​Backup and Restore features have been redesigned to provide a new UI with more options, making it more dependable on tabletop Fireboxes with lower available memory.
  • WAN interface monitoring for Jitter, Latency, and Packet Loss enables admin to easily identify problematic WAN connections.  
  • For partners with NFR appliances, WatchMode has been refactored for greater reliability. It now works with mirrored network traffic with VLAN tags. WatchMode enables monitoring of mirrored traffic from a switch, which is ideal for non-disruptive evaluations.

WSM 12.2.1 Update 1 is also available now, which is an update to the WSM 12.2.1 release to address a known issue. We recommend that any customers that installed WSM 12.2.1 in the last week upgrade to this release. Please read the Release Notes prior to upgrading. 

Does this release pertain to me?
Fireware 12.2.1 is available for all Firebox T and Firebox M appliances. The continued growth and expansion of the Fireware OS means it is no longer suitable for older generation appliances with more limited resources. Fireware 12.2.1 and subsequent releases will not be available on any XTM appliances. WatchGuard will continue to provide updates to the 12.1.x firmware versions to provide bug fixes and important security updates for XTM appliances.

Software Download Center
Firebox appliance owners with active support subscriptions can obtain the Fireware 12.2.1 update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center

Contact
For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Categories: Sicherheit News

Host Containment and Artificial Intelligence: New in TDR 5.5

Fri, 09/14/2018 - 07:03
Host Containment

I am pleased to announce the availability of Threat Detection and Response 5.5. This release of TDR introduces a powerful new response capability, Host Containment, which enables operators to contain infected host machines. When a threat is identified, ThreatSync quickly moves to contain the host endpoint, preventing the spread of malware to other points in your network. The Host Containment feature also makes it possible to isolate machines when they are outside of your network, alleviating cases where an infected host returns “home” and unintentionally infects the network.

If you are a customer or partner using TDR today, you already have access to TDR 5.5, and can begin using the feature immediately. To get started, visit the WatchGuard Help Center to learn how to configure host sensors, and establish containment policies.

Artificial Intelligence

TDR 5.5 also streamlines the advanced threat triage capability of ThreatSync, by introducing a new artificial intelligence engine to aid in the identification and classification of files. ThreatSync uses AI to automatically analyze combinations of features to determine if a file possesses suspicious characteristics, before sending the file for further analysis in APT Blocker. This prevents truly suspicious files from going undetected and allows you to identify real threats with more confidence.

Additional Included Features
  • System tray notifications about relevant TDR events.
  • The ability to pause protection when needed.
  • Host Sensor auto-update control.

Want to get an early look at what’s next in TDR? Join the WatchGuard Beta program today!

Categories: Sicherheit News

WebBlocker Server version 1.0 Available for Fireware 12.2

Thu, 08/30/2018 - 18:45

WatchGuard is pleased to announce the release of a new standalone WebBlocker Server that replaces and upgrades the functionality previously provided in the legacy SurfControl service. The WebBlocker Server hosted on-premises now provides the same equivalent URL categories and database as the cloud hosted server which WatchGuard customers have been using since 2013.  

The WebBlocker Server is available for VMware (v. 5.x.+) and Hyper-V (for Microsoft Windows 2008 R2, 2012, or 2012 R2 64-bit) and can be downloaded by customers with a WebBlocker subscription now, August 28, 2018.

WatchGuard customers who use on-premises URL filtering today now have three options:

  • Upgrade to Fireware 12.2 or later and use the WebBlocker cloud service for URL filtering
  • Upgrade to Fireware 12.2 or later and use WebBlocker Server, which is now available to download at software.watchguard.com
  • Remain on current version of Fireware 12.1.x (or earlier) and leverage existing WebBlocker cloud service for URL filtering

WatchGuard is also announcing that the legacy SurfControl service will reach end of life on November 30, 2018. All URL lookups conducted against the SurfControl service after this date will return “uncategorized”. Customers can choose from one of the three migration options listed above.

Note: XTM customers will not be able to upgrade to Fireware 12.2, but can still use Fireware 12.1.x or earlier.

After the Fireware 12.2 release, support for these new features will be as follows:

  • On-premises WebBlocker Server will not be compatible with previous versions of Fireware 12.1.x
  • WSM 12.2 will not be capable of managing SurfControl settings on devices that run 12.1.x or lower

This offering for a virtual WebBlocker server helps to serve customer environments where regulatory compliance or even ISP constraints inhibit the web connections that allow WebBlocker URL filtering to function as designed through the WatchGuard UTM. 

How can I get started?

Qualifying Firebox M-series and T-series appliances with active Basic Security or Total Security Subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center.

Categories: Sicherheit News

DNSWatch Australian Resolvers

Thu, 08/30/2018 - 01:08

In order to better support our customers in Australia and New Zealand, we are pleased to announce the availability of a DNSWatch resolver in Sydney.

Based upon your feedback and data collected from production DNSWatch, we identified a need for a resolver to service ANZ. Neither DNS nor content latency were within our target, so we have deployed this resolver to improve performance of any network protected by DNSWatch.

No action is needed on your part. Any ANZ protected firebox will automatically use the Australian resolvers.

Thank you for submitting your feedback and having patience with us as we improve our products globally. We hope that this improves your experience with the WatchGuard product line all while keeping you safer every day.

 
Categories: Sicherheit News

DNSWatch Introduces Protection Against DNS Rebinding Attacks

Thu, 08/23/2018 - 23:28

Despite being around for many years, “DNS Rebinding” attacks have been making headlines recently. Commodity devices (Chromecast, Roku, Sonos Speakers, and many other IoT devices) are potentially vulnerable, and while the popular ones have been patched, it’s hard to know if they all have.

