Now Available: TDR 5.1 with APT Blocker Built-in

We’re thrilled to announce the general availability of Threat Detection and Response (TDR) 5.1, which includes some great new features that enhance both detection and response to threats as well as the overall user experience when testing new features. This release further increases the value of both TDR and the Total Security Suite, enabling users to more broadly identify threats across their network and respond to them in real-time.

This release of TDR includes two new key features:

  • APT Blocker
    With this release TDR can now directly triage suspicious files discovered by a Host Sensor by sending them to APT Blocker for further analysis. The submitted files undergo deep analysis for APT activity in a sandbox environment at a Lastline cloud-based data center. If evidence of malware activity is discovered, TDR can adjust the original suspicious threat score assigned to the file to prevent future infection. With sandbox policy enabled, this process and subsequent response can be automated, making threat triage incredibly easy and effortless.
  • Localization
    The TDR user interface is now available in French, Japanese, and Spanish. TDR automatically displays the localized user interface if your browser language is set to one of these languages.

To learn more, visit Threat Detection and Response.

Source: WatchGuard

Updates to Customer Support Phone System

As of Monday 18 September, WatchGuard Customer Support is pleased to announce some upcoming improvements to our phone system. We are integrating our phone system and CRM systems so that we can automatically find your account and contact information when you call in for support. We will use your phone number, either the number you call from or a number manually entered by you when you call, to locate your details within our system. We will use this information to prioritize your call and route your call to the correct support representative. We have also made some minor improvements to our language specific lines.

What to expect

  • Two new options when you call in to WatchGuard Technical Support:
    • You can select the language you want to be supported in (English, Spanish, French, Italian, Japanese, Mandarin)
    • You can confirm the best phone number for us to use to find your account information
  • Introduction of Business Hours for our language-specific phone lines:
    • The language-specific phone lines will open and close depending on customer time zone
    • During closed hours, customers who call a language-specific line will be given the option to leave a voicemail for the next available language speaker or to be transferred to an English-speaking representative

What you need to do

To prepare for these changes, we recommend that you log in to the WatchGuard website to verify your contact information is correct. We will use the phone numbers in your Profile to find your account when you call in. To review and update your profile information, click here. For more information about how to update your profile, you can also watch this video tutorial.

Source: WatchGuard

Fireware 12.0 is now available!

Fireware 12.0 General Availability
We are pleased to announce the General Availability (GA) of Fireware 12.0 and WSM 12.0 after a comprehensive Beta where the release was installed 400 Fireboxes around the world. These significant new releases are now available for download from the software download center.

Fireware 12.0 improves on the efficacy and performance of our Gateway Antivirus (GAV) service through the introduction of a new lightweight detection engine. Fireware 12.0 also introduces more secure defaults, improvements to APT Blocker, and continued support for more advanced networking use cases. You can find full details in the What’s New presentation on the website, and we encourage everyone upgrading to read the Release Notes in advance. Here is a quick summary of some key enhancements:

New GAV engine from Bitdefender with many benefits: 

  • Breadth of Protection against known threats with industry-leading file coverage
  • Rapid response to new threats with multiple incremental signature updates per day
  • Machine learning to assist in detection of unknown and evasive malware types
  • Faster performance through optimized scanning of executables, Microsoft Office, PDF files and more!

Many of the settings in the VPN area have been updated to stronger default cryptography settings for authentication and encryption. SHA-256 and AES-256 are now the default in most cases. We have also removed the PPTP option for VPN because it is no longer considered to be a secure protocol.

There are some APT Blocker improvements to guard against the delivery of zero-day malware and ransomware via email, including

  • Optional delay in email messages while waiting for results from the sandbox detonation of unknown attachments
  • Analysis and detonation of javascript files that are included in email

There are more advanced networking use cases.

  • Host Header redirection allows the hosting of different web applications behind a single public IP address, by routing traffic based on URL paths included in HTTP headers.             
  • The Firebox can pass multicast (PIM-SM) traffic, which is used to deliver application traffic from one to many nodes – typically used in VoIP and broadcast applications.

There are many more enhancements so please pay close attention to the Release Notes and What’s New presentations.

AV Signatures in 11.x releases
Previously WatchGuard had announced that we would discontinue support for AV signatures for the older AVG engine in Fireware 11.x by January 2018. This support will now be extended until April 2018. We will continue to notify partners and customers about this issue over the coming months.  

Does this release pertain to me?
The Fireware release applies to all Firebox T, Firebox M, and XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W, which are now End of Life (EOL), and XTM 505, 510, 520, and 530 which are EOL in December of this year. 

Software Download Center
Firebox and XTM appliance owners with active support subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center. 

