WatchGuard® is pleased to announce the release of WatchGuard XCS v9.2 Update 5


New Features and Enhancements

The WatchGuard XCS v9.2 Update 5 release provides these new features and enhancements.
Custom Quarantines
You can now create your own custom quarantine areas for specific types of quarantined messages. For example, you can create a quarantine specifically for messages quarantined because of a virus, or messages quarantined because they violate a Data Loss Prevention (DLP) policy rule.
When you create a custom quarantine, each message security feature that supports the quarantine option provides a quarantine action for the primary system quarantine and any defined custom quarantines. For example, you can create a custom quarantine called “Virus”, and then set the Anti-Virus feature action to use that quarantine action. All messages quarantined by the Anti-Virus feature will then appear in the “Quarantine: Virus” quarantine area.

Custom quarantines can be managed by a Tiered Administrator with the appropriate permissions. This allows you to assign administrators for specific quarantine areas. For example, for compliance purposes, you can assign a user the role of administrator for the DLP quarantine.

You can also configure independent message expiry options for each custom quarantines.

There are two default pre-defined quarantines:
•System — The primary system quarantine. All quarantined messages are stored here except messages stored in a custom quarantine.
•DLP — You can use the DLP quarantine to store messages quarantined by Data Loss Prevention features.

To add and configure a custom quarantine, select Activity > Queue/Quarantine > Custom Quarantines.

To view the contents of the system quarantine and any custom quarantines, select Activity > Queue/Quarantine > Message Quarantine.

DKIM (DomainKeys Identified Mail) Support

DKIM (DomainKeys Identified Mail) is an enhanced version of DomainKeys that provides a means for authenticating the source of an email by querying the sending domain’s DNS records and authenticating a unique domain name identifier. The protocol allows server administrators to add a digital signature to their emails which can be validated by looking at their DNS records. By verifying the signature in the headers of the email using the public key in the DNS record, the receiving host can verify that the email is originating from the legitimate mail server for that domain, and prevents spammers from sending forged emails.

As an enhancement to DomainKeys, DKIM offers additional parameters to the signing mechanism for enhanced security and spoofing protection, and allows authorized third-party signing of messages for a domain independent from the message author. When you use DKIM signing, you have the option of using ADSP (Author Domain Signing Practice). ADSP is an extension to DKIM where the domain name of the signing entity is included as part of the Author Domain Signature to prove that it is authorized to relay mail messages for the sending author address.

To configure DKIM authentication of inbound messages, select Security > Anti-Spam > DKIM Authentication.

DKIM signing can be applied independently to outbound messages based on policies. To enable DKIM signing of outbound message globally, select Configuration > Mail > DKIM/DomainKeys. You can then use policies to configure the signing policy for each domain. DKIM signing options appear in the Email tab of a policy. Sample DKIM DNS records are provided on the selector configuration page for DKIM and ADSP support.

The WatchGuard XCS supports DKIM RFC 6376 and RFC 5617.

Allowed HTTPS Proxy Ports List

You can now configure a list of non-standard HTTPS Proxy ports that are allowed through the Web Proxy. This option is available on the HTTP/S Proxy configuration page at Security > Configuration > HTTP/S Proxy. The standard HTTPS port 443 is included by default.

Web Proxy IP Authentication Redirect

When you use the Web Proxy IP Proxy or Portal Authentication modes, you can now choose to redirect to the authentication page using the hostname or IP address of the Web Proxy. Select Hostname if you use a CA-signed certificate on your system to prevent a certificate warning error in the client browser. Otherwise, use IP Address. You must make sure that you add the Web Proxy hostname or IP address to your local web browser’s proxy exclusion list to prevent a local proxy loop when you access the authentication page.

Download Problem Report

The Problem Report feature allows you to send important configuration and log information via email to WatchGuard Technical Support to help troubleshoot an existing support incident. You can now download a local copy of the report from the Problem Reporting configuration page at Support > Problem Reporting.

Pattern Filter ID Number Search in Message History

The advanced Message History search now allows you to search by Pattern Filter ID numbers when you select the “only show messages where PBMF is…” option.

You must also update your performance settings if you update the feature key with an XCSv model different than your evaluation model. To update your performance settings:
1.Select Configuration > Network > Performance.
2.From the Performance Option drop-down list, select Email scanning.
3.Click Apply.

Resolved Issues

This release contains a number of defect fixes for issues reported by WatchGuard customers. See the Resolved Issues section below for a complete list of resolved issues.

Tags: , , , ,

Comments are closed.

%d bloggers like this: