Archive | WatchGuard Software RSS feed for this section

WatchGuard Announces Fireware XTM and WSM v11.5.3

May 3, 2012 by Corey Nachreiner 2 Comments

Available for All XTM Appliances

WatchGuard is excited to announce the general release of Fireware XTM v11.5.3 and WatchGuard System Manager v11.5.3. This release demonstrates a continuing commitment to quality to WatchGuard customers, with a significant number of bug fixes and several minor enhancements.You can install Fireware XTM OS v11.5.3 on any WatchGuard XTM device, including 2 Series, 3 Series, 5 Series, 8 Series, XTM 1050, and XTM 2050 devices.

A few minor enhancements include:

  • Changes to the routes section of the Firebox System Manager Status Report to improve consistency in the way IPv4 and IPv6 routes are displayed.
  • New IP address validity checking in Mobile VPN configurations to help prevent common errors with overlapping IP addresses.

In addition to the enhancements listed above, 11.5.3 also includes a large number of bug fixes, covering many different areas of Fireware and WSM. For more information, see the Resolved Issues section of our Release Notes.

For more information about the feature enhancements included in Fireware XTM v11.5.3, see What’s New in Fireware XTM v11.5.3 [PPT file].

Does This Release Pertain to Me?

Fireware XTM 11.5.3 is an enhancement release, which corrects a large number of bugs in our software, and improves its general stability. If you have any XTM series appliance and wish to take advantage of the enhancements listed above, or those mentioned in the Release Notes, you should upgrade to version 11.5.3. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center. To make it easier to find the relevant software, be sure to uncheck the “Article” and “Known Issue” search options, and press the Go button. The 11.5.3 Release Notes include clear upgrade instructions. Fireware XTM 11.5.3 is an XTM Series only release, and does not work on e-Series appliances.

As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , , ,

WatchGuard Announces Fireware XTM 11.5.2 Update 1

March 28, 2012 by Corey Nachreiner 3 Comments

For Original XTM 2 Series Appliance Models Only

WatchGuard has released an important update for the original XTM 2 Series appliance models (XTM 21/22/23 and the wireless models). This update corrects certain conditions that cause instability for some customers on these platforms. More specifically, this update is for appliance software only. It resolves a file system writing issue and reduces memory use during Gateway AV signature updates. If you are running one of the original XTM 2 Series appliances and are experiencing the following issues on XTM 11.5.1 or 11.5.2, we recommend applying this patch:

  • Appliance passes traffic normally but cannot be managed via WSM or Web UI
  • Appliance gradually stops passing traffic, cured by a reboot.

The update also resolves many other minor bugs. You can find more information about this update, and the issues it corrects, in the Release Notes.

Does This Release Pertain to Me?

Fireware XTM 11.5.2 Update 1 is an enhancement release designed to correct a few stability issues that may affect some original 2 Series model customers. If you manage an XTM 21, 22, or 23 appliance, and are experiencing the symptoms described above, you should download and install XTM 11.5.2 Update 1. However, if you manage a newer XTM 25 or 26 appliance, or any other XTM Series platform, you do not need this update. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM 2 Series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center, which also includes clear installation instructions. Fireware XTM 11.5.2 Update 1 is only for the original 2 Series appliance models (XTM 21/22/23 and wireless models). As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , ,

WatchGuard XCS 9.2 Update 2 Now Available:

March 15, 2012 by Corey Nachreiner 0 Comments

Notification Message Variables, Plus Security, and Functionality Fixes

15 March 2012

As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances, which protect against data loss, viruses, and malware, WatchGuard is pleased to announce the availability of XCS 9.2 Update 2.

Highlights of this maintenance release include:

  • Variables are now supported in notifications with configurable subject headers. System variables can now be used in notification messages that use configurable subject headers.
  • A new %Subject% system variable is implemented.  System variables are system and message settings that are automatically substituted at the time a notification message is sent. A new %SUBJECT% variable is available that allows you to insert the subject field of the original message in message notifications.
  • FreeBSD security advisory FreeBSD-SA-11:06.bind has been resolved. A vulnerability in an open source component of XCS, which could permit denial-of-service (DoS) attacks on the name service functionality, has been addressed.
  • A vulnerability (CVE-2011-3389) with SSLv3/TLSv1 ciphers has been resolved. An issue in the open source SSL/TLS component of XCS that could allow attackers to craft specially formatted request to allow the decryption of secure web and email traffic has been mitigated. (Note that this issue did not affect the email encryption add-on capability.)
  • Over 40 additional bug fixes and minor enhancements have been included. For more details, see the Release Notes.

