Fireware 12.0 Open Beta Notice

Arthur Gordon's picture

17 Jul 2017 By Arthur Gordon
Categories: Network Security


UPDATE: A feature for GWC was mentioned as being deployed in 12.0 in a previous post, but this has been corrected to a later release date. Stay tuned for more product release updates through the product blog!

WatchGuard is excited to announce that a Beta release is available now for the 12.0 version of the Fireware Operating System.  This is a public Beta release that is open to all Firebox and XTM users.  Sign up to participate at our software download page and start submitting feedback via our Beta portal today.

Fireware 12.0 Highlights

Improved Malware Detection

  • New Gateway AntiVirus Engine. Bitdefender replaces AVG, which provides several significant advantages:
    • Powerful archiving logic engine for recognizing 100+ archiving types and packer files
    • Faster scan times to improve traffic throughput
    • Lighter and frequent (up to 5x per day) incremental signature updates resulting in faster response times to new malware attacks, and more robust handling for FireCluster
  • APT Blocker delays email (typically 1 to 3 minutes) until it gets a response back from the sandbox in the cloud, which prevents the delivery of zero-day malware infections through email.
  • APT Blocker scans JavaScript files that are sent through email, which stops one of the most popular attack vectors for ransomware.

More Secure Defaults

  • VPN connections have stronger default cryptography settings for authentication and encryption. SHA-256 and AES-256 are now the default in most cases.
  • Removal of PPTP option for VPN due to multiple vulnerabilities inherent to the protocol and to promote stronger secure default stances across the Fireware product.

Support for More Advanced Networking Use Cases

  • Host Header redirection through our new Content Actions allows the routing of traffic to different IP addresses attached to a domain and URL paths included in web headers. With Host Header Redirection, you can expect to host different server applications behind a single public IP address. It also enables SSL offload on the Firebox, removing the need to do decryption on inbound traffic to servers and clients behind the firewall.
  • Multicast traffic is allowed. Enables the Firebox to work in environments where Multicast (PIM-SM) is used to deliver application traffic from one-to-many nodes.

For information about these feature enhancements, download and review the What's New in Fireware v12.0 PowerPoint presentation available from the 12.0 Beta portal.