Presentation is loading. Please wait.

Presentation is loading. Please wait.

What’s New in Fireware v

Published byDonna Summers Modified over 6 years ago

Similar presentations

Presentation on theme: "What’s New in Fireware v"— Presentation transcript:

1 What’s New in Fireware v11.12.4

2 What’s New in Fireware v11.12.4
Support for Firebox M370, M470, M570, M670 models APT Blocker Region Selection IPS default Scan Mode changes Explicit Proxy with Chromebook Integration Guide Improved log messages for HTTPS-proxy and SMTP-proxy SSL negotiation errors

3 What’s New in Fireware v11.12.4
Support for new AP420 devices Gateway Wireless Controller enhancements ConnectWise FireCluster Monitoring and Company ID lookup Manage Firebox Cloud with Dimension

4 New Firebox Models WatchGuard System Manager can now manage four new Firebox models: M370 – 8 interfaces M470, M570, M670 – 8 interfaces, plus one interface module slot Fireware v is an upgrade for these four models These models are all manufactured with Fireware v

5 APT Blocker Region Selection
In the APT Blocker Advanced settings, you can now select a Server Region for APT Blocker requests Any (Default) Europe This meets requirements of EU customers who want data to remain in Europe By default, APT Blocker sends requests to the nearest regional server

6 APT Blocker Region Selection

7 IPS Default Scan Mode The default setting for the Intrusion Prevention Service Scan Mode is set when your run the setup wizard

8 IPS Default Scan Mode The scan mode for your Firebox depends on the model Full Scan All Firebox M models Firebox T70 FireboxV Firebox Cloud Fast Scan Firebox T10, T30, T30-W, T50, T50-W All XTM device models (includes XTMv) If you upgrade your Firebox, the current Scan Mode setting in your configuration file is not changed

9 Explicit Proxy with Chromebook
The Explicit Proxy has now been tested and verified to work with Chromebooks managed by the Google Admin console This is not a new feature implementation For more information, see the WatchGuard Explicit Proxy with Chromebook Integration Guide, on the WatchGuard Technology Partners page:

10 SSL Error Log Message Enhancements
SSL error log messages generated by the HTTPS-proxy and SMTP-proxy now include more detailed information: Internal SSL error message Associated domain name from SNI or server certificate Proxy action PFS settings These additional details make it easier to: Troubleshoot SSL connection issues Identify domains that require PFS ciphers, if PFS ciphers are not enabled in the proxy action If a site requires PFS, and you do not want to enable PFS ciphers in the proxy action, you can add a content inspection exception for the domain that appears in the log message

11 SSL Error Log Message Enhancements
For information about PFS ciphers in a proxy action, see Cannot connect to website with error: err_ssl_version_or_cipher_mismatch in the Knowledge Base Sample error log messages: Server requires PFS, but PFS is set to None in the proxy action Mar 30 10:19: M500 local3.err pxy[1610]: 0x84eff : : > :443 [B t] {N}: Connect SSL Error [ret -1 | SSL err 1 | Details: SSL23_GET_SERVER_HELLO/sslv3 alert handshake failure] Domain: PFS: NONE | NONE Proxy does not support any of the client advertised ciphers Mar 27 19:08: M500 local3.err pxy[2541]: 12: : > :443 [A t] {B}: Accept SSL Error [ret -1 | SSL err 1 | Details: ssl3_get_client_hello/no shared cipher] Domain: PFS: NONE | NONE

12 SSL Error Log Message Enhancements
Proxy does not trust the web server certificate Mar 30 09:38: M500 local3.err pxy[1611]: 0x : : > :443 [A t] {B}: Accept SSL Error [ret 0 | SSL err 1 | Details: ssl3_read_bytes/tlsv1 alert unknown ca] Domain: PFS: NONE | NONE

13 AP420 Device Support added for the AP420
High performance enterprise AP device 4x4:4 MU-MIMO ac Wave 2 access point Dedicated third radio for scanning and over-the-air attack prevention Limitations 160MHz channel width currently not supported Third radio not available in local mode with a Gateway Wireless Controller

14 AP420 Management You can manage AP420 devices with one of these methods: WatchGuard Wi-Fi Cloud — Powerful, cloud-based, enterprise- level wireless management for AP device configuration, security, and monitoring WatchGuard Firebox Gateway Wireless Controller — Local management, configuration, security, and monitoring of AP devices directly from your WatchGuard Firebox To locally manage AP420 devices from the Gateway Wireless Controller, your Firebox must run Fireware OS v or higher

15 Gateway Wireless Controller Enhancements
AP devices are now automatically trusted when you pair a new AP device with the Gateway Wireless Controller FireCluster support for Gateway Wireless Controller features includes synchronization of: AP device configuration state Last known IP address and passphrase Auto-generated AP passphrases Trust store records AP firmware downloads

16 Gateway Wireless Controller Enhancements
Wireless configuration changes (such as changes to SSID settings, radio channels, and power levels) no longer require a reboot of an AP120, AP320, or AP322 device Note: Changes to network settings (such as IP address, DHCP, VLAN, and NTP settings) still require a reboot Firmware for legacy AP100, AP102, AP200, and AP300 devices is no longer bundled with Fireware AP firmware is still available from the Gateway Wireless Controller or WatchGuard Software Downloads page

17 ConnectWise FireCluster Monitoring
You can now configure ConnectWise to create a ticket when a FireCluster failover occurs The new FireCluster master generates a ticket when the failover occurs The member IDs of the new master and the previous master are included in the ticket The ticket is closed after five minutes of cluster stability

18 ConnectWise Company ID Lookup
When you configure ConnectWise integration on a Firebox, you can now look up a Company ID and select the ID from a list of companies

19 Manage Firebox Cloud with Dimension
You can now configure your instance of Firebox Cloud to be managed by Dimension Select System > Managed Device

20 Thank You!

21

Download ppt "What’s New in Fireware v"

Similar presentations

What’s New in Fireware XTM

What’s New in Fireware XTM
What’s New in Fireware XTM v11.6.1

What’s New in Fireware XTM v11.6.1
Whats New in Fireware XTM v11.5.2. New Features in Fireware XTM v11.5.2 Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple.

Whats New in Fireware XTM v New Features in Fireware XTM v Major Changes FireCluster with XTM 330 appliances Mobile VPN with SSL using multiple.
What’s New in Fireware XTM v11.3.4

What’s New in Fireware XTM v11.3.4
Introduction to the WatchGuard AP Device

Introduction to the WatchGuard AP Device
What’s New in Fireware XTM v11.7.3

What’s New in Fireware XTM v11.7.3
What’s New in Fireware XTM

What’s New in Fireware XTM
What’s New in Fireware XTM v11.3.2

What’s New in Fireware XTM v11.3.2
What’s New in Fireware XTM v11.8.3

What’s New in Fireware XTM v11.8.3
What’s New in Fireware XTM v11.9.1

What’s New in Fireware XTM v11.9.1
What’s New in WatchGuard Dimension v1.2

What’s New in WatchGuard Dimension v1.2
Altai Certification Training Operation & Maintenance

Altai Certification Training Operation & Maintenance
Introduction to XTMv WatchGuard Training.

Introduction to XTMv WatchGuard Training.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
What’s New in Fireware XTM v11.8.1 WatchGuard Training.

What’s New in Fireware XTM v WatchGuard Training.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
Managing Client Access

Managing Client Access

Similar presentations

Ads by Google