The Intrusion Prevention Service (IPS) downloads signature updates from a signature update server. Gateway AV, IPS, Application Control, and Data Loss Prevention all use the same update server settings. When you configure the update server for any one of these subscription services, the settings apply to all of these services.
IPS and Application Control signature updates are delivered together in the same update file.
To make sure that the XTM device can connect to the update server, you must add at least one DNS server to your network configuration. The XTM devices uses DNS to resolve the update server URL to an IP address. For more information, see
Do not change the Update server URL unless you are told to do so by WatchGuard.
If your Firebox or XTM device must connect through an HTTP-proxy to connect to the signature update server, you must add information about the HTTP proxy server to your update server configuration.
For information about how to see the status of Application Control signature updates, and how to manually force an update to the most current signatures, see Subscription Services Status and Manual Signatures Updates.
For security reasons, some customer environments require direct control over the distribution and installation of periodic signature updates for signature services such as Gateway AntiVirus, Intrusion Prevention, and Data Loss Prevention.
WatchGuard offers Offline Signature Updates that enables you to download the latest signatures for these services directly from WatchGuard, and then use a script to manually install these files on your Firebox or XTM devices.
A special set of credentials are required to access the signature update files from the WatchGuard servers. For more information, contact your local WatchGuard representative.