1 / 27

What’s New in WatchGuard XCS v9.2 Update 1

What’s New in WatchGuard XCS v9.2 Update 1. WatchGuard XCS Outlook 2010 Add-in. The WatchGuard XCS Outlook Add-in now supports Outlook 2010, in addition to Outlook 2003 and 2007.

lucie
Download Presentation

What’s New in WatchGuard XCS v9.2 Update 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What’s New in WatchGuard XCS v9.2 Update 1

  2. WatchGuard XCS Outlook 2010 Add-in • The WatchGuard XCS Outlook Add-in now supports Outlook 2010, in addition to Outlook 2003 and 2007. • The WatchGuard XCS Outlook Add-in places special Spam and Not Spam buttons on your Microsoft Outlook client toolbar. • You can report any spam messages that bypassed the spam filters and were delivered to your inbox, and also report false positives that occur when legitimate messages are classified as spam. WatchGuard Training

  3. WatchGuard XCS Outlook SecureMail Add-in • Integrates the Outlook client with the SecureMail Email Encryption service on the WatchGuard XCS device. • Available for Outlook 2007 and 2010. • The add-in adds a Send SecureMail button to the Outlook compose new email toolbar in the Add-Ins menu. WatchGuard Training

  4. WatchGuard XCS Outlook SecureMail Add-in • The Send SecureMail button performs just like the default Outlook Send button, but adds a X-XCS-SecureMail mail header to the outgoing message to indicate that the message must be encrypted by the WatchGuard XCS device before it is sent to its destination. • To support the Outlook SecureMail Add-in and SecureMail Encryption, there are two default Pattern Filters that you must enable in your XCS configuration. • These pattern filters check for: • [SecureMail] text in the subject header so that end users can manually enter this text into the subject field to indicate that a message should be encrypted. • X-XCS-SecureMail text in the mail header from the Outlook Add-in to indicate that the message should be encrypted. • The encryption is performed by the WatchGuard XCS SecureMail feature, and no encryption is performed on the Outlook client. WatchGuard Training

  5. Download and Install the Outlook Add-ins To download the latest WatchGuard XCS Outlook Add-in and Outlook SecureMail Add-in: • Select Support > Microsoft Outlook Add-ins from the WatchGuard XCS Web UI, and then select WatchGuard Portal.You can also go to http://www.watchguard.com/archive/softwarecenter.asp • Log in to the WatchGuard Portal and click the Articles & Software tab. • Select WatchGuard XCS. • Search to see all available Software Downloads articles and find the Software Download content for the WatchGuard XCS Software Downloads. • Select the download link for your specific version of Outlook.Installation instructions are included with the download file. WatchGuard Training

  6. SecureMail Email Encryption User Lists Removed • This release removes the user list management features associated with SecureMail Email Encryption. The User Lists management option has been removed from the SecureMail user interface. • Any user in your organization can use SecureMail Email encryption and you do not need to specify a list of users. • The number of users allowed to use SecureMail Email Encryption is based on the license limit and is periodically audited by WatchGuard. WatchGuard Training

  7. New Intercept Anti-Spam Decision Strategy • A new Adaptive Intercept Decision Strategy is available. • Currently, Heuristic 1 is used as the initial default strategy to compensate for the initial spam and legitimate mail training period. • When a suitable amount of training is accumulated, you can switch to Heuristic 2 to provide more aggressive anti-spam scanning using the database of trained spam and legitimate mail based on the types of messages you receive in your environment. • The Adaptive strategy combines the strengths of both the Heuristic 1 and Heuristic 2 strategies by automatically adjusting the scanning aggressiveness based on the amount of trained mail. . WatchGuard Training

  8. New Intercept Anti-Spam Decision Strategy • Adaptive Intercept Decision Strategy • The Adaptive strategy processes mail similar to Heuristic 1 during the initial message training period. • When the system has trained a suitable amount of spam and legitimate mail, it automatically adjusts its internal aggressiveness strategy similar to Heuristics 2 to utilize the trained mail. • We recommend that you use the Adaptive strategy to provide the strongest anti-spam capture rate and greater protection against false positives. • Select Security > Anti-Spam > Anti-Spam > Show Advanced Options, and then select Adaptive as the Intercept Anti-Spam Decision Strategy. . WatchGuard Training

  9. Detect JavaScript in PDF Files • The WatchGuard XCS device can now detect JavaScript embedded in PDF (Adobe Portable Document Format) files. • Blocks the transmission of PDF documents containing JavaScript code, including code that could be malicious. JavaScript code can be executed when a user opens the file in a PDF reader. • To enable JavaScript detection in PDF files • Select Security > Anti-Spam > Token Analysis > Advanced. • In the Options section, select the Detect PDF JavaScript check box. • Click Apply. WatchGuard Training