For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Source: WatchGuard

Now Available: AP420 Indoor High Density Access Point

It gives me great pleasure to announce the availability of the AP420, our indoor 802.11ac Wave 2 4×4 access point. The AP420’s Multi-User MIMO (MU-MIMO) features mean it’s perfectly suited for the highest client density deployments. This access point easily serves crowded rooms full of smartphones, laptops and tablets to give users an excellent mobile connectivity experience. The AP420 also includes a 3rd radio for dedicated WIPS (Wireless Intrusion Prevention System) and RF optimization scanning. This 3rd radio will constantly defend your airspace against prolific man-in-the-middle (MitM) attacks responsible for stolen passwords, credit cards and other sensitive information, as well as optimize radio power, channel, and other RF parameters for the optimal Wi-Fi connectivity experience. Common deployment scenarios include tradeshow floors, auditoriums, large conference rooms, and shopping malls. 

Key Specifications

  • 802.11ac Wave 2
  • 4×4 MU-MIMO
  • Third 2×2 MIMO dual band radio for dedicated WIPS and RF scanning
  • Up to 800 Mbps for 2.4GHz
  • Up to 1.7 Gbps for 5GHz
  • 20/40/80/80+80 MHz channel width support
  • 10 internal antennas
  • 2x GbE ports (link aggregation supported in Wi-Fi Cloud)
  • PoE+ power required

The AP420 can be managed with either a Firebox®, via the Gateway Wireless Controller, or with WatchGuard’s Wi-Fi Cloud. With the Wi-Fi Cloud, you get an expanded set of features including:

  • WIPS powered with patented technology for hack-free hotspots
  • Engaging guest Wi-Fi experiences
  • Powerful location-based analytics
  • Ability to scale from 1 to unlimited access points with no infrastructure

The latest version of the Wi-Fi Cloud (Manage 8.3) includes new Wi-Fi performance features that improve the quality of experience for users connected to WatchGuard’s access points, new application visibility and firewall policy control, plus an integration with Google for Education to ensure that only devices registered in the school’s Google domain can connect to the school Wi-Fi network and enforce network access policies. This unique integration brings even more control, usability and ease of use to school districts.

To learn more, visit

Source: WatchGuard

Now Available: Firebox M370, M470, M570, and M670

I’m excited to announce the availability today of four new mid-range Firebox appliances that provide industry leading performance, especially with all security capabilities enabled, along with greater flexibility in network port configurations.

Over past few years at WatchGuard we’ve consistently educated our customers about the need to inspect encrypted web traffic using all of the security services available on our appliances. Network defenses that don’t adequately process and inspect encrypted traffic leave employees, customers and partners vulnerable to cyber attacks. According to a 2016 Ponemon study, 41 percent of attacks in 2016 used encryption to either disguise their entry into the network or hide their connection to a Command and Control server. The volume of HTTPS traffic is growing rapidly, and customers can no longer consider this to be a minor blind spot that they can ignore.. NSS Labs have predicted that 75% of web traffic will be encrypted by 2019.

A new Miercom test report shows how the new WatchGuard appliances compare to similar priced models from Fortinet, Sonicwall, and Sophos. Raw firewall throughput may be similar, but the true test of performance is when all of the security services are enabled. The Firebox wins hands down against the competition especially when deep content inspection of HTTPS traffic is enabled.

To support the growing use of fiber in mid-size enterprise data centers, Firebox M470, M570 and M670 allow users to add additional network modules to increase the number of copper or fiber ports available.All new appliances (except the M370) have an expansion slot for additional ports. The same modules that were previously available for M4600 and M5600 are now available i.e. 4x10Gb fiber, 8x1Gb copper or 8x1Gb Ethernet.

We’ve also taken this opportunity to increase the level of detail that is shown on our datasheets. We now include throughput figures with HTTPS content inspection and IPS enabled at the same time. All of our HTTPS benchmark testing is conducted using strong encryption ciphers TLS 1.2 AES256 +SHA-256. We’ve also added IMIX performance numbers for both Firewall and VPN traffic. IMIX is a standard that includes a mix of 40 byte, 576 byte, and 1500 byte traffic to better represent data that is found in most network environments, instead of just 1512 byte packets.

Source: WatchGuard

Wi-Fi Cloud Maintenance

Hello WatchGuard Wi-Fi Cloud Users,

On Friday, August 4 at 5PM PDT, we will deploy an update to WatchGuard Wi-Fi Cloud to improve performance and stability with the Manage service. 

​During the maintenance window (approximately 30 minutes), Wi-Fi Cloud services will be unavailable, including Manage, Go, Analyze, and Engage. Your access points will continue to work with no interruption, but guest users will be unable to access spash pages until Engage is available again at the end of the maintenance window. 

If you have any questions regarding the update, please visit


WatchGuard Wi-Fi Cloud Team

Source: WatchGuard

Fireware 12.0 Open Beta Notice

WatchGuard is excited to announce that a Beta release is available now for the 12.0 version of the Fireware Operating System.  This is a public Beta release that is open to all Firebox and XTM users.  Sign up to participate at our software download page or here and start submitting feedback via our Beta portal today.