Does This Release Pertain to Me?

XCS 9.2 Update 2 is a maintenance release that contains a number of enhancements and bug fixes, including security fixes. Because of the security updates, it is strongly advised that users install the software update. Please read the Release Notes before you upgrade, to understand what is involved.

How Do I Get the Release?

Your XCS appliance will automatically download the XCS 9.2 Update 2 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from the Articles and Support section of WatchGuard’s Support Center. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.

For a more detailed description of this update, please visit the WatchGuard Support Center at http://www.watchguard.com/support/.

If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , ,

WatchGuard Announces Fireware XTM and WSM v11.5.2

March 7, 2012 by Corey Nachreiner 7 Comments

Available for All XTM Appliances

7 March, 2012

WatchGuard is excited to announce the general release of Fireware XTM v11.5.2 and WatchGuard System Manager v11.5.2.

With this release, WatchGuard is proud to support the new XTM 2 Series models: XTM 25 and XTM 26. Additionally, this release demonstrates a continuing commitment to quality to WatchGuard customers, with a significant number of bug fixes and enhancements.You can install Fireware XTM OS v11.5.2 on any WatchGuard XTM device, including 2 Series, 3 Series, 5 Series, 8 Series, XTM 1050, and XTM 2050 devices.

Some significant enhancements in Fireware XTM v11.5.2 include:

  • Application Control user feedback message: Application Control now offers a deny message to users whose HTTP requests are blocked due to your application control policies
  • Advanced Search in Log and Report Manager: We’ve added advanced search functions in LogViewer to help you pinpoint important log information quickly and efficiently
  • Mobile VPN with SSL supports multiple authentication servers: Mobile VPN with SSL clients can now authenticate to multiple authentication servers and Active Directory authentication domains
  • Management Server device configuration template improvements:
    • Ability to create a device configuration template from an existing configuration file
    • Inclusion of hosted WebBlocker Server settings in templates for XTM 2 Series and XTM 33 devices
    • Policy order in a template is preserved when you apply the template to an XTM device
  • FireCluster support for XTM 330 appliances: You can now configure XTM 330 appliances in a FireCluster (an active/active or active/passive HA pair)
  • And many other minor enhancements…

In addition to the enhancements listed above, 11.5.2 also includes a large number of bug fixes, covering many different areas of Fireware and WSM. For more information, see the Resolved Issues section of our Release Notes.

If you’re an active LiveSecurity subscriber, you can upgrade to Fireware XTM v11.5.2 free of charge. You can install Fireware XTM v11.5.2 software on any WatchGuard XTM device. Although WatchGuard System Manager v11.5.2 has been designed to manage devices running earlier versions of Fireware XTM v11, it is not possible to install Fireware XTM v11.5.2 on WatchGuard e-Series appliances.

Does This Release Pertain to Me?

Fireware XTM 11.5.2 is a feature release that also includes many bug fixes. If you have any XTM series appliance and wish to take advantage of the enhancements listed above, or those mentioned in the Release Notes, you should consider upgrading to version 11.5.2. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center, which also includes clear installation instructions. Fireware XTM 11.5.2 is an XTM Series only release, and does not work on e-Series appliances. As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , , , ,

WatchGuard Releases v3.1.2 for WatchGuard SSL 100 and 560

January 24, 2012 by Corey Nachreiner 6 Comments

WatchGuard is pleased to announce the release of WatchGuard SSL OS v3.1.2 for the WatchGuard SSL 100 and SSL 560.

