WatchGuard Cloud Visibility Updates
We launched WatchGuard Cloud Visibility back in April of this year, and since then WatchGuard customers have enthusiastically adopted the new platform. Our product development team has continued to add new features and enhancements over the past few months. We capture the updates each week in our WatchGuard Cloud Release Notes. Understanding that everyone is busy and won’t find time to review these closely, we will also publish regular updates here on the product blog. Some of the major highlights since we first announced General Availability are listed below:
WatchGuard Query Language: One of the great advantages of the WatchGuard Cloud platform is the fast performance and searching of the data that is stored in Elasticsearch. We’ve made it more powerful and flexible to find what you are looking for with a new query language where you can use structured search by operator to find exactly what you need.
Example: virus:eicar* and src_ip: and dst_ip:22.214.171.124
Please take a few moments to review the log search documentation (or as context sensitive help from the log search page), as this new search mechanism does differ from how search worked in on-premise Dimension.
Device Folders: Administrators can arrange their Fireboxes in folders, and then generate reports that aggregate the data across all devices in the folder – saving time by checking all device in a company or location at one time.
Firebox Alarms: The alerting system in the cloud includes alarms that have been defined on the UTM. Administrators can get email or better visibility into security events like malware detections and network attacks, or network issues like WAN failover or High Availability failover.
More Reports: Get auditors the data that they need with our HIPAA and PCI Compliance dashboards. We’ve also added the policy usage by hits or bytes, which also helps to highlight unused policies that may need to be investigated. Most recently, we have added new reports for the WatchGuard Access Portal feature.
SD-WAN Visibility: We can now show historical reports of jitter, packet loss, and latency. Allow administrators to better troubleshoot poor network connections.
Does this pertain to me?
WatchGuard Cloud Visibility is available for all Firebox appliances [running either Basic Security Suite or Total Security Suite]. Basic Security appliances come with 1 day of data retention, and Total Security appliances provide 30 days of data retention.
We recently covered these enhancements in our October partner training webinar, including a demo of each of these new features. A recording is available in the learning center.