WatchGuard has released new firmware for their T, M, and XTM appliances. JSCM Group is recommending that firewalls be upgraded to these versions.
Viewing WatchGuard Cloud Logs for Multiple Devices
WatchGuard Cloud Remote Access Point (RAP)
WatchGuard now supports Remote Access Points! This method of configuration allows for quick deployments of multiple RAP’s using the WatchGuard Cloud Access Point Sites that store configuration settings. The infrastructure requirements for this implementation are WatchGuard Cloud supported access point models, and a Cloud Managed Firebox.
Creating Static Network Address Translation (SNAT) in WatchGuard System Manager
Creating Segmented Wireless Networks on a Locally-Managed Firebox
CYCLOPS BLINK MALWARE INVADES WATCHGUARD PROTECTED SMEs
February 23, 2022 – The CSIA, National Security Agency, and FBI released a Joint Cyber Security Announcement today indicating that Cyclops Blink has been deployed to WatchGuard protected devices. This particularly insidious malware is thought to emanate from Sandworm, also known as Voodoo Bear, and said to originate from the Russian Main Center for Special Technologies.
New Firmware Release
Interface Types – How to Prevent Accidental Policy Overlap
Interface types on WatchGuard firewalls are not something to configure without planning and thought. The reason behind this is due to the system-generated aliases (blue font indicates system-generated items). When you create multiple interfaces with the same type, it is possible to overlap interfaces in your firewall policies.
Subscription Service Review: Reputation Enabled Defense
One of the many subscription services that WatchGuard offers is Reputation Enabled Defense (RED). This subscription service ‘scores’ websites based on reports from devices all over the Earth. The score system for RED ranks from 1-100, with 100 being the worst URL, and 1 being a clean URL. WatchGuard houses a backend server that receives reports and sends reputation scores to Fireboxes that submit requests.
Firebox as a DHCP Server
Migrating AuthPoint Tokens
One thing that you have to be mindful of as an AuthPoint user is that your log-in capabilities are tied to your smart device, should you choose to use that instead of a hardware token. The good news is that migrating your token from one device to another does not take very long, but it requires some review before you begin.
Subscription Service Automatic Updates
DNS Settings: They’re Vital
DNS settings are a configuration item that is set, confirmed to work, and then not discussed further. One issue that we see occurring regularly are Guest networks that have DNS settings for internal servers. The settings shown below are how to set the global DNS settings for each interface on your firewall:
AuthPoint Time Scheduling Now Available Within WatchGuard Cloud
Custom BOVPN Policies
New Firmware Release
AuthPoint Policies
One of the newest updates in AuthPoint allows you to create policies for access. This allows you to control the type of multi-factor authentication requirements for different groups of users, based on the resource they are logging into. You can also use the policies to set priorities on logins, based on their order.
