Proxy setup
You need to create a proxy action which defines functions such as exceptions, cache usage, user override passwords, alarms and logging requests and then link it to the profile. You can then create a firewall rule. This defines which interfaces the profile is to be applied to.
The same process is used by the POP3 proxy for the Commtouch hosted anti-spam service and in all cases you can apply IPS and gateway anti-virus to selected firewall rules. It takes a bit of practice but the proxies do provide a powerful and versatile set of security measures.
There's more as WatchGuard's application awareness controls specific apps such as Facebook. It can be linked with AD authentication so you can fine-tune social networking access on a per user basis and decide who can login, edit their profile, access web mail, use video, transfer files, play games or chat.
For wireless operations you can use either 2.4GHz b/g/n or 5GHz a/n and the appliance can present up to three SSIDs. The predefined guest SSID bridges with the WAN port for secure Internet access and can present a custom login portal with an AUP.
The appliance's web interface is well designed and provides plenty of performance graphs
The other two SSIDs can bridge with any of the five Gigabit ports but the rogue AP detection is of limited value as it disables all SSIDs when it's running. However, we found it worked well during testing and you can use a scheduler to run it outside working hours.
Reporting features
For full reporting you'll need to run the WatchGuard logging and reporting servers on a separate Windows host. They have a light footprint and we found they ran happily in the background on a basic Windows 7 PC. New reporting features include HIPAA and PCI compliancy reports plus audit trails.
WatchGuard includes its System Manager utilities for remotely managing multiple appliances. A new feature is the option to schedule feature key synchronisations, reboots and OS upgrades across groups of appliances.
The new Log and Report Manager provides more detailed information about network activity than previous versions
-
Dreamforce 2025 live: All the news and updates from on the ground in San FranciscoNews We're live on the ground in San Francisco for Dreamforce 2025 – keep tabs on all of our rolling coverage from the annual Salesforce conference.
-
GTIA charts new course with bold funding model and renewed purposeNews Emerging from its split from CompTIA, the GTIA says it is redefining what a trade association can be, backed by a perpetual endowment that frees it to invest as it likes in the channel
-
This new Android attack could let hackers swipe 2FA codes and snoop on private messages – ‘Pixnapping’ affects Samsung and Google smartphones, but experts warn more could be at riskNews Pixnapping allows attackers to steal two-factor authentication (2FA) codes, private messages, and even financial information.