Fireware 12.0 Highlights

Improved Malware Detection

  • New Gateway AntiVirus Engine. Bitdefender replaces AVG, which provides several significant advantages:
    • More effective detection of a variety of different types of malware (including
    • Faster scan times to improve traffic throughput
    • Lighter and frequent (up to 5x per day) incremental signature updates resulting in faster response times to new malware attacks, and more robust handling for FireCluster
  • APT Blocker delays email (typically 1 to 3 minutes) until it gets a response back from the sandbox in the cloud, which prevents the delivery of zero-day malware infections through email.
  • APT Blocker scans JavaScript files that are sent through email, which stops a one of the most popular attack vectors for ransomware.

More Secure Defaults

  • VPN connections have stronger default cryptography settings for authentication and encryption. SHA-256 and AES-256 are now the default in most cases.
  • Removal of PPTP option for VPN due to multiple vulnerabilities inherent to the protocol and to promote stronger secure default stances across the Fireware product.

Support for More Advanced Networking Use Cases

  • Host Header redirection through our new Content Actions allows the routing of traffic to different IP addresses attached to a domain and URL paths included in web headers. With Host Header Redirection, you can expect to host different server applications behind a single public IP address. It also enables SSL offload on the Firebox, removing the need to do decryption on inbound traffic to servers and clients behind the firewall.
  • Multicast traffic is allowed. Enables the Firebox to work in environments where Multicast (PIM-SM) is used to deliver application traffic from one-to-many nodes.
  • Several enhancements for the Gateway Wireless Controller and Wireless access points, with support for Fast Handover on all access points, including AP320 and AP120. Also, much faster discovery and pairing times for cloud ready access points.

For information about these feature enhancements, download and review the What’s New in Fireware v12.0 PowerPoint presentation available from the 12.0 Beta portal.

Source: WatchGuard

Now Available: MSSP Command

WatchGuardONE partners who are enrolled as an MSSP Partner, can now access the new MSSP Command tool, which is available from the WatchGuard Partner Portal Tools navigation. This new tool has replaced the previous MSSP Dashboard to provide easier management and greater visibility into your Monthly Flexible Points business for MSSP devices.

Improved User Experience:

MSSP Command offers a completely revamped user interface that is easy to use and navigate, whether you are wanting to know more about your MSSP business through interactive charts and diagrams, quickly apply changes to point allocations across all your customers’ devices, or configure settings for automatic alerts and notifications.

Improved Manageability:

MSSP Partners can now easily navigate to multiple Firebox devices and manage monthly security services from once easy-to-manage interface. They can also assign customer names to each device to quickly identify and find devices. We have now also introduced a data export feature that allows you take the information on the go for offline reporting.

Improved Visibility:

A new points gauge is available at the top of each page that provides MSSP Partners with full visibility into total points allocated and required for ongoing monthly services. In addition to the required points, this tool also provides visibility into points available, points used in the current month, and the points that will be used next month. From an interactive dashboard, you are able to see your trending points usage for the past year, your service type allocation across all customers, the number devices and device types across customers, as well alerts and notifications regarding points usage.

Online Help Resource:

The new tool also includes an online help resource.

MSSP Command is a single point of access for WatchGuardONE Managed Security Services Providers (MSSPs) who have enrolled in the flexible pricing option. MSSP Command provides MSSP partners the benefits of a distributed investment, the ability to manage security services on a monthly basis, and the ability to change services on-demand for their customers.

All WatchGuardONE Partners have the ability to enroll as an MSSP Partner and begin using this new tool today to leverage our MSSP Flexible Pricing option. To become a WatchGuardONE MSSP Partner, Partners can contact WatchGuard sales representative, or complete and submit the WatchGuardONE MSSP Partner Enrollment form and a WatchGuard representative will contact them directly.

Source: WatchGuard

Fireware 11.12.4 is now available

Fireware 11.12.4 is now available
We are pleased to announce the latest release of the WatchGuard core operating system and management software. Fireware 11.12.4 and WSM 11.12.4 are now available from the software download center. The Release Notes include a comprehensive list of resolved issues. This is primarily a release for bug fixes but there are a couple of key updates. 

  • APT Blocker customers can now specify that files only ever get sent to the European datacenter, to allay any concerns about the privacy of data sent outside Europe. 
  • Continued improvements to the security and availability of the Gateway Wireless Controller, including support for synchronization of data across nodes in a cluster.  

The What’s New presentation includes all the details of any changes and updates in the software. 

Does this release pertain to me?
The Fireware release applies to all Firebox T, Firebox M, and all XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W, which reach their End of Life at the end of this month.

Software Download Center
Firebox and XTM appliance owners with active support subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center. Please read the Release Notes before you upgrade to understand what’s involved.

For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Source: WatchGuard

WatchGuard Wi-Fi Cloud Update

Hello WatchGuard Wi-Fi Cloud Users,

We are planning a brief system update on Sunday, May 21, 2017 between 1:00 AM and 3:00 AM Pacific Time to deploy stability improvements to WatchGuard Wi-Fi Cloud services via 

During the maintenance window, your access points will continue to function normally and client traffic will not be interrupted.  Access to Analyze will be intermittently unavailable for 30 minutes during the maintenance window.

If you have any questions regarding the update, please visit


WatchGuard Wi-Fi Cloud Team

Source: WatchGuard