Fireware 11.12.2 and WSM 11.12.2 are now available. Along with ongoing maintenance updates, these releases include several significant improvements to product security and also some new networking features that enable deployment in more environments. The Release Notes online include details of bug fixes, and the What's New presentation gives a comprehensive overview of all new features. Here are the main highlights:
Brute force login controls prevent attackers from repeatedly guessing passwords for Firebox authentication or status/admin accounts.
Gateway wireless controller security improvements to prevent exploitation of known defaults or impersonation
- Option to apply new unique, strong passwords per access point instead of a global default
- New trust mechanism to prevent data loss due to AP impersonation or exploitation of factory reset
DNS forwarding enables admins to point to the gateway Firebox as the DNS server for a network. In addition, conditional forwarding gives distributed enterprise with many locations the flexibility to point to a central corporate DNS server for some traffic but local name servers for other domains.
Dynamic tunnels to Amazon Web Services (AWS) allows customers to configure dynamic routing (BGP) with failover and failback and metric based route selection between the Firebox and AWS. This capability provides comprehensive network and routing options for hybrid cloud environments when businesses connect applications on premise with servers and databases hosted in the cloud.
Appliances in bridge mode can be configured to use DHCP on the primary interface now, which enables the ability to quickly and easily install an appliance with no impact on the network. Appliances can be configured and initially setup in Bridge Mode via RapidDeploy.
New VPN usage charts in the WebUI show the number of active VPN tunnels over time, assisting with tracking of license usage and issue investigation.
Does This Release Pertain to Me?
The Fireware release applies to all Firebox T, Firebox M, and all XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W, which will soon go End of Life.
Software Download Center
Firebox and XTM appliance owners with active support subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center. Please read the Release Notes before you upgrade to understand what’s involved.
For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.