Presentation is loading. Please wait.

Presentation is loading. Please wait.

Whats New in Fireware XTM v11.5.2. New Features in Fireware XTM v11.5.2 Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple.

Similar presentations


Presentation on theme: "Whats New in Fireware XTM v11.5.2. New Features in Fireware XTM v11.5.2 Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple."— Presentation transcript:

1 Whats New in Fireware XTM v11.5.2

2 New Features in Fireware XTM v Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple authentication servers and Active Directory authentication domains Application Control HTTP Deny message Log and Report Manager advanced search functionality Management Server Device Configuration Template changes WatchGuard Training2

3 New Features in Fireware XTM v Minor Changes SMTP-proxy TLS encryption rules now limited to a maximum of 200 bytes Ability to specify the port used to send notifications from the Log Server Updated list of trusted Certificate Authorities for proxies Diagnostic log messages for the Terminal Services Agent and TO Set Tool WatchGuard Training3

4 New Platforms Supported By Fireware XTM v New 2 Series Platforms XTM 25, 25-W XTM 26, 26-W New 3 Series Platforms XTM 33, 33-W WatchGuard Training4

5 FireCluster 5

6 FireCluster on XTM 330 FireCluster is supported on XTM 330 devices with the Pro version of Fireware XTM OS. All XTM 330 devices are licensed for a Pro version of Fireware XTM OS by default. WatchGuard Training6

7 Mobile VPN with SSL

8 Mobile VPN with SSL Support for Multiple Active Directory Domains and Authentication Servers You can now configure Mobile VPN with SSL to use multiple authentication servers. The server at the top of the list is the default authentication server. To change the default server, select a different server. Click Make Default. When you add Mobile VPN with SSL authentication users and groups, you can select a specific authentication server or Any. 8WatchGuard Training

9 Mobile VPN with SSL Support for Multiple Active Directory Domains and Authentication Servers In the Mobile VPN with SSL client, the user can specify the authentication server to use in the Username text box. Username is specified servername\username Examples: ad1.example.com\j_smith Use the ad1.example.com Active Directory domain Firebox-DB\j_smith Use Firebox-DB for authentication Ldap\j_smith Use the LDAP server for authentication j_smith Use the default authentication server If the user does not specify an authentication server, Mobile VPN with SSL uses the default authentication server specified in the Mobile VPN with SSL configuration. 9WatchGuard Training

10 Application Control

11 Application Control Deny Message When a proxy or packet filter policy blocks HTTP content that matches an Application Control action, the user who requested the content sees a deny message in the browser. The content of the deny message is not configurable. The deny message appears for HTTP content only. It does not appear for HTTPS or any other protocol. 11WatchGuard Training

12 Log and Report Manager Search

13 Log and Report Manager Search Enhancements Log and Report Manager now includes advanced search functionality for log messages. Start a search from any device page or the main LOGS > Search page. WatchGuard Training 13

14 Log and Report Manager Search Enhancements Run simple or complex searches to find details in your device log messages. Four types of search queries are available: Any word matches All word matches Exact word matches None matches Search queries are not case sensitive. Search types and queries can be combined to run complex searches. Search results can be exported to a file that can be used outside of Log and Report Manager. Search queries can be saved and run again for the same device. WatchGuard Training 14

15 Device Configuration Templates

16 Device Configuration Template Changes You can now create a Device Configuration Template from an existing configuration file for a fully managed device. Open Policy Manager for a fully managed device and select File > Create Template. Configuration options that are not available in templates are automatically removed when the configuration file is saved as a new template. When template objects are specified for deletion, any links to those objects are removed when the template is applied to a device. When a template is in manual order mode and a fully managed device is in manual order mode, the policy order that you specify in the template is maintained when the template is applied to the device. WatchGuard Training 16

17 Device Configuration Template Changes In a template, you can now select the WatchGuard hosted WebBlocker server option for the WebBlocker server. When the WatchGuard hosted WebBlocker server option is selected, the template can only be applied to XTM 2 Series and XTM 33 devices. WatchGuard Training 17

18 Other Minor Features

19 TLS Encryption, Log Server Notification Port, and Certificate Authority List Rules for TLS Encryption now have a maximum length of 200 bytes. Configure a proxy action for the SMTP-proxy and select the TLS Encryption category. STARTTLS rules that you add can include no more than 200 bytes. The port the Log Server uses to send notifications can now be specified when you add the SMTP server information on the Log Server > Notification page in WSC. Type the address of the SMTP server and include the port: smtp.mydomain.com: The Certificate Authority List has been updated with all the current CAs recognized by the XTM device. Updated certificates are available on your computer when you install WSM: Windows 7 C:\ProgramData\WatchGuard\wgca\certs Windows XP C:\Documents and Settings\WatchGuard\wgauth\certs\README WatchGuard Training 19

20 Diagnostic Log Level for the Terminal Services Agent and TO Set Tool

21 Diagnostic Log Level Terminal Services Agent & TO Set Tool From the TO Agent Settings dialog box, you can now set the Log Level for the Terminal Services Agent and the TO Set Tool. In the Application section, from the drop-down list, select TOAgent or TO Set Tool. Slide the Settings control to select a log level and click Apply. Review the log messages for the TOAgent or TO Set Tool: In the Application section, from the drop-down list, select TOAgent or TO Set Tool. Click View Log to see the log messages for the selected application. WatchGuard Training 21

22 New Platforms

23 XTM 25/25-W, XTM 26/26-W XTM 33/33-W Form FactorDesktop Network Interfaces 5x GbE (RJ45) Other Interfaces1x USB 1x RJ45 serial 1x USB 1x RJ45 serial ProcessorPower Architecture Single CorePower Architecture Dual Core Flash / RAM256 MB / 512 MB512 MB / 1 GB Weight1.3 U.S. lbs (XTM 25, 26) 1.55 U.S. lbs (XTM 25-W, 26-W) 1.3 U.S. lbs (XTM 33) 1.55 U.S. lbs (XTM 33-W) Power Supply12V/2A WatchGuard Training New XTM 2 Series and 3 Series Models 23

24 XTM 2 Series and 3 Series Model Upgradeability XTM 2 Series You cannot upgrade an XTM 21, 22, or 23 to an XTM 25 or 26. Available upgrades for all 2 Series models: XTM 21/21-W Model upgradeable to XTM 22/22-W or XTM W XTM 22/22-W Model upgradeable to XTM 23/23-W XTM 23/23-W Not model upgradeable XTM 25/25-W Model upgradeable to XTM 26/26-W XTM 26/26-W Not model upgradeable XTM 3 Series XTM 3 Series models are not model upgradeable. XTM 33 and XTM 330 have very different hardware. WatchGuard Training24

25 THANK YOU!


Download ppt "Whats New in Fireware XTM v11.5.2. New Features in Fireware XTM v11.5.2 Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple."

Similar presentations


Ads by Google