Upload
josemiguelrodriguezgonzalez
View
221
Download
0
Embed Size (px)
Citation preview
7/25/2019 Whats-new Fireware v11!10!5
1/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
Whats New in Fireware v11.10.5
7/25/2019 Whats-new Fireware v11!10!5
2/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
Whats New in v11.10.5New Features and Enhancements
WatchGuard AP300 AP firmware availability after up rade Fast !and"ver #and $teerin Fast %"amin &lient 'imits f"r each radi"
Wireless $can (nterval Wireless Event Alarms )iew Wireless &lient !"st Name and (P Address AP* #l"c+er $upp"rt f"r the P,P3-pr".y /efault Fireb". &ertificate pdates 3G12G "dem $upp"rt
$upp"rt f"r N"vatel 450' $# m"dem $end '" essa es f"r %ep"rts f"r Pac+et Filt
er All"wed *raffic
5
7/25/2019 Whats-new Fireware v11!10!5
3/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
WatchGuard AP300Features6
&"ncurrent 3.3 ( ,7 ultiple (nput ultiple,utput8 capability
/ual radi"s f"r 592G!:and ;G!:
7/25/2019 Whats-new Fireware v11!10!5
4/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
WatchGuard AP300%e?uires Fireware ,$ v==9=09; "r
hi her AP300 Firmware versi"n @ 590909='E/ indicat"r behavi"r chan es7different than AP=00> AP=05>
AP50086
P"wer and wireless indicat"rsalternately flash reen @ AP deviceis p"wered "n and ready t" bepaired
P"wer indicat"r sl"wly flashes reen@ A firmware up rade is in
pr" ress
2
7/25/2019 Whats-new Fireware v11!10!5
5/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
AP Firmware Availabilit a!ter "#grade(f y"u up rade y"ur Fireb". t" Fireware ,$ v==9=09; fr"m
v==9=093 "r l"wer> the Fireb". will n"t have the current APfirmware installed and available f"r all AP device m"dels $tartin in v==9=092> AP device firmware is installed in a different
partiti"n "n the Fireb". because "f increasin firmware ima esi:es
#ecause "f this chan e> when y"u up rade t" Firewarev==9=09;> y"u must run the up rade pr"cess twice t" c"rrectlyinstall the latest AP firmware "n y"ur Fireb".9
AP device firmware is als" n"t available after a fact"ry reset"f a Fireb".9 (f y"u reset y"ur Fireb".> y"u must use thepr"cess t" up rade y"ur Fireb". t" Fireware v==9=09; a ain9
;
7/25/2019 Whats-new Fireware v11!10!5
6/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
Fast $and%verEnc"ura es wireless clients that are r"amin between
WatchGuard AP devices t" disc"nnect fr"m their current APdevices and c"nnect t" an AP device with a str"n er si nalPrevents wireless clients fr"m maintainin their current APdevice c"nnecti"n> even when the si nal de rades as thewireless client m"ves farther awayses the %$$( 7%eceived $i nal $tren th (ndicat"r8 as athresh"ld t" indicate when a client sh"uld be enc"ura ed t"m"ve t" an AP device with a str"n er %$$( level
4
7/25/2019 Whats-new Fireware v11!10!5
7/28Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
Fast !and"ver is "nly supp"rted "n WatchGuard AP300
devices&"nfi ured "n the eneral Access P"int Settings tab/isabled by default
Fast $and%ver
7/25/2019 Whats-new Fireware v11!10!5
8/28Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
Fast $and%verWireless clients can have very different %$$( stren ths
dependin "n the manufacturerB y"u must set y"ur %$$(thresh"ld acc"rdin lyFast !and"ver will disc"nnect a client when %$$( thresh"ld isreached &hec+ y"ur envir"nment t" ma+e sure APs are in ran e f"r
hand"ver based "n y"ur thresh"lds
We rec"mmend that y"u "nly enable Fast !and"ver f"r APdevices in hi h-traffic density areas/" n"t enable Fast !and"ver "n adCacent AP devices that
