Fireware 12.0 General Availability
We are pleased to announce the General Availability (GA) of Fireware 12.0 and WSM 12.0 after a comprehensive Beta where the release was installed 400 Fireboxes around the world. These significant new releases are now available for download from the software download center.
Fireware 12.0 improves on the efficacy and performance of our Gateway Antivirus (GAV) service through the introduction of a new lightweight detection engine. Fireware 12.0 also introduces more secure defaults, improvements to APT Blocker, and continued support for more advanced networking use cases. You can find full details in the What’s New presentation on the website, and we encourage everyone upgrading to read the Release Notes in advance. Here is a quick summary of some key enhancements:
New GAV engine from Bitdefender with many benefits:
- Breadth of Protection against known threats with industry-leading file coverage
- Rapid response to new threats with multiple incremental signature updates per day
- Machine learning to assist in detection of unknown and evasive malware types
- Faster performance through optimized scanning of executables, Microsoft Office, PDF files and more!
Many of the settings in the VPN area have been updated to stronger default cryptography settings for authentication and encryption. SHA-256 and AES-256 are now the default in most cases. We have also removed the PPTP option for VPN because it is no longer considered to be a secure protocol.
There are some APT Blocker improvements to guard against the delivery of zero-day malware and ransomware via email, including
- Optional delay in email messages while waiting for results from the sandbox detonation of unknown attachments
There are more advanced networking use cases.
- Host Header redirection allows the hosting of different web applications behind a single public IP address, by routing traffic based on URL paths included in HTTP headers.
- The Firebox can pass multicast (PIM-SM) traffic, which is used to deliver application traffic from one to many nodes – typically used in VoIP and broadcast applications.
AV Signatures in 11.x releases
Previously WatchGuard had announced that we would discontinue support for AV signatures for the older AVG engine in Fireware 11.x by January 2018. This support will now be extended until April 2018. We will continue to notify partners and customers about this issue over the coming months.
Does this release pertain to me?
The Fireware release applies to all Firebox T, Firebox M, and XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W, which are now End of Life (EOL), and XTM 505, 510, 520, and 530 which are EOL in December of this year.
Software Download Center
Firebox and XTM appliance owners with active support subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center.
For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.