About Fireware and Firebox Management

Fireware OS is the software that runs on a Firebox. Fireware includes a Web UI that gives you an easy way to manage, and monitor each Firebox in your network. There are other tools you can use for management, monitoring, and reporting of your Firebox and any locally installed WatchGuard servers.

The components you can use to manage and monitor your Firebox are:

  • Fireware Web UI
  • WatchGuard System Manager (WSM)
  • WatchGuard Server Center
  • WatchGuard Dimension
  • Fireware Command Line Interface (CLI)

You can use one or more of the management tools to configure your network for your organization. For example, if you have only one Firebox, you can use Fireware Web UI to perform most configuration tasks. However, for more advanced logging and reporting features, you must use WatchGuard Dimension or WatchGuard Server Center. If you manage more than one Firebox, we recommend that you use WatchGuard System Manager (WSM). Some of the management and monitoring features differ between the different tools.

Fireware Web UI

Fireware Web UI is part of Fireware, and is a web interface that is on the Firebox. The Web UI is a real-time management tool, which means that each configuration change you make takes effect immediately. There are a few configuration changes you cannot make with Fireware Web UI.

For more information, see About Fireware Web UI.

Locally Installed WatchGuard Software

You can optionally install WatchGuard management tools and servers on a Windows computer on your private network.

Fireware XTM components diagram

To start WatchGuard System Manager or WatchGuard Server Center from your Windows desktop, select the shortcut from the Start Menu. You can also start WatchGuard Server Center from an icon in the System Tray. From these applications, you can launch other tools that help you manage your network. For example, from WatchGuard System Manager (WSM), you can launch Policy Manager or HostWatch.

WatchGuard System Manager

WatchGuard System Manager (WSM) is the primary application for network management with your Firebox. You can use WSM to manage many different Fireboxes, even those that use different software versions. WSM includes a comprehensive suite of tools to help you monitor and control network traffic.

Policy Manager

You can use Policy Manager to configure your firewall. Policy Manager includes a full set of pre-configured packet filters, proxy policies, and application layer gateways (ALGs). You can also make a custom packet filter, proxy policy, or ALG in which you set the ports, protocols, and other options. Other features of Policy Manager help you to stop network intrusion attempts, such as SYN Flood attacks, spoofing attacks, and port or address space probes.

For more information, see About Policy Manager.

Firebox System Manager (FSM)

Firebox System Manager gives you one interface to monitor all components of your Firebox. From FSM, you can see the real-time status of your Firebox and its configuration.

For more information, see Monitor your Firebox with Firebox System Manager (FSM).


HostWatch is a real-time connection monitor that shows network traffic between different Firebox interfaces. HostWatch also shows information about users, connections, ports, and services.

For more information, see About HostWatch.

Log Manager

Log Manager is the WatchGuard WebCenter tool you use to see log file data collected from your WatchGuard servers and your Fireboxes.

For more information, see About Firebox Logging and Notification.

Report Manager

Report Manager is the WatchGuard WebCenter tool you use to see Available Reports and to generate On-Demand reports of the data collected from your Log Servers for all your Fireboxes.

For more information, see View Reports in Report Manager.

CA Manager

The Certificate Authority (CA) Manager shows a complete list of security certificates installed on your management computer with Fireware XTM. You can use this application to import, configure, and generate certificates for use with VPN tunnels and other authentication purposes.

WatchGuard Server Center

WatchGuard Server Center is the application where you configure and monitor all your locally installed WatchGuard servers.

For more information about WatchGuard Server Center, see Set Up WatchGuard Servers.

Management Server

The Management Server operates on a Windows computer. With this server, you can manage all firewall devices and create virtual private network (VPN) tunnels using a simple drag-and-drop function. The basic functions of the Management Server are:

  • Certificate authority to distribute certificates for Internet Protocol Security (IPSec) tunnels
  • VPN tunnel configuration management
  • Management for multiple Fireboxes

For more information on the Management Server, see Install and Set Up the WatchGuard Management Server.

Log Server

The Log Server collects log messages from each Firebox. These log messages are encrypted when they are sent to the Log Server. The log message format is XML (plain text). The information collected from firewall devices includes these log messages: traffic, event, alarm, debug (diagnostic), and statistic.

For more information, see Set Up Your Log Server.

Report Server

The Report Server periodically consolidates data collected by your Log Servers from your Fireboxes, and then periodically generates reports. Once the data is on the Report Server, you can use Report Manager to generate and see reports.

For more information about reports and the Report Server, see About the Report Server.

Quarantine Server

The Quarantine Server collects and isolates email messages that spamBlocker suspects to be email spam, or emails that are suspected to have a virus.

Suspect and bulk spam categories are supported by Fireware v12.1.3 and lower, and Fireware v12.2.x to Fireware v12.5.3.

For more information, see About the Quarantine Server.

WebBlocker Server

The WebBlocker Server operates with the Firebox HTTP proxy to deny user access to specified categories of websites. When you configure your Firebox, you specify the categories of websites to allow or block.

The locally-installed WebBlocker Server only supports Fireboxes with Fireware OS 12.1.x or lower installed. For more information, see the Fireware 12.1 Help.

WatchGuard Dimension

WatchGuard Dimension™ integrates with your Fireboxes and WatchGuard servers to provide a complete, flexible, cloud-ready logging, reporting, and management solution. From Dimension, you can manage your Fireboxes, review the log messages for all your connected Fireboxes and WatchGuard servers, and schedule, view, and run reports from the log messages collected by Dimension.

For more information, see Set Up & Administer Dimension.

Fireware Command Line Interface

Fireware also includes a Command Line Interface (CLI) that you can use to manage the Firebox through an SSH connection to the Firebox serial console port or a network interface on port 4118.

For information about how to use the CLI, see the Fireware Command Line Interface Reference available at https://www.watchguard.com/wgrd-help/documentation/xtm.