contents

software
 
WatchGuard Updates Firebox X Security Appliance Family

WatchGuard Technologies has released appliance software updates that give a boost to its Firebox X e-Series product family, geared toward fortifying reliability and enhancing ease of use. The release of Fireware 9.1 for WatchGuard's Firebox X Core and Peak security appliances aimed at mid- to large-sized businesses will provide customers with new features such as a spam quarantine, a new POP3 proxy, anti-virus scanning and inbound server load balancing. Customers of WatchGuard's Firebox X Edge e-Series line of UTM network appliances, which are typically branch offices and businesses up to 50 users, will benefit from the latest Edge 8.6 software, providing a host of upgrades including enhanced wireless security, WAN failover to a serial modem, PPTP remote user support, SMTP support and enhanced centralised management and reporting.

The Firebox X Core and Firebox X Peak appliances now offer new capabilities that increase their performance and reliability along with a robust set of function enhancements and management features to give network administrators more options for managing the security of their installations. Fireware 9.1 adds to an already robust UTM solution with an all-new quarantine capability for spamBlocker, virus scanning for FTP and POP3 traffic and unlimited file size scanning for AV. The release of Fireware 9.1 for the Firebox X Core and Firebox X Peak appliances enables the following features:
- Spam Quarantine – Users of the spamBlocker security service subscription can create a safe, full-featured quarantine for spam, bulk mail, and suspect email messages. Granular control allows system administrator to configure preferences for mail disposition, storage allocations, and other parameters.
- New POP3 Proxy – Fireware 9.1 introduces a POP3 proxy, protecting POP3 users against multitudes of email-borne threats. The proxy delivers true zero day protection against new and unknown threats.
- Unlimited File Size Scanning for AntiVirus – A new anti-virus scanning engine eliminates limits on the size of attachments and downloads scanned for viruses with the optional Gateway AV/IPS subscription.
- AV Scanning for FTP – WatchGuard users running Fireware 9.1 and the optional Gateway AV/IPS security service subscription can now apply AV scanning to all inbound and outbound files transferred via FTP, adding granular defense against many different types of malware to the true zero day protection already present in the FTP proxy.
- Inbound Server Load Balancing – Many companies use multiple internal servers to host a web or e-commerce site. Server load balancing allows the Firebox to distribute requests for a company's URL or other public-facing content to a "server farm" or group of servers. Multiple algorithms offer tailored traffic distribution to the specific server environment. Fireware 9.1 also detects server outages and automatically routes requests to the remaining servers until the offline server is back online.
- Firebox X550e Model Upgradeability – Upgrade the capacity and performance on the Firebox X550e via a license key to equal the capacity and performance of the standard 750e and 1250e models, but with 4 Ethernet ports rather than 8. This allows an organization to adapt and expand, scaling their security needs upwards as their business grows.

Firebox X Core appliances are ideal for medium-sized businesses and are capable of 300+ Mbps firewall throughput. Firebox X Peak appliances can support larger enterprise solutions with 2.0 Gbps firewall throughput. Both appliance lines and their associated security service subscriptions offer complete UTM solutions including anti-virus, anti-spyware, anti-spam, intrusion prevention and URL filtering.

Designed for branch offices, single site businesses and organisations with up to 50 users, the Firebox X Edge now includes a host of new features that increase business reliability, improve network security management and increase security. The release of Edge 8.6 appliance software for the Firebox X Edge enables the following features:
- Enhanced Default Threat Protection – New protocols have been added to the proactive intrusion prevention engine allowing Edge 8.6 to detect and block attacks such as Syn Flood, Distributed Denial of Service (DDoS), and the attack known as the "Ping of Death, " aimed at crashing the target computer and/or subsequent network.
- Robust VPN Failover – Edge 8.6 provides complete VPN failover functionality, providing constant connectivity to remote networks via VPN tunnels. In the event of a primary remote gateway failure, VPN connections will seamlessly switch to secondary gateway connection and remain up between the two connection points. Once the primary gateway connection becomes available again, VPN traffic will automatically switch back to the primary connection.
- WAN Failover with Serial Modem – When the Firebox Edge 8.6 can utilize an external modem through the serial port for failover to a dial-up connection. Now networks like a retail store or POS location can temporarily fail over to a dial-up connection in the event that their main broadband connection is down and immediately switch back to the faster connection as soon as it is available again.
- Enhance QoS Support – Responding to the demands of the increasing adoption of time-sensitive services such as Voice over IP (VoIP) and video conferencing, the Edge 8.6 gives system administrators the ability to prioritise traffic to provide maximum throughput to more critical traffic and mark the priority of outgoing traffic to ensure prioritisation by other upstream systems.
- Enhanced Security for Business Mail Servers – Edge 8.6 expands on its POP3 traffic scanning ability by adding an SMTP proxy to scan inbound email traffic for customers who host their own email with internal SMTP servers. Administrators can control attachment types, hide internal domain information, and deploy optional spamBlocker and Gateway AV/IPS to protect internally hosted email from spam, spyware, viruses, and many other threats and nuisances.
- WPA2 Wireless Encryption – Edge 8.6 is now compatible with the WPA2 wireless encryption standard in addition to WEP and WPA standards already supported for greater interoperability and security on the customer's wireless network.
- Secure Remote User Access over PPTP – Edge 8.6 appliance software now supports up to 10 remote PPTP client connections, providing an inexpensive alternative to the IPSec protocol for Microsoft Windows users, for a secure connection for remote users to a corporate network.
- MAC Address Lockdown – Edge 8.6 now allows administrators to grant or deny wired and wireless network access based on Ethernet MAC (Media Access Control) addresses, to bar users with unauthorised devices from gaining access to network resources.
- Custom Proxy Configuration – Edge 8.6 offers enhanced flexibility by allowing users to inspect and secure outgoing HTTP and POP3 traffic on non-standards ports.
- Enhanced Security for IPSec Tunnels – Firebox Edge 8.6 now supports IKE (Internet Key Exchange) peers using AES 128, 192, and 256 bit encryption and DH Group 5 key transaction, for enhanced security and interoperability in communication-sensitive business information over IPSec and VPN tunnels.
- 3rd Party Certificate-based Authentication – Now Edge 8.6 administrators can use digital certificates from popular sources such as RSA, VeriSign, Entrust, Microsoft, and others, for authentication of VPN tunnels or for general Internet access, or administrative access to the Edge management user interface.
- WSM Reporting Enhancements –The Firebox X Edge 8.6 now provides rich historical reporting for administrators who use WatchGuard System Manager, offering statistics on threats processed and blocked through Gateway AV/IPS, WebBlocker, and spamBlocker, and providing summary and detail visibility into network and security events, user behaviors, and more.
- Edge Web GUI Reporting – New intuitive ways to monitor viruses,



write your comments about the article :: © 2007 Networking News :: home page