Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v11.10.4.

Published byMalcolm Wilkinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v11.10.4."— Presentation transcript:

1 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v11.10.4

2 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in v11.10.4  New Features and Enhancements FireCluster Web UI updates Disable the TLS 1.0 protocol for connections to the WSM Log Server and Management Server Configure your WSM Log Server to delete log messages after a specified amount of time Change to the global networking TCP Settings UI label Drag-and-drop policy ordering in Web UI APT Blocker results contribute to RED SMTP Proxy — Examine file names and types stored in compressed archive files Mobile VPN with SSL client support for OS X 11.10 (El Capitan) XTMv support for VMware ESXi 6  Support for Firebox T30, T30-W, T50, T50-W 2

3 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training FireCluster Web UI Updates  The System > Restore page has updates specific to a FireCluster Click Leave Cluster and Reboot to make the member leave the cluster After the reboot, use the Management IP address to connect to the Firebox to restore a backup image Use Firebox System Manager to rejoin the member to the cluster  The System > Feature Key page now prevents changes to the feature key of a FireCluster member 3

4 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Disable TLS 1.0 for Server Connections  You can now disable the TLS v1.0 protocol for connections to your WSM Management Server and Log Server Select this option in your Management Server settings if your Management Server does not manage Firebox devices that use the TLS v1.0 protocol Select this option in your Log Server settings if your Log Server does not receive log messages from Firebox devices that use the TLS v1.0 protocol Firebox devices that run Fireware OS v11.8 or higher do not use the TLS v1.0 protocol  In the Server Settings for both the Management Server and Log Server, select the Disable TLS 1.0 check box  If you change the TLS setting, in WatchGuard Server Center, select the server from the Servers tree and restart it 4

5 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Automatically Delete Log Data  You can now configure your WSM Log Server to automatically delete log messages after the amount of time that you specify  This setting helps to limit the size of the database by automatically deleting log data that is older than the number of days that you specify  In the Log Server Server Settings, select the Automatically delete data older than check box  Specify the number of days after which log data is deleted from the database 5

6 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training New TCP Settings UI Label  The TCP Settings option check box label in the Firebox global networking settings has changed: Old label: Enable TCP SYN Checking New label: Enable TCP SYN packet and connection state verification 6

7 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Drag-and-Drop Policy Ordering in Web UI  To change the order of policies in Manual-Order mode, you can now use drag-and-drop on the Policies page  The page must be sorted by the Order column to use drag-and-drop  The Order column now also appears in Auto-Order mode, so you can sort by the list by the policy order 7

8 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training APT Blocker Results Contribute to RED  The results of APT Blocker scanning are now shared with the Reputation Enabled Defense (RED) service and contribute to a source’s reputation  Results are uploaded to RED only if an APT threat is identified by the initial md5 hash check or later Lastline analysis  Results are uploaded as a virus statistic for the source’s reputation 8

9 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training SMTP Proxy — Examine Compressed Files  With the SMTP Proxy, you can now perform actions based on the file names and file types that appear in compressed archive files, such as.ZIP files  For example, a file name extension rule that is set to strip.EXE files will also strip these files if they are in a compressed.ZIP file 9

10 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Mobile VPN with SSL Client Update  Mobile VPN with SSL client v11.10.4 for Mac now supports OS X 10.11 (El Capitan) 10

11 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training XTMv ESXi 6 Support  XTMv is now officially supported on VMware ESXi 6.0 11

12 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Support for New Firebox Models  Firebox T30 and T30-W 5x 1Gb interfaces 20 users Replaces XTM 25/26  Firebox T50 and T50-W 7x 1 Gb interfaces 35 users Replaces XTM 33  Wireless models support 802.11ac 12

13 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Default Firebox Certificate Upgrades  Newly generated default Firebox certificates now use the SHA-256 algorithm with a 2048-bit key length SHA-1 is being deprecated by many popular web browsers, and we recommend that you use SHA-256 certificates  After you upgrade to v11.10.4, the default Firebox certificates are not automatically upgraded and continue to use SHA-1 with a 1024-bit key length  To upgrade and regenerate any default Firebox certificate to use SHA-256 and a 2048-bit key length, delete the certificate and reboot the Firebox 13

14 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Default Firebox Certificate Upgrades  To upgrade the default Proxy Authority and Proxy Server certificates for use with HTTPS content inspection, you can use the CLI command: upgrade certificate proxy After you upgrade, you must redistribute the new Proxy Authority certificate to your clients or users will receive web browser warnings when they browse HTTPS sites and content inspection is enabled 14

15 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Other Enhancements  DLP text extraction is now enabled by default on Firebox M200 and M300 devices  DLP signatures now include: Norwegian national identification number Netherlands national identification number (BSN)  RC4 cipher suite support has been disabled when you use content inspection with the HTTPS Proxy 15

16 Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Thank You! 16

Download ppt "Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v11.10.4."

Similar presentations

What’s New in Fireware XTM

What’s New in Fireware XTM
What’s New in Fireware XTM v11.6.1

What’s New in Fireware XTM v11.6.1
Whats New in Fireware XTM v11.5.2. New Features in Fireware XTM v11.5.2 Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple.

Whats New in Fireware XTM v New Features in Fireware XTM v Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple.
What’s New in Fireware XTM v11.3.4

What’s New in Fireware XTM v11.3.4
Introduction to the WatchGuard AP Device

Introduction to the WatchGuard AP Device
What’s New in Fireware XTM v11.7.3

What’s New in Fireware XTM v11.7.3
What’s New in Fireware XTM

What’s New in Fireware XTM
What’s New in Fireware XTM v11.3.2

What’s New in Fireware XTM v11.3.2
What’s New in Fireware XTM v11.8.3

What’s New in Fireware XTM v11.8.3
What’s New in Fireware XTM v11.9.1

What’s New in Fireware XTM v11.9.1
What’s New in WatchGuard Dimension v1.2

What’s New in WatchGuard Dimension v1.2
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
Filtering and Security By Mohammad Shanehsaz June 2004.

Filtering and Security By Mohammad Shanehsaz June 2004.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Introduction to WatchGuard Dimension™ v1.2

Introduction to WatchGuard Dimension™ v1.2
Installation and Deployment in Microsoft Dynamics CRM 4.0

Installation and Deployment in Microsoft Dynamics CRM 4.0
What’s New in Fireware v11.10

What’s New in Fireware v11.10
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.
Introduction to XTMv WatchGuard Training.

Introduction to XTMv WatchGuard Training.

Similar presentations

Ads by Google