als" have the #and $teerin feature enabled &lients steered t" the ;G!: band mi ht have a dr"p in %$$(
stren th that can result in disc"nnecti"ns because "f the Fast!and"ver %$$( thresh"ld
#l"c+> and uarantine acti"ns strip the attachmentbef"re the messa e is delivered
5=
55
7/25/2019 Whats-new Fireware v11!10!5
22/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
e!ault Fireb%2 )erti!icate "#grades$!A-= is bein deprecated by many p"pular web br"wsers>
and WatchGuard rec"mmends that y"u n"w use $!A-5;4certificatesNew certificate si nin re?uests 7&$%8 n"w use $!A-5;4 asthe default si nature hash al "rithmNewly enerated default Fireb". certificates use the $!A-5;4al "rithm with a 502
7/25/2019 Whats-new Fireware v11!10!5
23/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
e!ault Fireb%2 )erti!icate "#grades*he Pr".y $erver certificate is used f"r inb"und !**P$ with c"ntent inspecti"n and$ *P with *'$ inspecti"n9 *he Pr".y Auth"rity certificate is used f"r "utb"und!**P$ with c"ntent inspecti"n9 *he tw" certificates are lin+ed because the defaultPr".y $erver certificate is si ned by the default Pr".y Auth"rity certificate9"u can up rade the default Pr".y Auth"rity and Pr".y $erver certificates with theFireware &'(9
After y"u up rade> y"u must redistribute the new Pr".y Auth"rity certificate t"y"ur clients9
With"ut the new certificate> users will receive web br"wser warnin s when theybr"wse !**P$ sites> if c"ntent inspecti"n is enabled9
*here are special c"nsiderati"ns if y"u use a third-party Pr".y $erver certificate6 *he &'( c"mmand will n"t w"r+ unless y"u first delete the Pr".y Auth"rity
certificate9 *he &'( c"mmand will re enerate b"th the Pr".y $erver andPr".y Auth"rity default certificates9
(f y"u "ri inally used a third-party t""l t" create the &$%> y"u can simply re-imp"rt y"ur e.istin third-party certificate and private +ey9
(f y"u "ri inally created y"ur &$% fr"m the Fireb".> y"u must create a new&$% t" be si ned> and then imp"rt a new third-party certificate9
53
52
7/25/2019 Whats-new Fireware v11!10!5
24/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
e!ault Fireb%2 )erti!icate "#grades*" up rade the default Pr".y Auth"rity and Pr".y $erver
certificates f"r use with !**P$ c"ntent inspecti"n> y"u canuse the &'( c"mmand6 upgrade certificate proxy*" up rade the Fireb". web server certificate> use the &'(c"mmand6 upgrade certificate web*" up rade the $$')PN certificate> use the &'( c"mmand6upgrade certificate sslvpn
*" up rade the use the &'( c"mmand6upgrade certificate 8021x
52
5;
7/25/2019 Whats-new Fireware v11!10!5
25/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
3G4 G 6%dem 'u##%rtNew 3G12G $# m"dem supp"rted f"r m"dem fail"ver
"dem @ N"vatel 450' m"dem &arrier @ )eri:"n
5;
54
7/25/2019 Whats-new Fireware v11!10!5
26/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
*%g 6essages !%r (e#%rtsF"r traffic that is all"wed thr"u h Pac+et Filter p"licies> y"u
can n"w enable the Fireb". t" send l" messa es that are"nly used in rep"rts*hese l" messa es d" n"t appear in *raffic "nit"r "r '"ana er *" see l" messa es in *raffic "nit"r "r '" ana er fr"m aFireb". that runs Fireware ,$ v==9=09; "r hi her> y"u mustals" select the Send a log message chec+ b".
54
5
7/25/2019 Whats-new Fireware v11!10!5
27/28
Copyright 2015 WatchGuard Technologies, Inc. All Rights Reser ed
WatchGuard Training
'end *%g 6essages !%r (e#%rts*" enable y"ur Fireb".
t" send l" messa esthat are included inrep"rts6=9 Add "r edit a pac+et
filter p"licy
59 $elect #ogging >Send log messagefor re$orts
5
5
7/25/2019 Whats-new Fireware v11!10!5
28/28
WatchGuard Training
Than 7%u8