WatchGuard XCS 9.2 Update 4 Now Available

Corey Nachreiner's picture

15 Nov 2012 By Corey Nachreiner
Categories: XCS

Internationalized Content Scanning and Web Proxy Enhancements, Plus Security and Functionality Improvements

As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances to protect from data loss, new viruses, and malware, and to enable organizations to customize their environments, WatchGuard is pleased to announce the availability of XCS 9.2 Update 4.

Highlights of this maintenance release include:

  • Content Scanning Internationalization Support. WatchGuard XCS now supports non-Western languages when you use the Content Scanning feature on messages and files that use international Unicode character sets. This includes languages such as Chinese (traditional and simplified), Japanese, Korean, Russian, and Greek. In addition, accented characters in Western languages such as German, Norwegian, and French are now processed and displayed properly.
  • SSL Renegotiation Option for TLS Sessions. A new option has been added to the TLS Encryption configuration page that controls SSL renegotiation after a TLS session has been established between the XCS and another mail server. While this option is enabled by default for compatibility with earlier releases, you can disable this option to mitigate SSL renegotiation denial-of-service attacks and avoid issues with standard security scans.
  • End-User Agreement for Login Page. A new End-User Agreement option allows you to display a disclaimer on the WatchGuard XCS login page that a user must accept before they can log in. This option applies to logins by administrators, tiered administrators, Spam Quarantine/Trusted Senders, and WebMail users. You can customize the default End-User Agreement text to reflect the specific acceptable use or legal policies of your organization.
  • Download a List of Imported Directory Users. You can now download a list of users imported to the XCS via LDAP. You can use the downloaded list to examine the email addresses of imported and mirrored users to verify the stored information for recipient verification.
  • Embed Fonts Option for PDF Reports. A new Embed Fonts option has been added that allows you to enable or disable the embedding of fonts directly into a PDF report. This option is enabled by default and improves compatibility for PDF viewers, but significantly increases the size of PDF reports.
  • Private Root CA Certificate Bundle Support.  Secure sites that want to utilize a private Root CA certificate bundle can now upload a new file that contains it.
  • HTTP/1.1 Compatibility for Web Proxy. A new Ignore HTTP/1.1 Expect Header option has been added to allow HTTP/1.1-based web applications to work properly through the WatchGuard XCS Web Proxy.
  • Tiered Admin User Profile Page. Tiered administrators who do not have full admin privileges and do not have a local account (for example, on a clustered system) can now update their user profile and change their password from a User Profile page.
  • Over 25 additional bug fixes and minor enhancements have been included.

For more details, see the Release Notes.

Does This Release Pertain to Me?

XCS 9.2 Update 4 is a maintenance release that contains a number of enhancements and bug fixes, including security fixes. Because of the security updates, it is strongly advised that users install the software update. Please read the Release Notes before you upgrade, to understand what is involved.

How Do I Get the Release?

Your XCS appliance will automatically download the XCS 9.2 Update 4 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from the Articles and Support section of WatchGuard’s Support Center. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.

For a more detailed description of this update, please visit the WatchGuard Support Center at

If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375