Configure Notification Rules for Firebox Events

On the Firebox, an alarm is an event that triggers a notification to tell a network administrator about a condition in the network. For example, a proxy policy can generate an alarm when traffic matches, or does not match, a rule in the proxy. A security service such as APT Blocker can generate an alarm when it detects a threat.

To generate WatchGuard Cloud alerts and email notifications for Firebox alarms, you must complete these steps:

  • Add a notification rule in WatchGuard Cloud
  • Configure notification settings on the Firebox

Add a Notification Rule in WatchGuard Cloud

To configure a rule to generate alerts for alarm events received from Fireboxes:

  1. Select Administration > Notifications.
  2. Select the Rules tab.
  3. Click Add Rule.
  4. From the Notification Source drop-down list, select Devices.
  5. From the Notification Type drop-down list, select Device Alarms.

  1. Configure the delivery method. For more information about delivery methods, see Configure Rules for Notifications.
  • None — The rule generates an alert that appears on the Alerts page.
  • Email — The rule generates an alert that appears on the Alerts page and also sends a notification email to the specified recipients.
  1. Save the rule.

Configure Notification Settings on the Firebox

For a Firebox to send alarms to WatchGuard Cloud, you must enable notification settings on the device. You can configure notification settings in policies and proxy actions, and for services and features that generate alarms. For example, if you want to generate an alert in WatchGuard Cloud when APT Blocker or IPS blocks a threat, configure those services to send notification.

To enable the Firebox to send an alarm notification, Fireware Web UI or Policy Manager:

  1. Edit the policy, proxy action, or feature you want to receive notification for.
  2. In the notification settings, select Send notification.
  3. Select the Email notification method.

Scren shot of the Notification Settings for APT Blocker in Fireware Web UI

Example: Notification settings for the IPS service, in Fireware Web UI

In the notification settings on the Firebox, you must select the Email notification method, regardless of the delivery method you select in the notification rule in WatchGuard Cloud.

You must enable email notification for each service or policy that you want to receive notification for. For more information about notification settings on the Firebox, see Set Logging and Notification Preferences.

You can see all alarms received from a Firebox in the Alarms report. For more information, see Alarms Report.

Related Topics

Manage WatchGuard Cloud Alerts