  10. Detect JavaScript in PDF Files • You can use the Attachment Control feature to manage inbound and outbound message attachments that contain the JavaScript content type application/javascriptNote: The text/javascript content type has no effect on PDF attachments with embedded JavaScript. • JavaScript is blocked by default, but you can also change the action to Strip to strip JavaScript attachments from an email message. WatchGuard Training

  11. DSN (Delivery Status Notifications) Support • DSN (Delivery Status Notifications) are extensions to the SMTP mail delivery protocol (RFC 3461). • DSN allows an SMTP client to request that the server (in this case, the WatchGuard XCS) send notification messages for successful, delayed, or failed message deliveries. • Delivery notifications are very helpful for troubleshooting email delivery issues. • This feature allows the WatchGuard XCS administrator greater control over the conditions for which notifications are sent to SMTP clients and the notification message content. WatchGuard Training

  12. DSN Configuration • Select Configuration > Mail > Access. • From the Offer DSN drop-down list, select Always, Trusted Clients Only, or Never. • The default value is Never which prevents SMTP clients from controlling which notifications are sent. • Select Trusted Clients Only to restrict DSN to trusted SMTP clients. A trusted client is one that is located on one of the WatchGuard XCS trusted networks (configured in Configuration > Network > Interfaces). WatchGuard Training

  13. DSN Customization • Select Configuration > Mail > Delivery to customize the Delivery Failure Notification, Delivery Delayed Warning, and Delivery Success Notification messages. WatchGuard Training

  14. DSN Customization • Select Configuration > Mail > Delivery > Advanced and select the Hide internal relays in notifications check box to exclude the host names and IP addresses of internal relays from Delivery Status Notifications. • An internal relay includes any system for which the XCS has a configured mail route or virtual mapping, such as a local mail server. WatchGuard Training

  15. Configurable From and Subject Notification Headers • You can now customize the From: and Subject: header fields in email notification messages sent from the WatchGuard XCS, such as delivery notification messages and scanning feature notifications. • The From: header can include the mail address part and mail name part. • For example, you can specify From: Admin <admin@example.com>, where "admin@example.com" is the mail address and "Admin" is the mail name. • You can specify the From: header as: User name <user@example.com> <user@example.com> user@example.com WatchGuard Training

  16. Configurable From and Subject Notification Headers • The Subject: header is the subject line for the notification message. • Both the From: and Subject: headers are limited to 256 characters. • The From: and/or Subject: header must be followed by a blank line. • For example, the notification for an Attachment Control policy violation can be specified as: From: Admin <admin@example.com> Subject: Attachment Control Policy Violation This is an automated message from the %PROGRAM% at host %HOSTNAME%. A mail from %S_YOU%(%SENDER%) to %R_YOU%(%RECIPIENT%) was stopped and %DISPN% because it contains one or more forbidden attachments. WatchGuard Training

  17. Search by Pattern Filter Number • You can now search for a specific pattern filter by its filter number on the Security > Content Control > Pattern Filters page. WatchGuard Training

  18. SMTPD Timeout Stress Performance Settings • The SMTPD Timeout advanced performance setting has been split into two separate options: • SMTPD Timeout for system timeout response during normal system load. • SMTPD Timeout (Stressed) for system timeout response when the system is under load stress. • To configure advanced performance settings, select Configuration > Network > Performance > Advanced. WatchGuard Training

  19. TLS Inbound and Outbound Settings • TLS encryption settings for Allow low-grade encryption and Enable SSL v2 are now applied globally for both inbound and outbound TLS connections. Previously these settings only applied to inbound. • Select Security > Encryption > TLS. WatchGuard Training

  20. Mail Engine and Kaspersky Anti-Virus Upgrade • The Postfix mail engine has been upgraded to the latest version to provide the latest improvements in mail processing performance and security. • The Kaspersky Anti-Virus scanning and pattern update engines have been upgraded to the latest version to provide enhanced protection against the latest virus, spyware, and malware threats. WatchGuard Training

  21. Web Proxy Update / HTTPS Deep Inspection • The 9.2 Update 1 release also includes the previously released 9.2 Web Proxy Update patch that introduces HTTPS Deep Inspection. WatchGuard Training

  22. Install XCS v9.2 Update 1

  23. Install XCS v9.2 Update 1 • If enabled, Security Connection automatically downloads update releases. • Install the update in Administration > Software Updates > Updates. • The update appears in the Available Updates section. • Select the update, then click Install. • The device restarts. This process can take several minutes to complete! WatchGuard Training

  24. Install XCS v9.2 Update 1 (continued) • You can also download software from the WatchGuard Portal, Articles & Software tab. WatchGuard Training

  25. Install XCS v9.2 Update 1 (continued) • Upload the software update in Administration > Software Updates > Updates. • Click Browse to find the downloaded file on your computer. • Click Upload. WatchGuard Training

  26. Install XCS v9.2 Update 1 (continued) • The update appears in the Available Updates section. • Select the update, then click Install. • The device restarts. This process can take several minutes to complete! WatchGuard Training

  27. Thank You!

More Related