Brochures & Datasheets

Frequently Asked Questions

Network Security Education Center

Product Demos

Microsoft® Visio® Icons

White Papers

Case Studies

Network Security Glossary

Certifications

End-of-Life Policy

Frequently Asked Questions
Firebox® SOHO 6 Firewall

General Questions

• What is the difference between Firebox SOHO 6tc and SOHO 6 firewalls?
• Can Firebox SOHO 6 firewalls be managed remotely?
• Do Firebox SOHO 6 firewalls include logging capabilities?
• Do Firebox SOHO 6 firewalls support Dynamic Host Configuration Protocol (DHCP)?
• What technology do Firebox SOHO 6 firewalls use to protect my network?
• Do Firebox SOHO 6 firewalls support Network Address Translation (NAT)?
• Do Firebox SOHO 6 firewalls allow Web content filtering?
• Do Firebox SOHO 6 firewalls offer desktop antivirus protection?
• What services and protocols are supported by Firebox SOHO 6 firewalls?
• Do Firebox SOHO 6 firewalls support Branch Office and Mobile User VPN?
• Does the Firebox SOHO 6 support meshed VPN topologies?
• Does the Microsoft® PPTP VPN client work through Firebox SOHO 6 firewalls?
• Can you pass an IPSec tunnel through Firebox SOHO 6 firewalls?
• Do Firebox SOHO 6 firewalls support Macs, PCs, and Linux?
• What is the VPNforce™ Upgrade?
• What is the Dual ISP Port Upgrade?
• If I have a Firebox SOHO 6, do I need to purchase the Branch Office VPN upgrade in order to use the VPNforce Port Upgrade?
• What is PPPoE?
• Can a customer using DHCP with more than 50 users purchase a Firebox SOHO 6 model with a 50-user license to allow the first 50 users Internet access?
• Does "Firebox SOHO 6 model with a 10-user License" mean that only 10 connections are allowed through the device at any given time? Does this cover external users hitting my Web site as well?
• Are Firebox SOHO 6 model user limits based on concurrent users or registered IP addresses?
• How do I know how many Firebox SOHO 6 model licenses I need?
• How do I purchase upgrades and options for my Firebox SOHO 6 firewalls?
• How will I know when there are software updates?

Q: What is the difference between Firebox SOHO 6tc and SOHO 6 firewalls? A: Both Firebox SOHO 6 firewalls offer the same firewall capabilities and physical connections. The only difference is that Branch Office VPN technology is bundled into the Firebox SOHO 6tc at the time of purchase, and is optional for the Firebox SOHO 6.

Q: Can Firebox SOHO 6 firewalls be managed remotely? A: Yes. Firebox SOHO 6 firewalls are designed for secure remote management via a Web browser and a VPN tunnel.

Q: Do Firebox SOHO 6 firewalls include logging capabilities? A: Yes. Firebox SOHO 6 firewalls create an event log to store information about specific types of traffic, including denied connection requests, IPSec tunnel events, software updates, and system errors. This log can be viewed with a standard Web browser. A scrolling log consisting of 100 lines is stored on Firebox SOHO 6 appliances, and is wiped clean on reboot. Event logs can be directed to any WatchGuard Event Processor.

Q: Do Firebox SOHO 6 firewalls support Dynamic Host Configuration Protocol (DHCP)? A: Yes. Firebox SOHO 6 firewalls can function as DHCP servers on their private interface, and their external interface is a DHCP client by default (although this can be disabled).

Q: What technology do Firebox SOHO 6 firewalls use to protect my network? A: Firebox SOHO 6 firewalls protect your network using stateful dynamic packet filtering, which allows rules to be built dynamically depending upon the conditions of the connection.

Q: Do Firebox SOHO 6 firewalls support Network Address Translation (NAT)? A: Yes. With any Firebox SOHO 6 model in place, internal IP addressing schemes are hidden from the Internet. Additionally, internal hosts with unregistered IP addresses can be configured to function as Internet-accessible servers.

Q: Do Firebox SOHO 6 firewalls allow Web content filtering? A: Yes. WatchGuard WebBlocker lets you control Web site access privileges through a simple point-and-click interface. Filtering is transparent to users and requires no additional client software or configuration.

Q: Do Firebox SOHO 6 firewalls offer desktop antivirus protection? A: Yes. A one-node annual subscription to McAfee's® antivirus solution, VirusScan® ASaP, is included.