The WatchGuard SSL appliances are easy-to-use, all-in-one, secure, remote access solutions for small to medium-sized businesses. WatchGuard SSL 100 supports up to 100 concurrent users to make secure connections. The SSL 560 appliance supports up to 500 concurrent users. The WatchGuard SSL appliances deliver applications directly to the desktop of your remote employees to provide increased productivity—from anywhere, at anytime.

Highlights of the WatchGuard SSL OS v3.1.2 release include:

  • Internet Explorer (IE) 9 support. You can now use IE9 to both configure the appliance’s WebUI and to access resources with the Access Client
  • The WebUI performs faster on SSL 100 devices
  • The Access Client has been improved to provide greater stability
  • Corrected various potential security vulnerabilities
  • Remote Desktop single sign-on now works with Windows Server 2008
  • The Web UI is now more stable, with improved error and exception handling
  •  … and many other fixes — please see the Release Notes for complete details.

If you’re an SSL 100 or 560 appliance owner with an active LiveSecurity subscription, you can upgrade to SSL OS v3.1.2 free of charge.

Does This Release Pertain to Me?

SSL OS v3.1.2 is a scheduled maintenance release. If you have an SSL 100 or 560 appliance, and wish to take advantage of any of the enhancements listed above, or those mentioned in the Release Notes, you should consider upgrading to v3.1.2. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

WatchGuard SSL 100 and 560 owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center, which also includes clear installation instructions. As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , ,

WatchGuard Releases Fireware XTM 11.3.5 for e-Series Appliances

January 24, 2012 by Corey Nachreiner 2 Comments

WatchGuard is very pleased to announce that Fireware XTM 11.3.5, the latest operating system for our Firebox X e-Series appliances, is now available for download.

Fireware XTM v11.3.5 is the newest operating system software release for Firebox X Peak, Core, and Edge e-Series appliances. Fireware XTM v11.3.5 demonstrates a continuing commitment to WatchGuard Firebox X e-Series customers, with a significant number of bug fixes and enhancements. It is primarily a sustaining release that resolves many known issues.

NOTE: There is no new WatchGuard System Manager release to accompany Fireware XTM v11.3.5. You can either use WatchGuard System Manager v11.4.x-v11.5.x or WatchGuard System Manager v11.3.2 to connect to a Firebox e-Series device that runs Fireware XTM v11.3.5, although you must use WatchGuard System Manager v11.4.1 or higher if you want to use the Mobile VPN with IPSec Shrew Soft VPN client.

Some of XTM v11.3.5′s fixes and enhancements include:

  • Various authentication enhancements, which improve Active Directory and Radius authentication support.
  • Improved PPPOE support in multi-WAN situations
  • Blocked Site entries can now accept a /32 subnet mask
  • Various FireCluster Improvements
  • Fixed a problem that prevented Gateway AV from scanning passive FTP connections
  • Various Mobile VPN with SSL improvements which improve the client’s overall interoperability
  •  … and many other fixes — please see the Release Notes for complete details.

If you’re an active e-Series LiveSecurity subscriber, you can upgrade to Fireware XTM 11.3.5 free of charge.

Does This Release Pertain to Me?

Fireware XTM 11.3.5 is a sustaining release that contains a significant number of bug fixes and enhancements. If you have any Firebox e-Series appliances, and wish to take advantage of any of the enhancements listed above, or those mentioned in the Release Notes, you should consider upgrading to version 11.3.5. XTM appliance owners should not install 11.3.5, but rather stick with 11.5.x. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM series or Firebox e-Series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center, which also includes clear installation instructions. Keep in mind, Fireware XTM 11.3.5 is an e-Series only release, and does not work on more recent XTM appliances. As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , ,

WatchGuard Releases WSM v11.5.1 Update 1: XSS Flaws Corrected

December 15, 2011 by Corey Nachreiner 8 Comments

Severity:High

15 December, 2011

Summary:

  • This vulnerability affects: WatchGuard System Manager (WSM) v11.5.1
  • How an attacker exploits it: Multiple vectors of attack, including enticing you to click a maliciously crafted link, or sending specially crafted network traffic through an XTM appliance and having you view the resulting logs in our Web UI
  • Impact: In the worst case, an attacker can execute code in your browser with elevated privileges, possibly hijacking your web browser
  • What to do: Install WSM 11.5.1 Update 1 at your earliest convenience

Exposure:

A few weeks ago, WatchGuard released Fireware XTM OS and WatchGuard System Manager (WSM) v11.5.1. Among other things, this release includes a newly designed Log and Report Manager Web UI, which greatly improves our logging and reporting interface, making it dramatically faster and easier to use.

