What s new in watchguard ssl v3 2
This presentation is the property of its rightful owner.
Sponsored Links
1 / 25

What’s New in WatchGuard SSL v3.2 PowerPoint PPT Presentation


  • 107 Views
  • Uploaded on
  • Presentation posted in: General

What’s New in WatchGuard SSL v3.2. WatchGuard SSL v3.2. Windows 8 and 64-bit Internet Explorer Support Outlook Anywhere Support Nested Group Support Access Client Settings Synchronization Access Client History Menu Optimized Assessment Scan Confirmation for Startup Commands

Download Presentation

What’s New in WatchGuard SSL v3.2

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


What s new in watchguard ssl v3 2

What’s New inWatchGuard SSL v3.2


Watchguard ssl v3 2

WatchGuard SSL v3.2

Windows 8 and 64-bit Internet Explorer Support

Outlook Anywhere Support

Nested Group Support

Access Client Settings Synchronization

Access Client History Menu

Optimized Assessment Scan

Confirmation for Startup Commands

DNS Suffix Assignment

Log File Rotation Deletion

WatchGuard Training

2


Windows 8 and 64 bit internet explorer support

Windows 8 and 64-bit Internet Explorer Support

WatchGuard Training

The SSL device now fully supports the Windows 8 operating system (32-bit and 64-bit).

64-bit Internet Explorer is now supported with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

3


Outlook anywhere support

Outlook Anywhere Support

WatchGuard Training

With Microsoft Outlook Anywhere (also known as RPC over HTTP), end users with the Outlook client can get access to corporate email and calendars over the Internet from outside the corporate domain without having to log into a VPN.

4


Outlook anywhere support1

Outlook Anywhere Support

WatchGuard Training

The SSL device now supports Outlook Anywhere

  • The Exchange server does not need to be exposed externally.

  • The processing burden of SSL encryption/decryption is offloaded to the SSL device instead of the Exchange server.

  • Minimal impact on your current network topology.

  • Provides a web resource-based solution (no additional client) and has no impact to the end user Outlook experience.

5


Outlook anywhere support configuration

Outlook Anywhere Support — Configuration

WatchGuard Training

To enable Outlook Anywhere on your Exchange Server:

  • http://technet.microsoft.com/en-us/library/bb123542.aspx

    To enable Outlook Anywhere on the Outlook Client:

  • http://office.microsoft.com/en-us/outlook-help/use-outlook-anywhere-to-connect-to-your-exchange-server-without-vpn-HP010102444.aspx

6


Outlook anywhere support configuration1

Outlook Anywhere Support — Configuration

WatchGuard Training

Create client definition for Outlook Anywhere

  • Select Manage System > Client Definition.

  • Add Client Definition.

    • uri=*/rpc/*

7


Outlook anywhere support configuration2

Outlook Anywhere Support — Configuration

WatchGuard Training

Define Client Access settings

  • Select Resource Access > Manage Global Resource Settings > Client Access

    • Enable these options:

      • The client does not support cookies

      • The client cannot authenticate using HTML or WML forms

8


Outlook anywhere support configuration3

Outlook Anywhere Support — Configuration

WatchGuard Training

Create an OWA Web Resource

  • Create a path “rpc/” for Outlook Anywhere

  • “Microsoft-Server-ActiveSync” for ActiveSync

    Create an Authentication Method access rule

  • Outlook cannot select an authentication method, so you must determine the authentication method.

  • Apply the access rule on the “rpc/” path

  • If there is only one enabled Authentication Method, this step is not necessary.

    Enable SSO

  • Create an SSO for Outlook Anywhere

  • Apply on the “rpc/” path

  • Enable the Authentication Method to save login credentials for the SSO

  • Outlook Anywhere and ActiveSync can share one SSO, but OWA cannot because it requires Domain\User name as user name by default.

9


Outlook anywhere support configuration4

Outlook Anywhere Support — Configuration

WatchGuard Training

Create a Listener (Optional)

  • This step is necessary only if you require separate services for Outlook Anywhere, ActiveSync, Outlook Web Access, and regular VPN access.

  • Import a certificate (Manage System > Certificates)

10


Outlook anywhere support configuration5

Outlook Anywhere Support — Configuration

WatchGuard Training

Create a Listener (Optional)

  • Create a listener (Manage System > Device Settings)

11


Outlook anywhere support configuration6

Outlook Anywhere Support — Configuration

WatchGuard Training

Create a Listener (Optional)

  • Apply NAT for the listener to the external Internet interface on your firewall

12


Outlook anywhere support configuration7

Outlook Anywhere Support — Configuration

WatchGuard Training

Create a DNS name for device

  • Link the DNS name to the OWA Web Resource

    • In this example, the Access Point will load this web resource when the client request contains “owa2.watchguard.com”

13


Nested group support

Nested Group Support

WatchGuard Training

The SSL device now correctly supports nested groups (a ‘child’ user group that belongs to another group) within directory services.

Nested groups are now processed correctly when:

  • Access rules are applied

  • Viewed within reports

  • Viewed in the group display in the admin Web UI

14


Access client settings synchronization

Access Client Settings Synchronization

WatchGuard Training

You can store and synchronize individual Access Client preferences, history, and favorite resources on the SSL device.

Synchronization is enabled by default on the SSL device.

On the SSL device, select User Management > Global User Account Settings, then select the new User Client Settings Sync tab.

15


Access client synchronization settings

Access Client — Synchronization Settings

  • New Synchronization tab on the Access Client preferences page:

    • Sync Server — Enter or select your sync server, which is the address of the SSL device.

    • Enable automatic synchronization — Automatically perform a sync when you are connected to the SSL device through a VPN tunnel.

    • Synchronize Now — Perform a manual sync. If you are not connected to the SSL device through a VPN tunnel, you are prompted to authenticate.

WatchGuard Training


Favorites add favorite for all new users

Favorites — Add Favorite for All New Users

WatchGuard Training

You can add favorites globally for new users, or for a specific user, that can be synchronized to their Access Client settings.

To add favorites that will be synchronized to new users:

  • Click User Management > Global User Account Settings.

  • Select the User Client Settings Sync tab.

  • Click Add Favorite Resource.

17


Favorites add favorite for specific user

Favorites — Add Favorite for Specific User

WatchGuard Training

To manage favorites for a specific user:

  • Select User Management > User Accounts.

  • Select a specific user.

  • Select the Favorites tab.

    Click Add Favorite Resource.

18


Access client history menu

Access Client — History Menu

WatchGuard Training

When a user loads a tunnel successfully, the details of the tunnel configuration are automatically saved in the Access Client History.

Users can easily open a recently accessed tunnel resource.

The History menu can contain a maximum of 15 items.

19


Optimized assessment scan

Optimized Assessment Scan

WatchGuard Training

Caches the results of assessment access rules to improve the efficiency of assessing connections where multiple access rules are applied globally or applied to many resources.

To configure the behavior of assessment results caching:

  • Select Manage System > Assessment.

  • Select the General Settings tab.

20


Optimized assessment scan1

Optimized Assessment Scan

WatchGuard Training

These options are enabled when you create a corresponding assessment access rule, and enable you to collect and cache this information:

  • Windows

  • Process

  • Network

  • Anti-virus

  • Firewall

  • Anti-spyware

    If you remove the original access rules, these options remain enabled for caching purposes.

    Disable these options to improve client scanning efficiency during assessment when you no longer require these assessment options.

21


Confirmation for startup commands

Confirmation for Startup Commands

WatchGuard Training

A Confirm Command option has been added to the Startup tab of a tunnel resource.

  • When enabled, the end user is prompted to confirm the command before it is run.

  • If this option is disabled, the command is run automatically without confirmation.

  • By default, this option is enabled for all resource wizards except RDP Access and SSH Access, where the command text is not readable.

22


Dns suffix assignment

DNS Suffix Assignment

WatchGuard Training

The DNS suffix for a connection is now always applied, even if an IP address assignment fails.

The DNS suffix is assigned automatically if DNS forwarding is enabled in the advanced settings of the Tunnel resource.

The DNS suffix is assigned based on your configured DNS Search Order field on the Manage System > Network Configuration page.

23


Log file rotation deletion

Log File Rotation Deletion

WatchGuard Training

You can now configure how many log files to keep on the system before they are deleted.

This prevents excessive log files from filling up your disk space.

For each type of log, in the Log File Rotation section you can configure the Max Files in Rotation. The default is 90.

24


Thank you

Thank You!


  • Login