Proxy setup
You need to create a proxy action which defines functions such as exceptions, cache usage, user override passwords, alarms and logging requests and then link it to the profile. You can then create a firewall rule. This defines which interfaces the profile is to be applied to.
The same process is used by the POP3 proxy for the Commtouch hosted anti-spam service and in all cases you can apply IPS and gateway anti-virus to selected firewall rules. It takes a bit of practice but the proxies do provide a powerful and versatile set of security measures.
There's more as WatchGuard's application awareness controls specific apps such as Facebook. It can be linked with AD authentication so you can fine-tune social networking access on a per user basis and decide who can login, edit their profile, access web mail, use video, transfer files, play games or chat.
For wireless operations you can use either 2.4GHz b/g/n or 5GHz a/n and the appliance can present up to three SSIDs. The predefined guest SSID bridges with the WAN port for secure Internet access and can present a custom login portal with an AUP.
The appliance's web interface is well designed and provides plenty of performance graphs
The other two SSIDs can bridge with any of the five Gigabit ports but the rogue AP detection is of limited value as it disables all SSIDs when it's running. However, we found it worked well during testing and you can use a scheduler to run it outside working hours.
Reporting features
For full reporting you'll need to run the WatchGuard logging and reporting servers on a separate Windows host. They have a light footprint and we found they ran happily in the background on a basic Windows 7 PC. New reporting features include HIPAA and PCI compliancy reports plus audit trails.
WatchGuard includes its System Manager utilities for remotely managing multiple appliances. A new feature is the option to schedule feature key synchronisations, reboots and OS upgrades across groups of appliances.
The new Log and Report Manager provides more detailed information about network activity than previous versions
-
‘I don’t think this is on people’s radar’: AI could wipe out half of entry-level jobs in the next five years – and Anthropic CEO Dario Amodei thinks we're all burying our heads in the sandNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
AI security blunders have cyber professionals scramblingNews Growing AI security incidents have cyber teams fending off an array of threats
-
Nasuni bolsters executive team with triple leadership hireNews The vendor has named a new CPO, CIO, and CISO as it looks to expand its global footprint
