Documente Academic
Documente Profesional
Documente Cultură
Fireware v11.10
WatchGuard
Training
Monitoring Enhancements
VPN Enhancements
WatchGuard
Training
Mobile VPN with SSL v11.10 clients for Windows and Mac OS X
SSO Enhancements
WatchGuard
Training
System Enhancements
NTP server
Networking Enhancements
WatchGuard
Training
WatchGuard
Training
a.example.com
b.example.com
a.b.example.com
WatchGuard
Training
*.*.example.com
example*.com
*. example.*.com
example.*.com
7
WatchGuard
Training
WatchGuard
Training
WatchGuard
Training
WatchGuard
Training
11
WatchGuard
Training
12
WatchGuard
Training
13
WatchGuard
Training
14
WatchGuard
Training
15
WatchGuard
Training
16
WatchGuard
Training
17
WatchGuard
Training
18
WatchGuard
Training
19
WatchGuard
Training
20
WatchGuard
Training
21
WatchGuard
Training
22
WatchGuard
Training
Quota daily limits are automatically reset the next day (starting at
00:00)
Configuration changes automatically reset quotas for users and groups
that use the updated quota action
Reboot the Firebox
Manually reset quota data for specific users from the Web UI and FSM
23
Monitoring Enhancements
WatchGuard
Training
24
Description
User
User
Auth Domain
N/A
Quota Action
Quota Action
Used/Configured
Bandwidth (per
day)
Bandwidth Usage
(per day)
Used/Configured
Time (per day)
WatchGuard
Training
25
WatchGuard
Training
26
27
WatchGuard
Training
28
New VPN messages now indicate why a branch office VPN gateway or
tunnel failed, and can include information about what action to take to
resolve the error.
VPN diagnostic messages appear in three places in the UI:
Firebox System Manager Front Panel tab
WatchGuard System Manager Device Status tab
Fireware XTM Web UI System Status > VPN Statistics page
WatchGuard
Training
29
Errors
Warnings
WatchGuard
Training
Warning status
Web UI.
Orange text FSM
and WSM.
30
WatchGuard
Training
31
WatchGuard
Training
The responder has more information about settings that do not match.
On the responder, VPN diagnostic errors include more detailed information
about what setting the initiator proposed, and what setting was expected.
32
WatchGuard
Training
Respond
er
WatchGuard
Training
34
WatchGuard
Training
On the Branch
Office VPN tab,
click Debug for a
Gateway.
Or, select the
Debug tab, select
the gateway, and
click Start Report.
35
The Routes table shows the first 100 routes that match the filter
criteria.
WatchGuard
Training
36
IPv4 Routes Shows the first 100 IPv4 routes (all routes, including
static, dynamic, and VPN routes).
IPv6 Routes Shows the first 100 IPv6 routes (all routes, including
static, dynamic, and VPN routes).
WatchGuard
Training
37
FireWatch Enhancements
FireWatch can now be viewed in Full Screen mode in Fireware XTM
Web UI
Full Screen mode options include:
WatchGuard
Training
38
FireWatch Enhancements
Select group, data, and refresh options in Full Screen Mode
WatchGuard
Training
39
FireWatch Enhancements
Select which group information appears:
Source
Destination
Applications
Policies
Interface (In)
Interface (Out)
WatchGuard
Training
Rate
Bytes
Connection
Duration
40
WatchGuard
Training
41
WatchGuard
Training
spamBlocker
WebBlocker
Gateway AntiVirus
Intrusion Prevention
42
WatchGuard
Training
IPS
Gateway AntiVirus
Application Control
DLP
43
VPN Enhancements
WatchGuard
Training
44
WatchGuard
Training
45
WatchGuard
Training
46
WatchGuard
Training
48
WatchGuard
Training
49
Wireless AP Enhancements
WatchGuard
Training
50
WatchGuard
Training
51
WatchGuard
Training
52
WatchGuard
Training
53
WatchGuard
Training
54
WatchGuard
Training
55
SSO Enhancements
WatchGuard
Training
56
WatchGuard
Training
Support for Microsoft Exchange Server 2013 for the SSO Exchange
Monitor
.NET Framework v3.5 required on Exchange Server 2013 server
Traffic through BOVPN tunnels can now use Single Sign-On (SSO Client
only)
Support for switching between multiple users of the SSO Client on
Windows Vista, 2008, 2012, 7, 8, and 8.1
57
WatchGuard
Training
58
RapidDeploy Enhancements
WatchGuard
Training
59
Previously, the only valid interface you could specify in the CSV file was
0.
A device that uses Fireware v11.10 now supports interface numbers
other than 0.
The format of the CSV file did not change.
This is most often used for RapidDeploy.
WatchGuard
Training
60
System Enhancements
WatchGuard
Training
61
NTP Server
After you enable a Firebox to
use NTP, you can enable the
device as an NTP server.
WatchGuard
Training
62
Networking Enhancements
WatchGuard
Training
63
WatchGuard
Training
64
WatchGuard
Training
65
WatchGuard
Training
66
WatchGuard
Training
67
WatchGuard
Training
68
Genmask
0.0.0.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.0.0.0
255.255.255.0
255.255.255.0
Interface
eth0
eth1
eth1
vlan10
br0
ath1
lo
tun0
eth0
Flags
UG
U
U
U
U
U
U
U
U
Metric
5
0
0
0
0
0
0
0
0
Use command options to filter the route table (same filters as in the Web UI)
WG>show ip route ?
<cr>
Carriage return
<net>
IP subnet for the destination <A.B.C.D/(1-32)>
connected Connected routes
dynamic
Dynamic routes
ifname
Interface device name
static
Static routes
vpn
VPN routes
WatchGuard
Training
69
WG>show v6 ip route
Kernel IPv6 routing table
Destination
2001::/64
fe80::/64
Next Hop
::
::
Interface Flags
vlan10
U
vlan10
U
Metric
256
256
New command options to filter the route table (same filters as in the
Web UI)
WG>show v6 ip route ?
<cr>
Carriage return
<netipv6> IPv6 subnet for the destination <A:B:C:D:E:F:G:H/I>
<A::G:H/I>
<::H/I>
connected Connected routes
dynamic
Dynamic routes
ifname
Interface device name
static
Static routes
vpn
VPN routes
WatchGuard
Training
70
WatchGuard
Training
71
WatchGuard
Training
72
Logging Enhancements
Simultaneously send Log Messages to two WatchGuard Log
Servers
WatchGuard
Training
73
Logging Enhancements
Fireware XTM Web UI Logging > Log Servers 1 & Log
Servers 2 tabs
WatchGuard
Training
74
Logging Enhancements
Policy Manager Logging Setup > Configure > Log Servers 1
&
Log Servers 2 tabs
WatchGuard
Training
75
Start and end time stamps for the feedback data sent to WatchGuard
Peak proxy connection limit usage
Number of proxy actions with Subscription Services enabled in the
configuration
Subscription Services details include:
Whether the service is enabled
Counts of the number of events for each service enabled on the Firebox
A list of the events triggered on the Firebox for each service (includes the
source IPaddress, protocol, and threat level of the event).
WatchGuard
Training
76
WatchGuard
Training
77
WatchGuard
Training
78
Additional Resources
WatchGuard
Training
79
Additional Resources
Information about the new and enhanced features included in this
release is available from these resources on the Product
Documentation pages of the WatchGuard website:
WatchGuard
Training
80
Thank You!
WatchGuard
Training
81