Upload
adrienne-burke
View
39
Download
5
Tags:
Embed Size (px)
DESCRIPTION
What’s New in WatchGuard Dimension v1.3. What’s New in Dimension v1.3. Dashboards New Top Zero-Day Malware (APT) widget in the Executive Dashboard All Security Dashboard widget names changed to begin with “Top Blocked” - PowerPoint PPT Presentation
Citation preview
What’s New in What’s New in WatchGuard Dimension v1.3WatchGuard Dimension v1.3
WatchGuard Training
What’s New in Dimension v1.3
Dashboards• New Top Zero-Day Malware (APT) widget in the Executive Dashboard
• All Security Dashboard widget names changed to begin with “Top Blocked”
• New Policy Map dashboard enables interactive policy audit and aggregated traffic flow analysis
• Threat Map supports IPv6 addresses Reports• New reports on Zero-Day Malware (APT) and Per-Client Detail (URL
Audit Detail report and WebAudit by Category Detail report)
• Summary reports for some Subscription Services include Allowed and Denied connections
• Updated names for some Dimension reports
• Collapsible report categories list
• Per Client reports separated into Summary and Detail categories with context-sensitive, collapsible search criteria
WatchGuard Training 22
What’s New in Dimension v1.3
Installation Updates• Add a VHDX hard disk for Hyper-V deployments
System Tasks• Consolidate the management of CA certificates trusted by Dimension
for outbound connections
• Option for easy shutdown of Dimension VM from Web UI
• Support for user names in Dimension Task History
WatchGuard Training 33
DashboardsDashboards
WatchGuard Training 44
Top Zero-Day Malware (APT) Widget
New Top Zero-Day Malware (APT) widget in the Executive Dashboard
Top Zero-Day Malware (APT) widget includes threats that were identified by APT Blocker as zero-day malware after they passed through the firewall.
These threats should be reviewed to determine whether they require action.
WatchGuard Training 55
New Security Dashboard Widget Names
WatchGuard Training 66
Security Dashboard widget names changed to begin with “Top Blocked”
New widget names:• Top Blocked Advanced
Malware (APT)
• Top Blocked Clients
• Top Blocked Destinations
• Top Blocked URL Categories
• Top Blocked Applications
• Top Blocked Application Categories
• Top Blocked Protocols
• Top Blocked Attacks
Policy Map — See Traffic Flow
Policy Map is an interactive report tool that aggregates and visualizes the traffic through your Firebox or XTM devices, FireClusters, and device groups to facilitate policy audits and traffic analysis.
Each traffic flow is defined by the unique path a connection takes internally through the device as it is processed by policies and configuration settings on the device.
WatchGuard Training 77
Policy Map — See Traffic Flow
WatchGuard Training 88
Policy Map — See Traffic Flow
To change the information in the map, from the map type drop-down list at the top-right of the page, select an option:• Policy Audit
• Subscription Services
• Web Audit
• Application Control
• Intrusions (IPS)
• Advanced Malware (APT)
• Data Loss Violations (DLP)
• Virus (GAV) From the pivot drop-down list at the top right of the page, select
an available pivot option:• Bytes (only available for some map types)
• Connections
WatchGuard Training 99
Policy Map — See Traffic Flow
Place your cursor over the traffic flow ribbon or columns to see the name of the node, number of flows, and number of connections.
WatchGuard Training 1010
Policy Map — See Traffic Flow
Click the traffic flow ribbon or columns to:• See the number of bytes and connections for the node.
• Filter Policy Map on the node.
• View connections for the Policy Map node.
WatchGuard Training 1111
Policy Map — See Traffic Flow
The filtered view of Policy Map only shows the connections passing through the selected node.
WatchGuard Training 1212
Policy Map — See Traffic Flow
In the breadcrumbs, select Policy Map to remove the filters and return to the complete Policy Map view.
WatchGuard Training 1313
IPv6 Addresses in Threat Map
WatchGuard Training 1414
You can now see IPv6 addresses in the Threat Map Dashboard
IPv6 addresses only appear in the map if there are connections from IPv6 addresses
ReportsReports
WatchGuard Training 1515
Report Enhancements
WatchGuard Training 1616
Zero-Day Malware (APT) reports are available in the Services, Detail, and PCI report categories
These reports include threats that were identified for each category by APT Blocker as zero-day malware after they passed through the firewall.
These threats should be reviewed to determine whether they require action.
Report Enhancements
Summary reports for some Subscription Services include Allowed and Denied connections• Gateway AntiVirus, APT Blocker, Data Loss Prevention, and Intrusion
Prevention Service Subscription Services reports include new columns to show data for both Allowed and Denied connections.
Updated names for some Dimension reports
WatchGuard Training 1717
Report Enhancements
On the Dimension Reports tab, you can now expand and collapse the report categories to see or hide the list of reports in each category.
WatchGuard Training 1818
Report Enhancements
WatchGuard Training 1919
Select a report category to expand or collapse that category.
Select Expand All or Collapse All to expand or collapse all the available categories
Report Enhancements
WatchGuard Training 2020
Per Client reports separated into Summary and Detail categories.
Search criteria section is collapsible and context-sensitive
Two new Per-Client reports (under Detail)• URL Audit Detail
• Web Audit by Category Detail
Installation UpdatesInstallation Updates
WatchGuard Training 2121
VHDX Support for Hyper-V
When you add a data disk to Dimension in Hyper-V 2012 and 2012 R2, you can now add a VHDX disk.
VHDX disks offer increased stability for your Hyper-V deployment. The VHDX disk can take slightly longer to deploy than the VHD
disk.
WatchGuard Training 2222
System TasksSystem Tasks
WatchGuard Training 2323
New Dimension System Tasks
Consolidate the management of CA certificates trusted by Dimension for outbound connections • From the Dimension System Settings > Status page, you can
generate a CSR file, import a web certificate, or manage all the CA certificates in Dimension.
Option to Shut Down Dimension VM from Web UI• From the System Settings > Status page, you can click Shut Down
to complete a clean shut down of the Dimension VM.
WatchGuard Training 2424
New Dimension System Tasks
WatchGuard Training 2525
Dimension Task History list now includes the user name for the user account that modifies the Dimension system settings.
Thank You!Thank You!
WatchGuard Training 2626