However, shortly after the release of WSM v11.5.1, we learned of two privately reported and two internally discovered security issues that affect our Log and Report Manager Web UI. WSM v11.5.1 Update 1 fixes all four of those security issues. We describe these issues in a bit more detail below:

  • BUG 64549: Persistent XSS Vulnerability in Log Messages (CVE-2011-4774)

The Log and Report Manager Web UI does not properly sanitize log data it retrieves from the log database, before displaying it in the Web UI. By sending specially crafted traffic through your XTM appliance (such as maliciously crafted email or FTP connections), an attacker can fill your logs with messages that contain malicious web script. When you view these logs within the Log and Report Manager Web UI, they could trigger a Cross-Site Scripting (XSS) vulnerability, which allows the attacker to execute scripts in your web browser under the context of our Web UI. Since these malicious logs would remain in your log database until you specifically deleted them, this flaw is a persistent XSS vulnerability.

In general, attackers can leverage XSS attacks to steal your web cookies, hijack your web sessions, redirect you to malicious sites, or essentially take any action you could on the vulnerable web site. In some cases, attackers can even leverage XSS attacks to hijack your web browser, and gain unauthorized access to your computer. That said, a few factors somewhat mitigate the severity of this issue. In order to exploit this flaw, an attacker would have to know you manage a WSM server with v11.5.1. He’d also have to send very specially crafted traffic through your XTM appliance, which would need policies that allow such traffic. Finally, though this attack may allow the attacker to gain elevated privilege in your web browser, it would not give the attacker access to your XTM appliance, or the ability to change firewall rules. Nonetheless, we consider this a fairly serious vulnerability, and recommend you update as soon as you can. We’d like to thank Wayne Murphy of Sec-1 for bringing this flaw to our attention.

Severity: High

  • BUG 64551: Reflected XSS Vulnerability in URL Parameters (CVE-2011-4774)

The Log and Report Manager Web UI also does not properly sanitize inputs entered into certain URL parameters. By enticing you to click onto a specially crafted link, or by intercepting and modifying URL parameters, an attacker could exploit this flaw to trigger another XSS vulnerability. The impact of this flaw is the same as the one described above; an attacker can leverage it to steal web cookies, hijack your web session, or essentially take any action you could in the Log and Report Web UI. This is a reflected XSS flaw since the attack only occurs once, when you click the malicious link.

Like the flaw described above, an attacker would first have to know you manage an XTM appliance with WSM v11.5.1 to exploit this flaw. Furthermore, the attacker would then need to entice you to click a malicious link, which makes this XSS vulnerability slightly less severe than the one described above. Again, we’d like to thank Wayne Murphy of Sec-1 for bringing this flaw to our attention.

Severity: Medium

  • Two Low-Severity Nessus-Reported Vulnerabilities

Our own internal tests identified two minor security issues in our Log and Report Web UI, which were reported by Nessus scans. You can learn more about these issues from the links provided below:

In both cases, your WSM server is protected by your XTM appliance, making it unlikely that an external attacker could exploit either of these minor flaws. We believe they pose very low risk, but still recommend you apply Update 1 as soon as you can.

Severity: Low

Solution Path:

WSM v11.5.1 Update 1 fixes all four of these security issues. XTM appliance administrators who have installed WSM v11.5.1 should download and install Update 1 at their earliest convenience.

FAQ:

Are any of WatchGuard’s other products affected?

No. To our knowledge, these vulnerabilities only affect the new WSM v11.5.1 Log and Report Manager Web UI.

What exactly are the vulnerabilities?

