Network Security


New in TDR 5.9.0: User-Based ThreatSync Services

Profile picture for user rarroyo

We are excited to announce that Threat Detection and Response has a new feature to try – user-based ThreatSync services.

Have you ever stared at your ThreatSync dashboard and wondered who continues to download and run that malicious file? You might find the file in the home directory of the user, but we all know that is not always the case. Now, you can take out the guesswork with user-based ThreatSync services!

User-Based ThreatSync Services

In TDR 5.9.0, new user pages display user information attributed to each file or process detected by the Host Sensor.

This feature includes...


WatchGuard Cloud Introduces New Executive Summary Report

Profile picture for user shelm

We are pleased to announce the release of the new Executive Summary Report feature in WatchGuard Cloud. The Executive Summary Report provides complete visibility into network traffic and security events, and helps boost efficiency, productivity, and profitability.

The three-page summary report provides the business intelligence that you need to support key goals:

  • Ensure productive use of corporate assets and time throughout the organization.
  • Audit compliance against acceptable usage policies for Internet usage.
  • Monitor protection against spyware, malware, and viruses.



WatchGuard is switching Botnet Blocklist providers

Profile picture for user rarroyo

Greetings valued WatchGuard Partners and Customers. For those that are not aware, or even those that just need a refresher, the firebox downloads a list of known malicious Command and Control IP addresses that it blocks. This is commonly referred to as the Botnet Blocklist and is Licensed as part of RED service in the Basic Security package. As part of our commitment to provide the best security to you, a new Botnet Block list is being deployed globally on July 13th. Should you or any of your customers encounter a false positive please add the offending IP address to the Blocked Sites...


Fireware 12.5.4 Now Available

Profile picture for user shelm

WatchGuard has posted Fireware 12.5.4 in the Software Download Center. In addition to various bug fixes, this update introduces a new engine for spamBlocker, and TDR host sensor enforcement to permit a VPN connection via the Firebox. Full details are provided in the Release Notes, which are available here.  

Key elements of this release:

  • Host sensor VPN enforcement. Now admins can require an active TDR host sensor and required operating system to permit mobile VPN connections back to a Firebox.
  • Improved spam detection efficacy. In this release we are officially transitioning the...

Dimension 2.1.2 Update 4 now available

Profile picture for user jvendramin

We are pleased to announce the availability of WatchGuard Dimension 2.1.2 Update 4. This maintenance release is now available from the Software Download Center, together with Release Notes and update instructions. WatchGuard Dimension 2.1.2 Update 4 provides the following fixes:


  • A warning is generated when attempting to upgrade to future versions of Dimension if the current instance is running an older Ubuntu kernel
  • Added support for database restores to Postgresql v11 and v12

Logging and Reporting

  • Most Popular Domains has been renamed Most Popular Destinations in Per...

Now Available: Global Exceptions API for Firebox

Profile picture for user sharonli

Over the past year, we have made a lot of investment to pave the way for partners and customers to have API access to WatchGuard products. Earlier this year we released an API for AuthPoint Authentication and now we are excited to announce that live in production this week is the first Firebox Management API aimed at configuring Global Exceptions.

Global exceptions are rules that can override the current settings on the Firebox and include:

  • Adding to blocked sites (one of the top use cases!)
  • Blocked sites exceptions
  • Botnet exceptions
  • File exceptions
  • Geolocation exceptions
  • Intru...

Now Available: Firebox T20, T40 & T80

Profile picture for user shelm

WatchGuard is excited to announce the release of three new Firebox T Series UTM appliances: Firebox T20, T40, and T80. These latest Firebox models provide an upgrade path for our existing Firebox T Series customers and offer faster processors and more memory. Delivering big security in a small appliance, each WatchGuard Firebox includes a complete and industry-best set of threat management solutions.

Key Features:

  • IntelligentAV and Access Portal are available on the T40/T40-W and T80.
    Services that were previously only available on rackmount appliances now run on smaller tabletop...

Now available: Fireware 12.5.3

Profile picture for user bpatterson

WatchGuard has posted Fireware 12.5.3 and WSM 12.5.3 in the Software Download Center. These new releases introduce several key bug fixes and some new enhancements. Full details are provided in the Release Notes and the What’s New presentation. We’ve seen a huge increase in the number of people using Mobile VPN for remote access over the past few weeks, so please note that this release also includes an updated version of the SSL VPN client for Mac and Windows. 

Key Updates of This Release:

  • Mobile VPN with SSL improvements, including the elimination of an upgrade prompt that did not apply...

General Availability of TDR Machine Learning Enhanced Host Ransomware Prevention

Profile picture for user rarroyo

We are excited to announce the general availability of Machine Learning Enhanced Host Ransomware Prevention!

Ransomware authors are getting smarter and bolder. Every day they find new ways to avoid detection and steal data. TDR already protects your endpoints from devastating ransomware attacks. As ransomware attacks evolve, we must improve our ability to stop them with faster detection through machine learning.

Machine Learning for Host Ransomware Prevention

In 2018, we enhanced TDR's Detection and Response (D&R) engine with machine learning. This significantly increased our general...


TDR AD Helper Credential Disclosure Vulnerability

Profile picture for user rarroyo

Good morning TDR Users, 

On 11 March 2020, a pen testing company, RedTeam PenTesting GMBH, disclosed a credential disclosure vulnerability in the AD Helper to (link below). The disclosure states that by accessing the AD Helper web interface, a call to an API endpoint is made which responds with plaintext credentials to all configured domain controllers.

On 9 March 2020, WatchGuard released a fix for this vulnerability in AD Helper In this version, the offending REST endpoint no longer returns plaintext passwords. In addition, the service running the...

Browse by Category



Sign up to get the latest product news, updates, and support alerts from WatchGuard.




Beta Program

Resource Center

End of Life Info

Product Certifications

Product & Support News


"The 443" Podcast


Keep in Touch

  Subscribe by Email

  Subscribe by RSS