Device Feedback
In your Firebox device configuration, you can choose whether the Firebox sends feedback to WatchGuard. Device feedback is enabled by default.
Device feedback helps WatchGuard to improve products and features. It includes information about how your Firebox is used and issues you encounter with your Firebox, but does not include any information about your company or any company data that is sent through the Firebox. Because of this, your Firebox data is anonymous. All device feedback that is sent to WatchGuard is encrypted.
WatchGuard uses the information from the device feedback data to understand the geographic distribution of Fireware OS versions. The data WatchGuard collects includes summarized information about which features and services are used on Fireboxes, about threats that are intercepted, and about device health and performance. This information helps WatchGuard to better determine which areas of the product to enhance to provide the most benefits to customers and users.
Use of the device feedback feature is entirely voluntary. You can disable it at any time. To disable device feedback on your Firebox, clear the Send device feedback to WatchGuard check box.
When device feedback is disabled, the Firebox returns only basic data to WatchGuard. This includes data such as the device serial number, model, Fireware version, and Fireware build, and other data such as the device IP address, uptime duration, and a hash of the device MAC address.
When device feedback is enabled, feedback is sent to WatchGuard once every six days and each time the Firebox reboots. Device feedback is sent to WatchGuard in a compressed file. To conserve space on the Firebox, the feedback data is removed from the Firebox after it is sent to WatchGuard.
Device feedback includes this information from your Firebox:
- Firebox serial number
- Fireware OS version and build number
- Firebox model
- Firebox uptime since the last restart
- Whether device feedback is enabled (Fireware 12.4 and higher)
- Start and end time stamps for the feedback data sent to WatchGuard
- Count of policies
- Number of enabled interfaces
- Number of BOVPN tunnels
- Number of Mobile VPN tunnels
- Number of VLANs
- Configuration file size
- Maximum number of concurrent sessions
- Maximum number of proxy connections
- Maximum CPU usage
- Maximum memory usage
- Which WatchGuard user interface sent feedback to WatchGuard: Fireware Web UI, WatchGuard System Manager, or the Command Line Interface
- Whether the Firebox is under Centralized Management and the management mode for the Firebox
- Number of Access Points (AP) configured on the Firebox
- Authentication options configured on the Firebox
- Whether the Firebox is a member of a FireCluster and in Active/Active or Active/Passive mode
- Whether VoIP security feature is enabled
- Whether Intrusion Prevention Service (IPS) is enabled
- Logging options configured on the Firebox
- Number of proxy actions with Subscription Services enabled in the configuration
For each service, the details include whether the service is enabled, counts of the number of events for each service enabled on the Firebox, and a list of the events triggered on the Firebox for each service (includes the source IP address, protocol, and threat level of the event).
- APT Blocker
- Data Loss Prevention (DLP)
- Default Threat Protection
- File Exceptions
- Gateway AntiVirus (GAV)
- IntelligentAV
- Intrusion Prevention Service (IPS)
- Reputation Enabled Defense (RED)
- spamBlocker
- WebBlocker
- Whether the Gateway Wireless Controller is enabled
- Number of AP devices configured on the Firebox
- Number of SSIDs configured on the Firebox
- Whether the Wireless Hotspot is enabled
- Whether Access Portal is enabled
- Maximum number of users signed in
- Maximum number of RDP connections launched by users
- Maximum number of SSH connections launched by users
- Identity provider (IdP) metadata (when SAML authentication is enabled)
- Whether Active Directory single sign-on is enabled
- Number of SSO agents
- SSO agent status
- IP addresses of sites defined in the Botnet Detection exceptions list
- Whether Autotask is enabled
- Number of successful and unsuccessful attempts to save a backup image to the Firebox, a USB Drive, and a computer.
- Number of successful and unsuccessful attempts to restore a backup image from the Firebox, a USB Drive, and a computer.
- Whether the Firebox has ever been reset to factory-defaults.