The worst of these four vulnerabilities are the Cross-Site Scripting (XSS) vulnerabilities, which can allow attackers to execute scripts in your web browser under the context of our Web UI. In general, attackers can leverage XSS attacks to steal your web cookies, hijack your web sessions, redirect you to malicious sites, or essentially take any action you could on the vulnerable web site. In some cases, attackers can even leverage XSS attacks to hijack your web browser, and gain unauthorized access to your computer. However, attackers cannot leverage these flaws to gain access to your XTM appliance or change firewall rules.

How serious is the vulnerability?

We believe the two XSS vulnerabilities are fairly serious. However some mitigating factors will likely limit attackers from exploiting these flaws in the real world. In general, XSS flaws can be very dangerous. Tools like the Browser Exploitation Framework (BeEF) have illustrated that attackers can leverage simple XSS flaws to gain significant control of your browser, and possibly your computer. That said, attackers would have to know a lot about you and your organization to exploit these particular XSS vulnerabilities. Specifically, they’d have to know you manage a WSM v11.5.1 server, and either get you to click a link, or view a specific log message in our Web UI. This would likely only happen in a very targeted attack. Furthermore, these flaws would not give the attacker access to your XTM appliance. That said, as a security company, WatchGuard takes any vulnerability in our products very seriously. We suggest you install WSM v11.5.1 Update 1 as soon as possible.

Other than installing Update 1, is there a workaround?

Not really. Obviously, if you avoid clicking malicious phishing links, then an attacker couldn’t exploit the reflected XSS attack. However, even the most savvy security professional sometimes can click the wrong link. If you do not allow any incoming traffic through your XTM appliance, then an attacker may not be able to booby-trap your log files with specially crafted messages. However, most organizations have policies to at least allow email traffic. This alone could allow an external attacker to corrupt your logs. We highly recommend you install WSM v11.5.1 Update 1 to correct these issues.

Where can I go to get the hotfix?

WSM 11.5.1 Update 1 is currently available in the Articles & Software section of WatchGuard’s Support Center. Look for it under the Management Software section for your XTM appliance.

How was this vulnerability discovered?

Two of these vulnerabilities were discovered by Wayne Murphy of Sec-1 (@Sec1Ltd), and confidentially reported to WatchGuard. We thank Mr. Murphy for working with us to keep our customers secure. The remaining issues were discovered internally.

Do you have any indication that this vulnerability is being exploited in the wild?

No, at this time we have no indication that these vulnerabilities are being exploited in the wild, nor do we believe them likely to be in the future.

Who can I contact at WatchGuard if I have more questions?

If you have further questions about this issue, or any other security concerns with WatchGuard products, please contact:

Corey Nachreiner, CISSP.
Senior Network Security Strategist
WatchGuard Technologies, Inc.
http://www.watchguard.com
corey.nachreiner@watchguard.com

Security Updates, WatchGuard Software
, , , , , , ,

WatchGuard Announces Fireware XTM and WSM v11.5.1

November 29, 2011 by Corey Nachreiner 9 Comments

Available for All XTM Appliances

WatchGuard is excited to announce the release of Fireware XTM v11.5.1 and WatchGuard System Manager (WSM) v11.5.1, the latest security operating system for our award-winning XTM appliance line. You can install Fireware XTM OS v11.5.1 on any WatchGuard XTM device, including 2 Series, the new XTM 330, 5 Series, 8 Series, XTM 1050, and XTM 2050 appliances.

Fireware XTM and WSM v11.5.1 marks the first 11.5.x release of our software, and delivers many valuable new capabilities and enhanced features to our already feature-rich XTM products. Though primarily a feature release, v11.5.1 also demonstrates WatchGuard’s continuing commitment to quality with a significant number of bug fixes.

