Best Of
Re: Web Access database on PC?
I'd reached out to support and they provided the necessary tool. We're all good now. I appreciate the quick response.
IlyaL
Re: New configuration - cannot connect now
Is the firewall providing DHCP on the Trusted interface?
It is really hard to help without knowing what you set up for the firewall trusted and external subnets/IP addrs, and what else you conifgured.
Re: Mobile VPN with SSL connection from Trusted LAN
The issue is still present -- it is targeted to be fixed in the next release version
If you are running into the issue, you'll need to follow the directions in the KB to work around it.
Re: Change the email address for alerts etc
Hello,
Alerts from EPDR/EDR/EPP for detections, or devices found on the network... will be sent to the email specified directly on the online console for the product.
Hope this is what you were looking for!
David
David_
Re: Add a function to Botnet detection to block TOR exit nodes inbound
It looks like v12.8.1 now has this:
Policies, Proxies, and Subscription Services
- The Firebox now blocks incoming traffic from Tor exit nodes when the Tor Exit Node Blocking service is enabled. [FBX-22863]
CraigS
Re: SSLVPN
On the WatchGuard SSLVPN policy, remove anything from the From: field other than Any-external.
You may also need to make other changes too, depending on if SSLVPN conenctions can still be done from inside the firewall.
Test connections and see.
Re: Wifi 6
WatchGuard is prioritizing the development of the latest technology in the Wi-Fi market. Our goal is to deliver Wi-Fi 6 technology to organizations of all shapes and sizes because the way the world is using wireless networks has changed dramatically since the release of WatchGuard's previous wireless family of products.
We will develop feature sets that directly align with customers' and MSP's needs on our new Wi-Fi 6 product line. Looking forward, we will continue to support our previous wireless devices to ensure our partner's business remains intact.
The manufacturer impacts the deliverability on the expectations of our partners. WatchGuard is committed to delivering deep levels of support through the WatchGuard Support team to ensure our customers and partners have their needs heard and built into the development of the future product family we create.
We want to build a product that aligns with our partner's expectations. The WatchGuard beta program for wireless products is always happy to accept new participants to ensure their needs are heard and built into our products.
Sincerely,
The WatchGuard Wi-Fi Team
matthew
Re: WatchGuard and Kaspersky
WatchGuard no longer uses Kaspersky components in any of our products. Years ago we used Kaspersky AV on the XCS (email) and Fireclient (mobile) products, both of which are discontinued and EOL now. US federal government issued guidance in 2019 against using Kaspersky products.
WatchGuard Firebox passed the US NSA's Commercial Solutions for Classified use (CSfC) certification in early 2021. We could not have achieved this if we used Kaspersky in our product. https://www.nsa.gov/Resources/Commercial-Solutions-for-Classified-Program/Components-List/#components-list-index
Brendan Patterson
VP Product Management
Important Detection and Remediation Actions for Cyclops Blink State-Sponsored Botnet
Hello Community
WatchGuard was informed by the FBI and the UK National Cyber Security Centre (NCSC) about their ongoing international investigation regarding Cyclops Blink, a sophisticated state-sponsored botnet that may have affected a limited number of WatchGuard Firebox and XTM devices. If you have a Firebox or XTM device, it is important for you to check your Fireboxes to make sure they are not affected. To learn more about Cyclops Blink and if it might affect you, please see our corporate blog post, which includes key links to detection tools, FAQs, and available resources.
Re: AuthPoint or Azure MFA?
It really depends on which applications and features you are looking for. For example, in order to protect Windows machines with Azure MFA, you will need to buy a license that includes Windows Hello for Business, that can get very expensive.
AuthPoint supports both Windows and Mac logon protection (online and offline), for computers, servers, and RDP, as well as SAML applications, VPNs (including IKEv2 which is the fastest and more secure), etc.
About hardware tokens, AuthPoint Hardware Token can only be used with AuthPoint. They are manufactured by WatchGuard, and the seeds - the most important thing you need to protect - are securely transferred from the production site to WatchGuard Cloud. There is no risk of seeds exposure, you just activate them in your tenant.
So if you use Azure MFA and plan to use OATH hardware tokens, it seems (from the page you mentioned) that you have to provide the seeds in open format. Anyone can copy and paste into an OATH TOTP generator, thus creating a token clone. AuthPoint supports OATH TOTP tokens, but we always suggest to import in PSKC format (RFC 6030), to protect them. Have one person receive the pskc file, another one receive the transport key.
