Quarantine, Anti-Spoofing, and Web Proxy Enhancements, Plus Security and Functionality Improvements
As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances to protect from data loss, new viruses, and malware, and to enable organizations to customize their environments, WatchGuard is pleased to announce the availability of XCS 9.2 Update 5.
Highlights of this maintenance release include:
- Custom Quarantines – You can now create your own custom quarantine areas for specific types of quarantined messages. For example, you can create a quarantine specifically for messages quarantined because of a virus, or messages quarantined because they violate a Data Loss Prevention (DLP) policy rule. When you create a custom quarantine, each message security feature that supports the quarantine option provides a quarantine action for the primary system quarantine and any defined custom quarantines. A Tiered Administrator with the appropriate permissions can manage custom quarantines. This allows you to assign administrators for specific quarantine areas. For example, for compliance purposes, you can assign a user the role of administrator for the DLP quarantine.
- DKIM (DomainKeys Identified Mail) Support – DKIM (DomainKeys Identified Mail) is an enhanced version of DomainKeys that provides a means for authenticating the source of an email by querying the sending domain’s DNS records and authenticating a unique domain name identifier. As an enhancement to DomainKeys, DKIM offers additional parameters to the signing mechanism for enhanced security and spoofing protection, and allows authorized third-party signing of messages for a domain independent from the message author. DKIM signing can be applied independently to outbound messages based on policies.
- Allowed HTTPS Proxy Ports List – You can now configure a list of non-standard HTTPS Proxy ports that are allowed through the Web Proxy. This option is available on the HTTP/S Proxy configuration page at Security > Configuration > HTTP/S Proxy. The standard HTTPS port 443 is included by default.
- Web Proxy IP Authentication Redirect – When you use the Web Proxy IP Proxy or Portal Authentication modes, you can now choose to redirect to the authentication page using the hostname or IP address of the Web Proxy.
- Download Problem Report – The Problem Report feature allows you to send important configuration and log information via email to WatchGuard Technical Support to help troubleshoot an existing support incident. You can now download a local copy of the report from the Problem Reporting configuration.
- Pattern Filter ID Number Search in Message History – The advanced Message History search now allows you to search by Pattern Filter ID numbers when you select the “only show messages where PBMF is…” option.
- XCSv Upgrade from an Evaluation – You can now perform an upgrade from an evaluation XCSv installation to a production model XCSv without having to reinstall the system.
For more details, see the Release Notes.
Does This Release Pertain to Me?
XCS 9.2 Update 5 runs on all XCS appliances, from the 170 all the way to the 1180. Although we announced the End-of-Life of our previous BSP appliances, Update 5 also runs on BSP 460, 560, 860, and 1060 devices (64-bit platforms).
XCS 9.2 Update 5 is a maintenance release that contains a number of enhancements and bug fixes, including security fixes. If you manage any of the aforementioned appliances, and you want the latest software enhancements and security fixes, you should install this update. In fact, because of the security fixes we strongly advised you update at your earliest convenience. Please read the Release Notes before you upgrade, to understand what is involved.
How Do I Get the Release?
Your XCS appliance will automatically download the XCS 9.2 Update 5 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from the Articles and Support section of WatchGuard’s Support Center. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.
For a more detailed description of this update, please visit the WatchGuard Support Center at http://www.watchguard.com/support/.
If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.
- U.S. End Users: 877.232.3531
- International End Users: +1.206.613.0456
- Authorized WatchGuard Resellers: +1.206.521.8375