We highlight just a few Fireware XTM v11.5.1′s new features below:

  • A newly designed Log and Report Manager Web UI – We have updated our already information-rich logging and reporting UI to make it dramatically faster and easier to use. It now offers drill-down capabilities on users, applications, URLs visited, and more, as well as pivot capabilities that allow you to find the information you need much faster than before. Some other logging and reporting related updates include:
    • UTC log time stamping, which allows you to always know what time logs arrived, regardless of which time zone your XTM appliance and log server resides in.
    • Report integration with ConnectWise, which allows ConnectWise administrators to automate WatchGuard XTM report creation and delivery to their customers.
  • Mobile VPN with IPSec support for Apple® iOS devices – We have updated our XTM IPSec gateway to allow iPhones, iPads, and iPods to make secure connections to your XTM appliance using Apple’s built-in IPSec client. This update also allows OS X Lion Macs to connect using Lion’s built-in IPSec client as well.
  • Mobile VPN with SSL support 64-bit Mac clients – Our Mac SSL client now supports 64-bit OS X installations.
  • IPv6 Routing Support - Your XTM appliance can now receive an IPv6 address, use IPv6 DNS/WINS servers, create static IPv6 routes, and support SLAAC router advertisement. 11.5.1 has achieved IPv6ready.org Gold logo for routing, confirming that the basic “plumbing” — the packet routing building blocks of IPv6 — works correctly. It’s important to note that v11.5.1 does not yet support IPv6 firewall policies, which will come in a later release.
  • Improved Dynamic Routing support – We have updated and improved our Dynamic Routing engine, and it now supports Dynamic Routing in FireCluster configurations as well.
  • SMTP Proxy enhancements to support TLS encryption – Our SMTP proxy now supports and enforces TLS encrypted user authentication and end-to-end message body encryption.
  • Clientless Single Sign-On (SSO) - Fireware XTM v11.5.1 delivers improved SSO accuracy without the need to install SSO client software on all your computers.
  • FIPS Support – XTM devices now meet the overall requirements for FIPS 140-2 Level 2 security, when configured in a FIPS-compliant manner.

In addition to the features and enhancements listed above, 11.5.1 also includes numerous smaller enhancements and many bug fixes in different areas of Fireware and WSM.

If you’re an active LiveSecurity subscriber, you can upgrade to Fireware XTM v11.5.1 free of charge. You can install Fireware XTM v11.5.1 software on any WatchGuard XTM device. Although WatchGuard System Manager v11.5.1 has been designed to manage devices running earlier versions of Fireware XTM v11, it is not possible to install Fireware XTM v11.5.1 on WatchGuard e-Series appliances.

For more information about the feature enhancements included in Fireware XTM v11.5.1, see the Release Notes or What’s New in Fireware XTM v11.5.1.

Does This Release Pertain to Me?

Fireware XTM 11.5.1 is a feature release that also includes many bug fixes. If you have any XTM series appliance and wish to take advantage of the enhancements listed above, or those mentioned in the Release Notes, you should consider upgrading to version 11.5.1. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles & Support section of WatchGuard’s Support Center, which also includes clear installation instructions. Fireware XTM 11.5.1 is an XTM Series only release, and does not work on e-Series appliances. As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , , , , ,

WatchGuard Fireware XTM 11.4.2 Available for XTM Appliances

November 16, 2011 by Corey Nachreiner 1 Comment

For XTM 2, 5, 8, and XTM 1050 Appliances, and WSM

In August, WatchGuard posted Fireware XTM v11.4.2 to the Articles and Downloads section of our Support web page. At the time, we also performed some website and infrastructure changes that prevented us from emailing the 11.4.2 Software Announcement to our qualified customers. To make sure all our customers know about this exciting new update, we are re-posting the original Fireware XTM 11.4.2 announcement here.

Dear WatchGuard Customer,

WatchGuard is excited to release Fireware XTM v11.4.2. Fireware XTM v11.4.2 demonstrates our continuing commitment to quality to WatchGuard customers, with a significant number of bug fixes and enhancements, including:

  • Firewall policies can now be applied to intra-VLAN traffic
  • Branch office VPN tunnels now work with External Wireless interfaces
  • Support for multiple Mobile VPN with SSL policies for different users/groups from Policy Manager
  • Other numerous bug fixes and stability enhancements.

In addition to the features and enhancements listed above, 11.4.2 includes numerous smaller enhancements and bug fixes in many different areas of Fireware and WSM.