This trend, combined with direct feedback from other customers, has led us to build new protections into DNSWatch to address these types of attacks.

You can enable the DNS binding protections in your DNSWatch settings. Once you enable the feature, it can take up to an hour to take effect due to DNS caching.

When enabled, any responses that would normally contain an A record for a private IP address (192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/16) will instead result in an NXDOMAIN.

To confirm the rebinding protection is enabled, you can look up `local.strongarm.io`. If rebinding is enabled, it will return `192.168.1.1`. If the rebinding protection is enabled, DNSWatch will return an NXDOMAIN.

If you use an external nameserver to host intranet websites, you need to move those domains to an internal name server to protect them from DNS Rebinding attacks.

Categories: Sicherheit News

WatchGuard Dimension 2.1.1 Update 3 now available

Wed, 08/08/2018 - 23:57

We are pleased to announce the availability of WatchGuard Dimension 2.1.1 Update 3.  This release is now available from the Software Downloads Center, along with release notes and update instructions.  WatchGuard Dimension 2.1.1 Update 3 resolves several performance and functionality issues, such as:

  • IPS Total Intrusions are double-counted in Subscription Service Dashboard
  • Totals and Averages are now displayed on Health Summary Reports
  • Angled brackets in email address break PDF report generation
  • Executive Report Top Clients PDF Report showing incorrect graph value
  • Changing the date in the calendar widget no longer automatically refreshes the current report
  • Several database optimizations to reduce the time required to generate reports

For a full list of changes implemented as part of WatchGuard Dimension 2.1.1 Update 3, please refer to the release notes.

 

Does this release pertain to me?

This release applies to all users of the WatchGuard Dimension network security visibility solution.  We highly recommend that any administrators using WatchGuard Dimension upgrade their solution to 2.1.1 Update 3 to take advantage of the improvements available in the release.

  Software Download Center

WatchGuard Dimension administrators can obtain this update by downloading the applicable packages from the WatchGuard Software Download Center.

 

Contact

For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Categories: Sicherheit News

Fireware 12.2 is now available

Wed, 08/08/2018 - 18:31

Fireware 12.2 is now available
Arthur posted earlier this week about the exciting new AI technology that is now available in the Fireware 12.2 release with the new IntelligentAV service. But let’s not forget that this release includes many other new features. Many of the Beta testers had very positive feedback about the new ability to configure Geo-Blocking by Policy. Users can now set granular policies to restrict certain traffic types to or from specific countries. Other key highlights in Fireware version 12.2 include:

  • Firebox Cloud Management Upgrades: WatchGuard System Manager for management of multiple Firebox Cloud instances hosted on Amazon Web Services or Microsoft Azure.
  • TLS Proxy Protocols: Enables proxy and malware inspection for the POP3S and SMTPS (or POP3 and SMTP over TLS) mail retrieval protocols.
  • WebBlocker: Adds the ability to generate alerts by categories (for example, weapons, militancy and extremism).
  • Multiple Server Certificates: Users can now host multiple different servers and applications behind a single Firebox, each with their own proxy certificate.

You can find full details about this release in the What’s New presentation and Release Notes. Please review the Release Notes carefully before upgrading.

Does this release pertain to me?
Fireware 12.2 is available for all Firebox T and Firebox M appliances. The continued growth and expansion of the Fireware OS means it is no longer suitable for older generation appliances with more limited resources. Fireware 12.2 and subsequent releases greater than 12.2 will not be available on any XTM appliances. WatchGuard will continue to provide updates to the 12.1.x firmware versions to provide bug fixes and important security updates for XTM appliances.  

Software Download Center
Firebox appliance owners with active support subscriptions can obtain the Fireware 12.2 release without additional charge by downloading the applicable packages from the WatchGuard Software Download Center. Or simply use the WebUI to directly upgrade your firebox.

Contact
For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

 

Categories: Sicherheit News

Now Available: Firebox M270

Thu, 08/02/2018 - 20:18

New Firebox M270 is the fastest entry level rack mount appliance
It's a busy time with new product launches at WatchGuard! Alex posted last week about the new Authpoint multi-factor authentication (MFA) product, and today I'm excited to announce the release of our newest Unified Threat Management (UTM) appliance. The M270 replaces the M200 as WatchGuard’s smallest rack-mounted Firebox, and it runs all of the security services offered in WatchGuard’s Total Security Suite. This includes the new IntelligentAV AI-based antivirus service which is now available in the new Fireware® version 12.2, as well as DNSWatch and Access Portal, which were introduced in the last year. Watch this blog for more detailed posts about IntelligentAV and Fireware 12.2 in the coming days. 

Validated by Miercom
According to independent testing by Miercom, the M270 becomes the industry’s fastest entry-level rack-mounted appliance when running full UTM services, outperforming competitive products by up to 82%. Full details of this testing are available in the complete Miercom report, which is available to download at the WatchGuard website. Another appliance in the WatchGuard mid-range family, the Firebox M670 recently achieved the Recommended rating from NSS Labs in their annual next generation firewall group test.

Product Details
Key specs for the M270 are:

  • Intel Atom processors with QuickAssist Technology (QAT)
  • 4 Gb RAM Memory
  • 8 1 Gb Ethernet ports
  • Recommended in environments with up to 60 users

Complete product details are available at the M270 web page or in the M270 datasheet

 

Categories: Sicherheit News