- Whether Botnet Detection is enabled
- How many traffic source addresses have been tested
- How many traffic source addresses were from botnets and were dropped
- How many traffic destination addresses were tested
- How many traffic destination addresses that were sent to botnets were dropped
- Whether Connectwise is enabled
- Whether the diagnostic log level for the service that enables the Firebox to communicate with WatchGuard Cloud is enabled
- How much data is written to the Firebox storage
- Whether DNS forwarding is enabled
- Number of DNS forwarding rules defined
- Whether DNSWatch is enabled
- Whether dynamic routing is enabled on a firewall for a specific dynamic routing protocol
- Whether dynamic routing is enabled for Routing Information Protocol (RIP)
- Whether dynamic routing is enabled for Routing Information Protocol Next Generation (RIPng)
- Whether dynamic routing is enabled for Open Shortest Path First (OSPF) protocol
- Whether dynamic routing is enabled for Border Gateway Protocol (BGP)
- Whether dynamic routing is enabled for Open Shortest Path First protocol version 3 (OSPFv3)
- Dynamic routing protocol type configured
- Whether the configured dynamic routing protocol is enabled
- Autonomous System Number (ASN) of the network if Border Gateway Protocol (BGP) is enabled
- Whether the requirement to add inbound or outbound BGP filtering policies for the eBGP session is removed
- Whether routes created by the network must be validated before the routes can be advertised to neighbor interfaces
- IP address of the Firebox interface that connects to the router
- IP address of neighbor interface one and its remote Autonomous System Number (ASN)
- Default weight assigned to interface one
- IP address of neighbor interface two and its remote Autonomous System Number (ASN)
- Default weight assigned to interface two
- IP address family
- IP address and subnet of the network on which BGP is announced
- Total number of endpoints detected on the network
- Number of endpoints discovered on the network
- Number of endpoints that use Exchange Monitoring
- Number of endpoints that use Finger Detection
- Number of endpoints that use HTTP Detection
- Number of endpoints that use IKE detection for mobile devices
- Number of endpoints that use SSL VPN detection
- Number of endpoints that use FireClient service
- Whether Endpoint Policy is enabled
- Number of connected endpoints
- Whether FQDN is in use
- How many FQDNs are configured
- How many FQDNs use specific domain names
- How many FQDNs use wildcards
- How many FQDNs are configured in packet filter policies
- How many FQDNs are included in the Blocked Sites exception list
- How many FQDNs are included in quota exceptions
- How many packet filter policies include FQDN in a policy filter
- How many sanctioned DNS servers are in use
- Whether FQDN is enabled with packet filter policies
- Number of FQDNs configured in the system
- Number of fully qualified domain names configured in the system
- Number of wildcard domain names configured in the system
- Number of times FQDNs are used in the From or To field of a policy
- Number of FQDNs configured in the Blocked Sites list
- External IP addresses that restrict the firewall to allow third-party access to the network
- Number of FQDNs configured in the Blocked Sites Exceptions list
- External IP addresses that bypass the firewall to allow third-party access to the network
- Number of FQDNs configured in quota exceptions
- Number of policies that have FQDNs in the From or To fields
- Whether an FQDN is configured in at least one static NAT object that is used by a policy
- Number of policies configured with FQDN static NAT
- Number of FQDNs configured in static NAT objects that are used by policies
- Whether Geolocation is enabled
- Number of Geolocation actions configured
- Number of source and destination IP addresses checked against the Geolocation database
- Number of source and destination IP addresses detected from blocked countries
- Whether LDAP over SSL is enabled
- Whether the LDAP client certificate is used
- The number of management accounts and Firebox-DB accounts
- Reference count of Microsoft 365
- Whether Mobile Security is enabled
- How many mobile devices are connected
- How many Android devices are connected
- How many iOS devices are connected
- How many mobile devices are connected through a VPN
- How many policies include a Mobile Security device group
- How many connections were denied by a policy with Mobile Security enabled
- Whether multicast routing is enabled
- Whether NetFlow is enabled
- NetFlow protocol version that is enabled
- Total number of devices detected on the network
- Number of devices discovered on the network
- Number of devices that use Exchange Monitoring
- Number of devices that use Finger detection
- Number of devices that use HTTP detection
- Number of devices that use IKE detection for mobile devices
- Number of devices that use SSL VPN detection
- Number of devices that use the FireClient service
- How many interfaces have Active Scan enabled
- The schedule interval configured for Active Scan
- How many devices were found on your network
- How many devices were found by Mobile Security
- How many devices were found by Active Scan
- How many devices were found by Exchange Monitor
- How many devices were found by HTTP detection
- How many devices were found by the iked process
- How many devices were found by the SSL VPN process
- Whether quotas are configured on the Firebox
- How many quota rules are configured
- How many quota actions are configured
- How many quota exceptions are configured
- Whether quota statistics are configured for RADIUS SSO
- Method used for global multi-WAN
- Number of WAN interfaces configured on the Firebox
- Number of SD-WAN actions configured on the Firebox
- Whether Mobile VPN with SSL is enabled
- Whether Management Tunnel over SSL is enabled
- Whether BOVPN over TLS is enabled and the local Firebox is configured in Server mode
- Number of configured clients when the local Firebox is configured in Server mode
- Whether BOVPN over TLS is enabled and the local Firebox is configured in Client mode
- Number of configured servers when the local Firebox is is configured in Client mode
- Number of configured servers using the native OpenVPN configuration file
- Name of the SD-WAN action configured globally
- Whether the SD-WAN action configured is Regular or Global
- Whether the SD-WAN action uses Round-Robin or Failover algorithm
- Name of the external interfaces
- Whether Spanning Tree Protocol is enabled
- Whether Tigerpaw is enabled
- Whether the TOR Exit Node Blocking service is enabled
- Total number of source IP addresses scanned
- Total number of source IP addresses blocked
- Whether Traffic Management and QoS marking is enabled
- Whether a Traffic Management action is enabled in a policy
- Whether QoS marking is enabled in a policy
- Whether a Traffic Management action is enabled for an application
- Whether WatchGuard Cloud is enabled
- Account ID on which Wireless Access Point (WAP) is enabled