If you’re an active LiveSecurity subscriber, you can upgrade to Fireware XTM 11.4.2 free of charge. You can install Fireware XTM OS v11.4.2 software on any WatchGuard XTM device, including 2 Series, 5 Series, 8 Series, and the XTM 1050. Although WatchGuard System Manager/Policy Manager v11.4.2 has been designed to manage Fireware XTM v11.3 and Fireware XTM v11.4 devices seamlessly, it is not possible to install Fireware XTM OS v11.4.x on WatchGuard e-Series appliances.

For more information about the feature enhancements included in Fireware XTM v11.4.2, see What’s New in Fireware XTM v11.4.2.

Does This Release Pertain to Me?

Fireware XTM v11.4.2 is a feature release that also includes many bug fixes. If you have any XTM series appliance and wish to take advantage of the enhancements listed above, or those mentioned in the Release Notes, you should consider upgrading to version 11.4.2. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

XTM series owners who have a current LiveSecurity Service subscription can obtain this update without additional charge by downloading the applicable packages from the Articles and Downloads section of our Support web pages, which also includes clear installation instructions. Fireware XTM v11.4.2 is an XTM Series only release. As always, if you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, ,

WatchGuard XCS 9.2 Update 1 Now Available:

October 26, 2011 by Corey Nachreiner 0 Comments

Simplified Email Encryption, Enhanced Protection from Malware, and Extended Web Security with HTTPS Traffic Scanning

October 26, 2011

As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances to protect from data loss, new viruses and malware, and to enhance HTTPS web security, WatchGuard is pleased to announce the availability of XCS 9.2 Update 1.

Highlights of this maintenance release include:

  • Removal of mandatory upload of authorized SecureMail Email Encryption user list to simplify management and administration; the number of users allowed to use SecureMail Email Encryption is based on your license limit.
  • “Send SecureMail” Outlook Add-In is now available that allows end users to place an email encryption button in their Outlook toolbar.
  • Outlook 2010 Add-In for Spam/Not Spam Reporting is now available; Outlook 2003 and Outlook 2007 Add-Ins are also available.
  • New Adaptive Intercept Anti-Spam Decision Strategy transparently transitions spam scoring upon successful training of the system.
  • Postfix Mail Engine Upgrade to the latest version significantly improves mail processing performance and security.
  • Detection of JavaScript in PDF Files allows you to block the transmission of PDF documents containing JavaScript code to protect from malicious code delivered by this method.
  • Kaspersky Anti-Virus Scanning & Pattern Update Engines have been upgraded to the latest version to provide enhanced protection against the latest virus, spyware, and malware threats.
  • Delivery Status Notifications (DSN) is now available with XCS for notification of successful, delayed, or failed message deliveries.
  • Configurable From: and Subject: Notification Headers can now be configured for enhanced message tracking and visibility into message processing. 
  • Global TLS Inbound and Outbound Settings:  TLS encryption settings can now be applied globally for both inbound and outbound TLS connections.
  • Web Security Expanded With HTTPS Scanning:  The XCS Web Security subscription now includes scanning of HTTPS traffic for web-based threats and data loss.  The XCS Web Proxy can now perform deep content inspection of encrypted HTTPS traffic using the same scanners as the HTTP proxy, such as Anti-Virus, the Objectionable Content Filters, Reputation Enabled Defense, and Content Scanning.  This new functionality allows customers to extend enforcement of data security policies by now scanning HTTP, HTTPS, and FTP web traffic.

Does This Release Pertain to Me?

XCS 9.2 Update 1 is available for download from the WatchGuard Software Downloads section within LiveSecurity. Details regarding this new release are available in the Release Notes. If you have any XCS series appliances or are subscribed to the XCS SecureMail Email Encryption subscription, and wish to take advantage of the new simplified administration and user enhancements, you should consider upgrading to XCS 9.2 Update 1. Please read the Release Notes before you upgrade, to understand what’s involved.

How Do I Get the Release?

If Security Connection is enabled, your XCS appliance will automatically download the XCS 9.2 Update 1 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from our Software Center in the WatchGuard Portal. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.

For a more detailed description of this update, please visit the WatchGuard Support Center at http://www.watchguard.com/support/. If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375
WatchGuard Software
, , ,
Older Entries

Follow

Get every new post delivered to your Inbox.

Join 6,939 other followers