Product and Support News

Dimension™ 2.0.1 Update 1 Fixes OpenSSL Flaw

15 February 2016 By Brendan Patterson

Early this month, I reported a new OpenSSL vulnerability in one of my Daily Security Byte videos. At a high-level, vulnerable OpenSSL servers configured to negotiate Diffie-Hellman keys in a particular way were vulnerable to a "key recovery" attack. By sending many specially crafted connections to a vulnerable server, an attacker could exploit this flaw to recover the server's private key, and decrypt its communications.

Many of WatchGuard products weren't vulnerable to this flaw since we don't configure OpenSSL in the way necessary to expose the issue. However, our log collecter, which is present in both WatchGuard System Manager (WSM) and Dimension™, was vulnerable to the flaw.

Dimension 2.0.1 Update 1 fixes this OpenSSL vulnerability (CVE-2016-0701). If you use Dimension™especially if you expose its logging service publiclyyou should download and install this Dimension™ update as soon as you can. Check the Release Notes for more details on what the update fixes, and how to install it.

Finally, you can learn more about this vulnerability, and how it affects our products, in the Knowledge Base article dedicated to the flaw.— Corey Nachreiner, CISSP (@SecAdept)

Filed under: Network Security
< Blog Home

Related Posts

WatchGuard Fireware logo in front of a gray and red grid pattern
Article

Fireware 12.10.3: Security & Bug Fixes

Article

Fireware 12.10.3: Security & Bug Fixes

Fireware is the security software suite that runs on WatchGuard Firebox appliances, offering firewall protection, threat detection, and network management tools for businesses. Version 12.10.3 is a regular maintenance release addressing reported bugs and vulnerabilities. To understand precisely what is included, please reference the release notes

Supported Devices

Firebox NV5, T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M440, M470, M570, M590, M670, M690, M4600, M4800, M5600, M5800, FireboxV, and Firebox Cloud.

How to Upgrade

Firmware upgrades are included with active WatchGuard support subscriptions. The most straightforward approach is to use WatchGuard Cloud to schedule upgrades for one or many systems. In addition, you can upgrade individual systems directly from within the WebUI or download the applicable packages from the WatchGuard Software Download Center.

More Information

For questions, please reach out to your local WatchGuard representative. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Read Article 
Default generic product support blog image
Article

FireboxV Micro Offers Big Security for Smaller Budgets

Article

FireboxV Micro Offers Big Security for Smaller Budgets

As a cost-conscious IT professional managing a distributed network with moderate performance demands, you need a secure, budget-friendly solution to safeguard your environment. FireboxV Micro addresses this challenge by offering the robust security features of WatchGuard's FireboxV at a lower price than our Small instances. This allows you to efficiently deploy multiple security layers across your network without breaking your budget. 

FireboxV Micro Overview

For those who may not be familiar with this solution, our FireboxV is a virtual security solution designed to safeguard your network. Like our traditional firewalls, it delivers comprehensive security features, including stateful packet inspection, application control, intrusion prevention, and secure VPN connections, all in a single, easy-to-manage solution. Available in various sizes to suit different performance needs, FireboxV is ideal for businesses of all sizes seeking robust and scalable network protection.

FireboxV Micro is the smallest, most economical version of our popular FireboxV virtual firewall appliance. This means you can enjoy the same top-notch security features as the other FireboxV instances but at a lower price. 

FireboxV Micro Benefits

  • Reduced Cost: Deploy multiple FireboxV instances across your network without breaking the bank.
  • Uncompromised Security: Enjoy the same robust security features found in our larger FireboxV options.
  • Ideal for Distributed Networks: Easily scale your security infrastructure to protect all your locations.

Ready to learn more? 

Contact your local WatchGuard Sales Representative or visit our website today!

Read Article 
WatchGuard Fireware logo in front of a gray and red grid pattern
Article

New Fireware Release - v12.10.2

Article

New Fireware Release - v12.10.2

Fireware is the security software suite that runs on WatchGuard Firebox appliances, offering firewall protection, threat detection, and network management tools for businesses.

New WebBlocker Categories

WebBlocker works with Fireware to control what websites users on your network can access. It helps improve productivity, reduces security risks, and minimizes legal liability by using a database to categorize websites into groups like social media, entertainment, or gambling, blocking entire categories or specific websites based on your configuration, and integrating with Fireware's proxy policies to enforce web access restrictions.

WebBlocker now supports these new categories and subcategories:

  • Social Web
  • Collaboration-Office
  • Information Technology
  • Internet Watch Foundation (IWF)

Additional enhancements in v12.10.2 include:

  • You can view the new Login To statistic from Firebox System Manager, Fireware Web UI, and the CLI.
  • WatchGuard System Manager (WSM) Quick Setup Wizard now enables a DHCP server on the internal interface of a device by default.
  • In Firebox System Manager (FSM), you can now right-click an external interface with DHCP enabled to renew or release the DHCP lease.

More Information

In addition to these enhancements, this firmware release also resolves several issues. Go to What’s New in Fireware in the Help Center for release notes and descriptions of the problems resolved. 

Read Article 
< Blog Home