Firebox Monitoring and Configuration Features

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

Some of the features described in this topic are only available to participants in the WatchGuard Cloud Beta program. If a feature described in this topic is not available in your version of WatchGuard Cloud, it is a beta-only feature.

In WatchGuard Cloud, you can add a Firebox or FireCluster as a locally-managed or cloud-managed device.

The monitoring and configuration features available in WatchGuard Cloud depend on whether the Firebox or FireCluster is cloud-managed or locally-managed:

  • Cloud-managed Fireboxes and FireClusters — You manage the device configuration in WatchGuard Cloud. For more information, see Manage the Firebox Configuration. You can also monitor live status, and see log messages and reports for cloud-managed devices in WatchGuard Cloud.
  • Locally-managed Fireboxes and FireClusters — You manage the device configuration in WSM, Fireware Web UI, or the Command Line Interface. For more information, see Fireware Help. In WatchGuard Cloud, you can monitor live status, and see log messages and reports for locally-managed devices you add to WatchGuard Cloud.

This table lists WatchGuard Cloud features and indicates whether they support locally-managed and cloud-managed devices. For information on unsupported features for cloud-managed devices, see Unsupported Features for Cloud-Management.

WatchGuard Cloud Functionality Locally-Managed Cloud-Managed

Configure Firebox settings, including:

  • Firewall
  • VPN
  • Networking
  • Authentication
  • System settings
  • Log server
  • Technology integrations


Configure security settings, including:

  • Content scanning
  • Network blocking
  • Exceptions
  • Geolocation
  • Content filtering
  • TLS decryption
Manage the FireCluster configuration  
Initiate FireCluster system actions (upgrade firmware, reboot, and failover)
Configure shared device settings in templates  
Schedule and deploy changes to device settings  
Revert to a previously deployed configuration  
Monitor live status (network status, routes, VPNs, users, FireCluster, etc.)
View log messages and reports
Upgrade firmware
Manage Firebox backups  
Reboot the Firebox

Unsupported Features for Cloud-Management

A cloud-managed Firebox supports configuration of the most secure and most frequently used Fireware features. It does not support every feature that is configurable for a locally-managed Firebox. We do not plan to add the detailed options that are available in proxy actions today for locally-managed devices, such as HTTP header requests and HTTP responses.

WatchGuard will regularly add more features to WatchGuard Cloud. For information about upcoming features, see this Knowledge Base article: WatchGuard Cloud Features for Firebox Configuration.

WatchGuard Cloud does not support policy management of these legacy features:

  • Data Loss Prevention
  • Mobile Security

WatchGuard Cloud does not support these older cryptography and VPN standards:

  • IKEv1 (IPSec) VPNs
  • L2TP VPNs

WatchGuard Cloud will also not support SIP and H.323 Application Layer Gateways (ALG) for added security checks for these VoIP and communication protocols.

WatchGuard Cloud does not support Gateway Wireless Controller for management of wireless access points or configuration of multicast routing settings for networks or BOVPN tunnels.

For information about feature support in FireCluster, see Unsupported Features for a Cloud-Managed FireCluster.

See Also

About WatchGuard Cloud

Get Started — Add a Device to WatchGuard Cloud

Upgrade Firmware in WatchGuard Cloud

Reboot a Firebox

Manage Firebox Backup Images in WatchGuard Cloud

Live Status Reporting for Fireboxes and FireClusters

About Firebox Security Services Settings

About FireCluster in WatchGuard Cloud