Q: What services and protocols are supported by Firebox SOHO 6 firewalls? A: All single-port TCP/IP services are supported, as well as DHCP, PPPoE, ICQ, Real® Audio/Video, NetMeeting, Intel® Video Phone, and SOCKS5® (Version 5).

Q: Do Firebox SOHO 6 firewalls support Branch Office and Mobile User VPN? A: Yes. Branch Office VPN is conveniently pre-packaged with the Firebox SOHO 6tc, and is an optional component for Firebox SOHO 6. Mobile User IPSec VPN support is an option for all Firebox SOHO 6 firewalls.

Q: Does the Firebox SOHO 6 support meshed VPN topologies? A: Yes. Firebox SOHO 6tc appliances can connect multiple sites (up to 10 other Firebox SOHO 6tcs).

Q: Does the Microsoft® PPTP VPN client work through Firebox SOHO 6 firewalls? A: To run a PPTP server on a private network behind any Firebox SOHO 6 model, simply insert the server IP address into the GRE packet forwarding option in your firewall configuration to route these packets to the desired server.

Q: Can you pass an IPSec tunnel through Firebox SOHO 6 firewalls? A: Yes. The current release supports the ability to use NAT with multiple clients behind Firebox SOHO 6 firewalls using IKE/IPSec with ESP.

Q: Do Firebox SOHO 6 firewalls support Macs, PCs, and Linux? A: Yes. Firebox SOHO 6 firewalls work with any operating system. This is a fundamental advantage of appliance-based Internet security and VPN solutions. You do not have to worry about the operating systems on the protected networks.

Q: What is the VPNforce™ Upgrade? A: VPNforce enables the Optional (OPT) port on Firebox SOHO 6 appliances as a secure, restricted port, ensuring that telecommuter workstations are as secure as your corporate network. VPNforce also allows you to secure a wireless access point through the OPT port.

Q: What is the Dual ISP Port Upgrade? A: The Dual ISP Port Upgrade provides ISP failover support, maximizing Internet connection uptime by using two ISP connections. This feature is especially helpful in regions where ISP service may be unreliable.

Q: If I have a Firebox SOHO 6, do I need to purchase the Branch Office VPN upgrade in order to use the VPNforce Port Upgrade? A: No and Yes. No, if you are going to use the VPNforce Port Upgrade to secure your wireless computer. Yes, if you are using your Firebox SOHO 6 as a VPN endpoint device and want to separate your telecommuter traffic from the traffic on your personal Trusted interfaces.

Q: What is PPPoE? A: PPPoE stands for "Point-to-Point Protocol over Ethernet". Modem connections to the Internet use PPP to communicate and handle logging on and off a connection, giving an ISP more control over access rights and connection time. Standard Ethernet connections (such as a local network or cable access to the Internet) support an "always on" state with no individual tracking or authorization. All Firebox SOHO 6 firewalls fully support PPPoE.

Q: Can a customer using DHCP with more than 50 users purchase a Firebox SOHO 6 model with a 50-user license to allow the first 50 users Internet access? A: Yes. The first 50 machines that access the Firebox SOHO 6 firewalls will be allowed access to the Internet.*

Q: Does "Firebox SOHO 6 model with a 10-user License" mean that only 10 connections are allowed through the device at any given time? Does this cover external users hitting my Web site as well? A: A 10-user license allows the first 10 machines using a Firebox SOHO 6 appliance as a gateway to access the Internet. Any additional requests will be denied. This does not affect incoming connections.

Q: Are Firebox SOHO 6 model user limits based on concurrent users or registered IP addresses? A: In most instances, there will only be one public IP address. The user limit for Firebox SOHO 6 firewalls is based on private IP addresses behind it that are served by a DHCP server.

Q: How do I know how many Firebox SOHO 6 model licenses I need? A: Firebox SOHO 6 firewalls use IP addresses to count network objects. The license covers only machines that use the Firebox SOHO 6 as a gateway to the Internet. A printer on the private network does not need a license, nor do managed hubs.

Q: How do I purchase upgrades and options for my Firebox SOHO 6 firewalls? A: Upgrades, options, and LiveSecurity Service Silver renewals can be purchased from reseller partners.

Q: How will I know when there are software updates? A: Your LiveSecurity Service subscription will notify you via e-mail when software updates can be downloaded from your personalized LiveSecurity Web site.

*Firebox SOHO 6tc 50-user appliance and 50-user license upgrades available in North America and select countries.